Device authentication system

US 20070083750A1
Filed: 08/30/2004
Published: 04/12/2007
Est. Priority Date: 09/03/2003
Status: Active Grant

First Claim

Patent Images

1. A device authentication system comprising a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server;

wherein said device authentication server authenticates said terminal device by checking that server-specific information generated by said device authentication server is correctly encrypted by said terminal device using said secret information, whereas said terminal device authenticates said device authentication server by checking that terminal-specific information generated by said terminal device and encrypted using said secret information is correctly decrypted by said device authentication server;

wherein either said terminal device or said device authentication server generates a session key following the authentication, encrypts said session key using said secret information, and transmits the encrypted session key to the other device so as to share said session key therebetween;

wherein said device authentication server using said session key encrypts certificate information for certifying that said terminal device has been authenticated and transmits the encrypted certificate information to said terminal device;

wherein said terminal device acquires said certificate information sent from said device authentication server by decrypting said encrypted certificate information using said session key, and transmits the acquired certificate information to said service server; and

wherein said service server receives said certificate information from said terminal device and transmits the received certificate information to said device authentication server prompting said device authentication server to check that said certificate information is valid.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed herein is a device authentication system capable of authenticating devices efficiently using the common key system. When a CE device requests service offerings from a service server, the service server in turn requests the CE device to be authenticated by a device authentication server. Given the request, the CE device causes the device authentication server to perform device authentication on that device and transmits the result of the device authentication to the service server. Upon receipt of the device authentication result from the CE device, the service server causes the device authentication server to check that the authentication has been performed correctly and then starts offering services to the CE device. The CE device and device authentication server share a pass phrase, and each of the two parties checks that the other party indeed retains the pass phrase for mutual authentication.

106 Citations

33 Claims

1. A device authentication system comprising a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server;
- wherein said device authentication server authenticates said terminal device by checking that server-specific information generated by said device authentication server is correctly encrypted by said terminal device using said secret information, whereas said terminal device authenticates said device authentication server by checking that terminal-specific information generated by said terminal device and encrypted using said secret information is correctly decrypted by said device authentication server;
  
  wherein either said terminal device or said device authentication server generates a session key following the authentication, encrypts said session key using said secret information, and transmits the encrypted session key to the other device so as to share said session key therebetween;
  
  wherein said device authentication server using said session key encrypts certificate information for certifying that said terminal device has been authenticated and transmits the encrypted certificate information to said terminal device;
  
  wherein said terminal device acquires said certificate information sent from said device authentication server by decrypting said encrypted certificate information using said session key, and transmits the acquired certificate information to said service server; and
  
  wherein said service server receives said certificate information from said terminal device and transmits the received certificate information to said device authentication server prompting said device authentication server to check that said certificate information is valid.
- View Dependent Claims (2, 3, 4)
- - 2. The device authentication system according to claim 1, wherein said service server offers said services to said terminal device after causing said device authentication server to check that said certificate information sent from said terminal device is valid.
  - 3. The device authentication system according to claim 1, wherein said certificate information includes identification information with which said device authentication server identifies a result of the device authentication of said terminal device, and encrypted identification information generated by encrypting said identification information using a server key specific to said device authentication server;
    - and wherein said device authentication server using said server key decrypts said certificate information received from said service server so as to acquire said encrypted identification information included in said certificate information, and determines whether said certificate information is valid by checking that the acquired identification information coincides with the identification information included in the received certificate information.
  - 4. The device authentication system according to claim 1, wherein either said terminal device or said device authentication server generates a second session key, encrypts said second session key using said secret information, and transmits the encrypted session key to the other device so as to share said second session key therebetween;
    - wherein said device authentication server converts said certificate information through a predetermined procedure using said second session key into detection information for detecting that said certificate information was not corrupted during communication, and transmits said detection information generated by the conversion to said terminal device; and
      
      wherein said terminal device converts said acquired certificate information through said predetermined procedure using said second session key into detection information, and determines whether said received certificate information is not corrupted by checking that said detection information generated by the conversion coincides with the detection information received from said device authentication server.

