DATA RECORDING DEVICE, AND METHOD OF PROCESSING DATA RECORDING DEVICE
4 Assignments
0 Petitions
Accused Products
Abstract
A controller is provided with a controller key and a first controller identification information unique to the controller. The controller generates a controller unique key unique to a respective controller based on the controller key and the first controller identification information, and a second controller identification information based on the first controller identification information. A decryptor decrypts the encrypted medium device key using the controller unique key to obtain a medium device key. An authentication/key exchange process unit performs authentication/key exchange process with the host device through an interface unit using the medium device key, the medium device key certificate and the second controller identification information to establish a secure channel.
8 Citations
14 Claims
-
1. (canceled)
-
2. A host storing host key information, the host comprising:
a processor configured to generate a first random number, and send, to a medium, the first random number and the host certification information; receive, from the medium, a second random number, medium certification information, a first value, and unique ID information, the first value being calculated using a base point of an elliptic curve and a third random number, the unique ID information being generated by executing a one-way function calculation based on controller key information and controller identification information stored in the medium, the unique ID information being used in a signature process using medium key information; generate a fourth random number, and calculate a second value using the fourth random number and the base point of the elliptic curve; and generate shared key information based on the first value and the fourth random number, the shared key information being shared by a key exchange process between the host and the medium.
-
3. A host, comprising:
-
a processor configured to send a first random number and host certification information to a medium, receive a second random number, medium certification information, a value calculated using a third random number, and unique ID information from the medium, generate a fourth random number, and generate shared key information based on the fourth random number and the value, wherein the unique ID information is generated based on controller key information and controller identification information of the medium, and the unique ID information is used in a signature process using medium key information.
-
-
4. A host, comprising:
-
a processor configured to send host certificate information to a medium, verify signature information of medium certification information when receiving the medium certification information from the medium, and verify second signature information when receiving a value and the second signature information from the medium, wherein the value is calculated using a random number generated in the medium, the second signature information is generated by a signature process using a medium key information and information using unique ID information, and the unique ID information is generated based on controller key information and controller identification information.
-
-
5. An authentication system that performs authentication between a medium and a host, the system comprising:
-
the medium, including a memory storing medium key information, medium certification information, controller key information, and controller identification information, and a controller configured to control the memory; and the host, including a host memory that stores host key information and host certification information; and a processor configured to generate a first random number and send, to the medium, the first random number and the host certification information, wherein the controller is further configured to verify first signature information attached to the host certification information sent from the host, generate a second random number and a third random number, calculate a first value using the third random number and a base point of an elliptic curve, execute a one-way function calculation based on the controller key information and the controller identification information to generate unique ID information, perform a signature process for the first random number, the first value, and the unique ID information using the medium key information to generate second signature information, and send, to the host, the second signature information, the first random number different from the second signature information, the first value, the unique ID information, and the medium certificate information; and the host is configured to verify the second signature information sent from the medium. - View Dependent Claims (6, 7, 8, 9, 10, 11)
-
-
12. An authentication system, comprising:
-
a host that stores host certification information; and a medium that stores medium key information, medium certification information, controller key information, and controller identification information, wherein the host is configured to generate a first random number and send the first random number and the host certification information to the medium; and the medium is configured to verify first verification information attached to the host certification information sent from the host, generate a second random number and a third random number, calculate a first value using the third random number and a base point of an elliptic curve, execute a one-way function calculation based on the controller key information and the controller identification information to generate unique ID information, perform a signature process for the first random number, the first value, and the unique ID information using the medium key information to generate second signature information, and send, to the host, the second signature information, the first random number different from the second signature information, the first value, the unique ID information, and the medium certificate information.
-
-
13. A medium, comprising:
-
a memory that stores medium key information, medium certification information, controller key information, and controller identification information; and a controller that controls the memory, wherein when the medium receives a first random number and host certification information from a host, the medium verifies first signature information attached to the host certification information, when verification of the first signature information is judged as a success, the medium generates a second random number and a third random number, calculates a first value based on the third random number and a base point of an elliptic curve, executes a one-way function calculation based on the controller key information and the controller identification information to generate unique ID information, performs a signature process for the first random number, the first value, and the unique ID information using the medium key information to generate second signature information, and sends, to the host, the second signature information, the second random number different from the second signature information, the first value, the unique ID information, and the medium certificate information, and when verification of the first signature information is judged as a failure, further processing by the medium is ceased.
-
-
14. A medium, comprising:
-
a memory that stores medium key information, medium certification information, controller key information, and controller identification information; and a controller configured to control the memory, wherein when the medium receives a first random number and host certification information from a host, the medium verifies first signature information attached to the host certification information, and the medium generates a second random number and a third random number, calculates a first value based on the third random number and a base point of an elliptic curve, executes one-way function calculation based on the controller key information and the controller identification information to generate unique ID information, performs a signature process for the first random number, the first value, and the unique ID information using the medium key information to generate second signature information, and sends, to the host, the second signature information, the second random number different from the second signature information, the first value, the unique ID information, and the medium certificate information.
-
Specification