AUTHENTICATING SYSTEM, AUTHENTICATING METHOD, AND AUTHENTICATING PROGRAM
First Claim
1. An authenticating system for, with a client apparatus and a server apparatus connected via a communication line, executing an authentication of a user of said client apparatus by employing a hash algorithm, wherein:
- said client apparatus comprises;
an authenticating information inputter for inputting authentication information including identification information and a password of the user;
a client-side hash value creator for creating a first hash value from said authentication information by employing a first hash algorithm that corresponds to a first hash algorithm identifier transmitted from said server apparatus, and creating a second hash value from said first hash value and a random number transmitted from said server apparatus by employing said first hash algorithm; and
an authentication request manager for transmitting authentication request information for causing said server apparatus to start an authenticating process to said server apparatus, receiving said random number and said first hash algorithm identifier from said server apparatus, transmitting said identification information of the user input from said authentication information inputter and said second hash value to said server apparatus, and receiving an authentication result from said server apparatus; and
said server apparatus comprises;
a user information storage in which user information has been stored that includes a second hash algorithm identifier that respectively corresponds for each said identification information of the user, and a third hash value pre-created from the authentication information including said identification information and said password of the user by employing a second hash algorithm that corresponds to this hash algorithm identifier;
a random number creator for creating a random number;
a server-side hash value creator for creating a hash value; and
an authentication information manager for, upon receipt of said authentication request information from said client apparatus, causing said random number creator to create a random number, and transmitting said random number and said first hash algorithm identifier to said client apparatus, and for, upon receipt of said identification information of the user and said second hash value from said client apparatus, acquiring user information, which corresponds to this received identification information of the user, from said user information storage, determining whether or not said second hash algorithm identifier, which is included in said acquired user information, coincides with said first hash algorithm identifier, causing said server-side hash value creator to create a fourth hash value from a third hash value, which is included in said acquired user information, and said random number by employing said first hash algorithm in a case where it coincides, determining whether or not said second hash value coincides with said fourth hash value, transmitting the authentication result indicating that the authentication is successful to said client apparatus in a case where it coincides, and transmitting the authentication result indicating that the authentication is unsuccessful to said client apparatus in a case where it does not coincide.
1 Assignment
0 Petitions
Accused Products
Abstract
The present invention is an authenticating system including: a client (hereinafter, referred to as C) including a creator for, by employing a first hash algorithm (hereinafter, referred to as 1A), creating a first hash value (hereinafter, referred to as 1V) from authentication information including an ID and a password, and creating 2V from the 1V and a random number, and a receiver for receiving the random number and an 1A identifier from a server (hereinafter, referred to as S), transmitting the ID and the 2V to the S, and receiving an authentication result from the S; and the S including a storage for storing 3V created from the authentication information by employing an 2A identifier and the 2A ID by ID, and a device for transmitting the random number and the 1A identifier to a PC, receiving the ID and the 2V from the PC, determining whether the 2A identifier, which corresponds to the ID, coincides with the 1A identifier, creating 4V from the 3V and the random number by employing the 1A in a case where it coincides, determining whether the 2V coincides with the 4V, transmitting the effect that the authentication is successful to the PC in a case where it coincides, and transmitting the effect that the authentication is unsuccessful to the PC in a case where it does not coincide. Even in a case where a hash algorithm (hereinafter, referred to as A) that is used in the authentication system is changed, employing such a configuration enables the system to be successively utilized.