5. A device authentication server used in a device authentication system including a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server, said device authentication server comprising:
- request accepting means for accepting a request for device authentication from said terminal device;
  
  server-specific information transmitting means for transmitting server-specific information generated by said device authentication server to said terminal device from which said request is accepted;
  
  encrypted server-specific information receiving means for receiving from said terminal device said server-specific information encrypted by use of said secret information;
  
  device authenticating means for authenticating said terminal device by checking that the encrypted server-specific information received is correctly decrypted using said secret information;
  
  session key acquiring means for acquiring a session key to be shared with said terminal device, said session key being acquired either by receiving said session key from said terminal device in encrypted form based on said secret key in order to decrypt the received session key using said secret key, or by generating said session key and encrypting the generated session key using said secret key before transmitting the encrypted session key to said terminal device;
  
  certificate information transmitting means for transmitting to said terminal device certificate information for certifying that said terminal device has been authenticated by said device authenticating means, said certificate information being encrypted using the acquired session key for the transmission; and
  
  certificate information receiving means for receiving said certificate information from said service server which has acquired said certificate information from said terminal device.
- View Dependent Claims (6, 7, 8, 9, 10)
- - 6. The device authentication server according to claim 5, further comprising check result transmitting means for checking that said certificate information sent from said service server is valid and for transmitting a result of the check to said service server.
  - 7. The device authentication server according to claim 5, further comprising:
    - terminal-specific information receiving means for receiving from said terminal device terminal-specific information generated by said terminal device and encrypted using said secret information; and
      
      terminal-specific information transmitting means for transmitting to said terminal device said terminal-specific information acquired by decrypting the received terminal-specific information using said secret information.
  - 8. The device authentication server according to claim 6, wherein said certificate information includes identification information which identifies the result of the device authentication of said terminal device, and encrypted identification information generated by encrypting said identification information using a specific server key, said device authentication server further comprising:
    - encrypted identification information decrypting means for decrypting said encrypted identification information using said server key, said encrypted identification information being included in said certificate information received from said service server;
      
      determining means for determining whether the decrypted identification information coincides with the identification information included in the received certificate information; and
      
      device authentication result identifying means for identifying the result of the device authentication using the identification information determined earlier;
      
      wherein said check result transmitting means transmits said result of said device authentication identified by said device authentication result identifying means.
  - 9. The device authentication server according to claim 5, further comprising:
    - second session key acquiring means for acquiring a second session key to be shared with said terminal device, said second session key being acquired either by receiving said second session key from said terminal device in encrypted form based on said secret key in order to decrypt the received second session key using said secret key, or by generating said second session key and encrypting the generated second session key using said secret key before transmitting the encrypted second session key to said terminal device; and
      
      detection information generating means for generating detection information for detecting that said certificate information was not corrupted during communication, said detection information being generated by conversion from said certificate information through a predetermined procedure using said second session key;
      
      wherein said certificate information transmitting means transmits said detection information generated by said detection information generating means to said terminal device together with said certificate information.
  - 10. The device authentication server according to claim 5, further comprising:
    - correspondence storing means for storing a correspondence between a device ID of said terminal device and the secret information stored by said terminal device;
      
      device ID receiving means for receiving the device ID from the terminal device from which said request has been accepted; and
      
      secret information identifying means for identifying the secret information corresponding to said device ID by searching for the received device ID through said correspondence storing means;
      
      wherein said device authenticating means encrypts said server-specific information using the identified secret information.

11. A terminal device used in a device authentication system including a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server, said terminal device comprising:
- requesting means for requesting device authentication from said device authentication server;
  
  encrypted server-specific information transmitting means for transmitting to said device authentication server server-specific information sent from said device authentication server in response to said request, said server-specific information being encrypted using said secret information for the transmission;
  
  session key acquiring means for acquiring a session key to be shared with said device authentication server, said session key being acquired either by receiving said session key from said device authentication server in encrypted form based on said secret key in order to decrypt the received session key using said secret key, or by generating said session key and encrypting the generated session key using said secret key before transmitting the encrypted session key to said device authentication server;
  
  certificate information receiving means for receiving from said device authentication server certificate information for certifying that said terminal device has been authenticated by said device authentication server, said certificate information being encrypted using said session key; and
  
  certificate information transmitting means for transmitting the received certificate information to said service server after decrypting the encrypted certificate information using said session key.
- View Dependent Claims (12, 13)
- - 12. The terminal device according to claim 11, further comprising:
    - terminal-specific information transmitting means for transmitting to said device authentication server terminal-specific information generated and encrypted using said secret information; and
      
      server authenticating means for authenticating said device authenticating server by checking that the transmitted terminal-specific information has been decrypted by said device authentication server.
  - 13. The terminal device according to claim 11, further comprising:
    - second session key acquiring means for acquiring a second session key to be shared with said device authentication server, said second session key being acquired either by receiving said second session key from said device authentication server in encrypted form based on said secret key in order to decrypt the received second session key using said secret key, or by generating said second session key and encrypting the generated second session key using said secret key before transmitting the encrypted second session key to said device authentication server;
      
      detection information receiving means for receiving from said device authentication server detection information for detecting that said certificate information was not corrupted during communication, said detection information being generated by conversion from said certificate information through a predetermined procedure using said second session key;
      
      detection information generating means for generating detection information by conversion from the received certificate information through said predetermined procedure using the acquired second session key; and
      
      determining means for determining whether said received certificate information is not corrupted by checking that the generated detection information coincides with the received detection information.

14. A device authentication method for use with a device authentication server used in a device authentication system including a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server;
- wherein said device authentication server includes request accepting means, server-specific information transmitting means, encrypted server-specific information receiving means, device authenticating means, session key acquiring means, certificate information transmitting means, and certificate information receiving means, said device authentication method comprising the steps of;
  
  causing said request accepting means to accept a request for device authentication from said terminal device;
  
  causing said server-specific information transmitting means to transmit server-specific information generated by said device authentication server to said terminal device from which said request is accepted;
  
  causing said encrypted server-specific information receiving means to receive from said terminal device said server-specific information encrypted by use of said secret information;
  
  causing said device authenticating means to authenticate said terminal device by checking that the encrypted server-specific information received is correctly decrypted using said secret information;
  
  causing said session key acquiring means to acquire a session key to be shared with said terminal device, said session key being acquired either by receiving said session key from said terminal device in encrypted form based on said secret key in order to decrypt the received session key using said secret key, or by generating said session key and encrypting the generated session key using said secret key before transmitting the encrypted session key to said terminal device;
  
  causing said certificate information transmitting means to transmit to said terminal device certificate information for certifying that said terminal device has been authenticated by said device authenticating means, said certificate information being encrypted using the acquired session key for the transmission; and
  
  causing said certificate information receiving means to receive said certificate information from said service server which has acquired said certificate information from said terminal device.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The device authentication method according to claim 14, wherein said device authentication server includes check result transmitting means, said device authentication method further comprising the step of causing said check result transmitting means to check that said certificate information is valid and to transmit a result of the check to said service server.
  - 16. The device authentication method according to claim 14, wherein said device authentication server includes terminal-specific information receiving means and terminal-specific information transmitting means, said device authentication method further comprising the steps of:
    - causing said terminal-specific information receiving means to receive from said terminal device terminal-specific information generated by said terminal device and encrypted using said secret information; and
      
      causing said terminal-specific information transmitting means to transmit to said terminal device said terminal-specific information acquired by decrypting the received terminal-specific information using said secret information.
  - 17. The device authentication method according to claim 15, wherein said device authentication server includes encrypted identification information decrypting means, determining means, and device authentication result identifying means;
    - and wherein said certificate information includes identification information which identifies the result of the device authentication of said terminal device, and encrypted identification information generated by encrypting said identification information using a specific server key, said device authentication method further comprising the steps of;
      
      causing said encrypted identification information decrypting means to decrypt said encrypted identification information using said server key, said encrypted identification information being included in said certificate information received from said service server;
      
      causing said determining means to determine whether the decrypted identification information coincides with the identification information included in the received certificate information; and
      
      causing said device authentication result identifying means to identify the result of the device authentication using the identification information determined earlier;
      
      wherein said check result transmitting step transmits said result of said device authentication identified in said device authentication result identifying step.
  - 18. The device authentication method according to claim 14, wherein said device authentication server includes second session key acquiring means and detection information generating means, said device authentication method further comprising the steps of:
    - causing said second session key acquiring means to acquire a second session key to be shared with said terminal device, said second session key being acquired either by receiving said second session key from said terminal device in encrypted form based on said secret key in order to decrypt the received second session key using said secret key, or by generating said second session key and encrypting the generated second session key using said secret key before transmitting the encrypted second session key to said terminal device; and
      