-
Citations
9 Claims
-
1. An authenticating system for, with a client apparatus and a server apparatus connected via a communication line, executing an authentication of a user of said client apparatus by employing a hash algorithm, wherein:
-
said client apparatus comprises; an authenticating information inputter for inputting authentication information including identification information and a password of the user; a client-side hash value creator for creating a first hash value from said authentication information by employing a first hash algorithm that corresponds to a first hash algorithm identifier transmitted from said server apparatus, and creating a second hash value from said first hash value and a random number transmitted from said server apparatus by employing said first hash algorithm; and an authentication request manager for transmitting authentication request information for causing said server apparatus to start an authenticating process to said server apparatus, receiving said random number and said first hash algorithm identifier from said server apparatus, transmitting said identification information of the user input from said authentication information inputter and said second hash value to said server apparatus, and receiving an authentication result from said server apparatus; and said server apparatus comprises; a user information storage in which user information has been stored that includes a second hash algorithm identifier that respectively corresponds for each said identification information of the user, and a third hash value pre-created from the authentication information including said identification information and said password of the user by employing a second hash algorithm that corresponds to this hash algorithm identifier; a random number creator for creating a random number; a server-side hash value creator for creating a hash value; and an authentication information manager for, upon receipt of said authentication request information from said client apparatus, causing said random number creator to create a random number, and transmitting said random number and said first hash algorithm identifier to said client apparatus, and for, upon receipt of said identification information of the user and said second hash value from said client apparatus, acquiring user information, which corresponds to this received identification information of the user, from said user information storage, determining whether or not said second hash algorithm identifier, which is included in said acquired user information, coincides with said first hash algorithm identifier, causing said server-side hash value creator to create a fourth hash value from a third hash value, which is included in said acquired user information, and said random number by employing said first hash algorithm in a case where it coincides, determining whether or not said second hash value coincides with said fourth hash value, transmitting the authentication result indicating that the authentication is successful to said client apparatus in a case where it coincides, and transmitting the authentication result indicating that the authentication is unsuccessful to said client apparatus in a case where it does not coincide. - View Dependent Claims (2, 3)
-
-
4. An authenticating method of, with a client apparatus and a server apparatus connected via a communication line, executing an authentication of a user of said client apparatus by employing a hash algorithm, wherein:
-
an authentication request manager in said client apparatus transmits authentication request information for causing said server apparatus to start an authenticating process to said server apparatus; an authentication information manager in said server apparatus, upon receipt of said authentication request information from said client apparatus, causes a random number creator in said server apparatus to create a random number, and transmits said random number and a predetermined first hash algorithm identifier to said client apparatus; said authentication request manager in said client apparatus receives said random number and said first hash algorithm identifier from said server apparatus; an authentication information inputter in said client apparatus inputs authentication information including identification information and a password of the user; a client-side hash value creator in said client apparatus creates a first hash value from said authentication information by employing a first hash algorithm that corresponds to said first hash algorithm identifier, and creates a second hash value from said first hash value and said random number by employing said first hash algorithm; said authentication request manager in said client apparatus transmits said identification information of the user and said second hash value to said server apparatus; said authentication information manager in said server apparatus, upon receipt of said identification information of the user and said second hash value from said client apparatus, acquires user information that corresponds to this received identification information of the user from a user information storage in which user information has been pre-stored that includes a second hash algorithm identifier that respectively corresponds for each said identification information of the user, and a third hash value pre-created from the authentication information including said identification information and said password of the user by employing a second hash algorithm that corresponds to this hash algorithm identifier, determines whether or not said second hash algorithm identifier, which is included in said acquired user information, coincides with said first hash algorithm identifier, causes a server-side hash value creator in said server apparatus to create a fourth hash value from a third hash value, which is included in said acquired user information, and said random number by employing said first hash algorithm in a case where it coincides, determines whether or not said second hash value coincides with said fourth hash value, transmits the authentication result indicating that the authentication is successful to said client apparatus in a case where it coincides, and transmits the authentication result indicating that the authentication is unsuccessful to said client apparatus in a case where it does not coincide; and said authentication request manager in said client apparatus receives the authentication result from said server apparatus. - View Dependent Claims (5, 6)
-
-
7. An authenticating program for causing a client apparatus and a server apparatus connected via a communication line to execute an authentication of a user of said client apparatus by employing a hash algorithm, said authenticating program causing:
-
said client apparatus to function as; an authentication information inputter for inputting authentication information including identification information and a password of the user; a client-side hash value creator for creating a first hash value from said authentication information by employing a first hash algorithm that corresponds to a first hash algorithm identifier transmitted from said server apparatus, and creating a second hash value from said first hash value and a random number transmitted from said server apparatus by employing said first hash algorithm; and an authentication request manager for transmitting authentication request information for causing said server apparatus to start an authenticating process to said server apparatus, receiving said random number and said first hash algorithm identifier from said server apparatus, transmitting said identification information of the user input from said authentication information inputter and said second hash algorithm to said server apparatus, and receiving an authentication result from said server apparatus; and said server apparatus to function as; a random number creator for creating a random number; a server-side hash value creator for creating a hash value; and an authentication information manager for, upon receipt of said authentication request information from said client apparatus, causing said random number creator to create a random number, and transmitting said random number and a predetermined first hash algorithm identifier to said client apparatus, and for, upon receipt of said identification information of the user and said second hash value from said client apparatus, acquiring said user information, which corresponds to this received identification information of the user, from a user information storage in which user information has been stored that includes a second hash algorithm identifier that respectively corresponds for each said identification information of the user, and a third hash value pre-created from the authentication information including said identification information and said password of the user by employing the second hash algorithm that corresponds to this hash algorithm identifier, determining whether or not said second hash algorithm identifier, which is included in said acquired user information, coincides with said first hash algorithm identifier, causing said server-side hash value creator to create a fourth hash value from a third hash value, which is included in said acquired user information, and said random number by employing said first hash algorithm in a case where it coincides, determining whether or not said second hash value coincides with said fourth hash value, transmitting the authentication result indicating that the authentication is successful to said client apparatus in a case where it coincides, and transmitting the authentication result indicating that the authentication is unsuccessful to said client apparatus in a case where it does not coincide. - View Dependent Claims (8, 9)
-
Specification