      causing said detection information generating means to generate detection information for detecting that said certificate information was not corrupted during communication, said detection information being generated by conversion from said certificate information through a predetermined procedure using said second session key;
      
      wherein said certificate information transmitting step transmits said detection information generated in said detection information generating step to said terminal device together with said certificate information.
  - 19. The device authentication method according to claim 14, wherein said device authentication server includes correspondence storing means for storing a correspondence between a device ID of said terminal device and the secret information stored by said terminal device, device ID receiving means, and secret information identifying means, said device authentication method further comprising the steps of:
    - causing said device ID receiving means to receive the device ID from the terminal device from which said request has been accepted; and
      
      causing said secret information identifying means to identify the secret information corresponding to said device ID by searching for the received device ID through said correspondence storing means;
      
      wherein said device authenticating step encrypts said server-specific information using the identified secret information.

20. A device authentication method for use with a terminal device used in a device authentication system including a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server;
- wherein said terminal device includes requesting means, encrypted server-specific information transmitting means, session key acquiring means, certificate information receiving means, and certificate information transmitting means, said device authentication method comprising the steps of;
  
  causing said requesting means to request device authentication from said device authentication server;
  
  causing said encrypted server-specific information transmitting means to transmit to said device authentication server server-specific information sent from said device authentication server in response to said request, said server-specific information being encrypted using said secret information for the transmission;
  
  causing said session key acquiring means to acquire a session key to be shared with said device authentication server, said session key being acquired either by receiving said session key from said device authentication server in encrypted form based on said secret key in order to decrypt the received session key using said secret key, or by generating said session key and encrypting the generated session key using said secret key before transmitting the encrypted session key to said device authentication server;
  
  causing said certificate information receiving means to receive from said device authentication server certificate information for certifying that said terminal device has been authenticated by said device authentication server, said certificate information being encrypted using said session key; and
  
  causing said certificate information transmitting means to transmit the received certificate information to said service server after decrypting the encrypted certificate information using said session key.
- View Dependent Claims (21, 22)
- - 21. The device authentication method according to claim 20, wherein said terminal device includes terminal-specific information transmitting means and server authenticating means, said device authentication method further comprising the steps of:
    - causing said terminal-specific information transmitting means to transmit to said device authentication server terminal-specific information generated and encrypted using said secret information; and
      
      causing said server authenticating means to authenticate said device authenticating server by checking that the transmitted terminal-specific information has been decrypted by said device authentication server.
  - 22. The device authentication method according to claim 20, wherein said terminal device includes second session key acquiring means, detection information receiving means, detection information generating means, and determining means, said device authentication method further comprising the steps of:
    - causing said second session key acquiring means to acquire a second session key to be shared with said device authentication server, said second session key being acquired either by receiving said second session key from said device authentication server in encrypted form based on said secret key in order to decrypt the received second session key using said secret key, or by generating said second session key and encrypting the generated second session key using said secret key before transmitting the encrypted second session key to said device authentication server;
      
      causing said detection information receiving means to receive from said device authentication server detection information for detecting that said certificate information was not corrupted during communication, said detection information being generated by conversion from said certificate information through a predetermined procedure using said second session key;
      
      causing said detection information generating means to generate detection information by conversion from the received certificate information through said predetermined procedure using the acquired second session key; and
      
      causing said determining means to determine whether said received certificate information is not corrupted by checking that the generated detection information coincides with the received detection information.

23. A device authentication program for operating a device authentication server constituted by a computer and used in a device authentication system including a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server, said program causing said computer to carry out a procedure comprising:
- a request accepting function of accepting a request for device authentication from said terminal device;
  
  a server-specific information transmitting function of transmitting server-specific information generated by said device authentication server to said terminal device from which said request is accepted;
  
  an encrypted server-specific information receiving function of receiving from said terminal device said server-specific information encrypted by use of said secret information;
  
  a device authenticating function of authenticating said terminal device by checking that the encrypted server-specific information received is correctly decrypted using said secret information;
  
  a session key acquiring function of acquiring a session key to be shared with said terminal device, said session key being acquired either by receiving said session key from said terminal device in encrypted form based on said secret key in order to decrypt the received session key using said secret key, or by generating said session key and encrypting the generated session key using said secret key before transmitting the encrypted session key to said terminal device;
  
  a certificate information transmitting function of transmitting to said terminal device certificate information for certifying that said terminal device has been authenticated by said device authenticating means, said certificate information being encrypted using the acquired session key for the transmission; and
  
  a certificate information receiving function of receiving said certificate information from said service server which has acquired said certificate information from said terminal device.
- View Dependent Claims (24, 25, 26, 27, 28)
- - 24. The device authentication program according to claim 23, wherein said procedure carried out on said computer further comprises a check result transmitting function of checking that said certificate information is valid and of transmitting a result of the check to said service server.
  - 25. The device authentication program according to claim 23, wherein said procedure carried out on said computer further comprises:
    - a terminal-specific information receiving function of receiving from said terminal device terminal-specific information generated by said terminal device and encrypted using said secret information; and
      
      a terminal-specific information transmitting function of transmitting to said terminal device said terminal-specific information acquired by decrypting the received terminal-specific information using said secret information.
  - 26. The device authentication program according to claim 24, wherein said certificate information includes identification information which identifies the result of the device authentication of said terminal device, and encrypted identification information generated by encrypting said identification information using a specific server key, said procedure further comprising:
    - an encrypted identification information decrypting function of decrypting said encrypted identification information using said server key, said encrypted identification information being included in said certificate information received from said service server;
      
      a determining function of determining whether the decrypted identification information coincides with the identification information included in the received certificate information; and
      
      a device authentication result identifying function of identifying the result of the device authentication using the identification information determined earlier;
      
      wherein said check result transmitting function transmits said result of said device authentication identified by said device authentication result identifying function.
  - 27. The device authentication program according to claim 23, wherein said procedure further comprises:
    - a second session key acquiring function of acquiring a second session key to be shared with said terminal device, said second session key being acquired either by receiving said second session key from said terminal device in encrypted form based on said secret key in order to decrypt the received second session key using said secret key, or by generating said second session key and encrypting the generated second session key using said secret key before transmitting the encrypted second session key to said terminal device; and
      
      a detection information generating function of generating detection information for detecting that said certificate information was not corrupted during communication, said detection information being generated by conversion from said certificate information through a predetermined procedure using said second session key;
      
      wherein said certificate information transmitting function transmits said detection information generated by said detection information generating function to said terminal device together with said certificate information.
  - 28. The device authentication program according to claim 23, wherein said procedure further comprises:
    - a correspondence storing function of storing a correspondence between a device ID of said terminal device and the secret information stored by said terminal device;
      
      a device ID receiving function of receiving the device ID from the terminal device from which said request has been accepted; and
      
      a secret information identifying function of identifying the secret information corresponding to said device ID by searching for the received device ID through said correspondence storing means;
      
      wherein said device authenticating function encrypts said server-specific information using the identified secret information.

29. A device authentication program for operating a terminal device constituted by a computer and used in a device authentication system including a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server, said device authentication program causing said computer to carry out a procedure comprising:
- a requesting function of requesting device authentication from said device authentication server;
  
  an encrypted server-specific information transmitting function of transmitting to said device authentication server server-specific information sent from said device authentication server in response to said request, said server-specific information being encrypted using said secret information for the transmission;
  
  a session key acquiring function of acquiring a session key to be shared with said device authentication server, said session key being acquired either by receiving said session key from said device authentication server in encrypted form based on said secret key in order to decrypt the received session key using said secret key, or by generating said session key and encrypting the generated session key using said secret key before transmitting the encrypted session key to said device authentication server;
  
  a certificate information receiving function of receiving from said device authentication server certificate information for certifying that said terminal device has been authenticated by said device authentication server, said certificate information being encrypted using said session key; and
  
  a certificate information transmitting function of transmitting the received certificate information to said service server after decrypting the encrypted certificate information using said session key.
- View Dependent Claims (30, 31)
- - 30. The device authentication program according to claim 29, wherein said procedure further comprises:
    - a terminal-specific information transmitting function of transmitting to said device authentication server terminal-specific information generated and encrypted using said secret information; and
      
      a server authenticating function of authenticating said device authenticating server by checking that the transmitted terminal-specific information has been decrypted by said device authentication server.
  - 31. The device authentication program according to claim 29, wherein said procedure further comprises:
    - a second session key acquiring function of acquiring a second session key to be shared with said device authentication server, said second session key being acquired either by receiving said second session key from said device authentication server in encrypted form based on said secret key in order to decrypt the received second session key using said secret key, or by generating said second session key and encrypting the generated second session key using said secret key before transmitting the encrypted second session key to said device authentication server;
      
      a detection information receiving function of receiving from said device authentication server detection information for detecting that said certificate information was not corrupted during communication, said detection information being generated by conversion from said certificate information through a predetermined procedure using said second session key;
      
      a detection information generating function of generating detection information by conversion from the received certificate information through said predetermined procedure using the acquired second session key; and
      
      a determining function of determining whether said received certificate information is not corrupted by checking that the generated detection information coincides with the received detection information.

32. A storage medium which stores in computer-readable fashion a device authentication program for operating a device authentication server constituted by a computer and used in a device authentication system including a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server, said program causing said computer to carry out a procedure comprising:
- a request accepting function of accepting a request for device authentication from said terminal device;
  
  a server-specific information transmitting function of transmitting server-specific information generated by said device authentication server to said terminal device from which said request is accepted;
  
  an encrypted server-specific information receiving function of receiving from said terminal device said server-specific information encrypted by use of said secret information;
  
  a device authenticating function of authenticating said terminal device by checking that the encrypted server-specific information received is correctly decrypted using said secret information;
  
  a session key acquiring function of acquiring a session key to be shared with said terminal device, said session key being acquired either by receiving said session key from said terminal device in encrypted form based on said secret key in order to decrypt the received session key using said secret key, or by generating said session key and encrypting the generated session key using said secret key before transmitting the encrypted session key to said terminal device;
  
  a certificate information transmitting function of transmitting to said terminal device certificate information for certifying that said terminal device has been authenticated by said device authenticating means, said certificate information being encrypted using the acquired session key for the transmission; and
  
  a certificate information receiving function of receiving said certificate information from said service server which has acquired said certificate information from said terminal device.

33. A storage medium which stores in computer-readable fashion a device authentication program for operating a terminal device constituted by a computer and used in a device authentication system including a terminal device which stores predetermined secret information, a device authentication server which stores said secret information and authenticates said terminal device, and a service server which offers services to said terminal device authenticated by said device authentication server, said device authentication program causing said computer to carry out a procedure comprising:
- a requesting function of requesting device authentication from said device authentication server;
  
  an encrypted server-specific information transmitting function of transmitting to said device authentication server server-specific information sent from said device authentication server in response to said request, said server-specific information being encrypted using said secret information for the transmission;
  
  a session key acquiring function of acquiring a session key to be shared with said device authentication server, said session key being acquired either by receiving said session key from said device authentication server in encrypted form based on said secret key in order to decrypt the received session key using said secret key, or by generating said session key and encrypting the generated session key using said secret key before transmitting the encrypted session key to said device authentication server;
  
  a certificate information receiving function of receiving from said device authentication server certificate information for certifying that said terminal device has been authenticated by said device authentication server, said certificate information being encrypted using said session key; and
  
  a certificate information transmitting function of transmitting the received certificate information to said service server after decrypting the encrypted certificate information using said session key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sony Corporation (Sony Group Corp.)
Original Assignee
Sony Corporation (Sony Group Corp.)
Inventors
Miura, Takayuki, Abe, Jouji, Kusakawa, Masafumi, Shirai, Taizo

Granted Patent

US 7,797,532 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/155
CPC Class Codes

G06F 21/445   by mutual authentication, e...

G06F 2221/2129   Authenticate client device ...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/0807   using tickets, e.g. Kerbero...

H04L 63/0869   for achieving mutual authen...

Device authentication system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

106 Citations

33 Claims

Specification

Solutions

Use Cases

Quick Links

Device authentication system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

106 Citations

33 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links