AUTHENTICATION METHOD, AUTHENTICATION DEVICE, AUTHENTICATION TARGET DEVICE AND IMAGE FORMING APPARATUS
First Claim
1. An authentication method performed bya first device configured to retain, among n×
- m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value, anda second device configured to retain an authentication identifier and retain n authentication keys generated based on the authentication identifier and each of n original keys in which values of the second identifiers are a same second value among the n×
m original keys,the method comprising;
selecting, at the first device, an original key in which the first identifier has the first value and the second identifier has the second value based on the second value acquired from the second device, from the m original keys and generating, at the first device, an authentication key based on the selected original key and the authentication identifier acquired from the second device;
selecting, at the second device, an authentication key generated from the original key in which the first identifier has the first value and the second identifier has the second value based on the first value acquired from the first device, from the n authentication keys;
generating, at an authentication target device that is one of the first device and the second device, response data based on challenge data acquired from an authentication device that is the other of the first device and the second device and the authentication key generated or selected by the authentication target device, and notifying, by the authentication target device, the generated response data to the authentication device;
generating, at the authentication device, verification data based on the challenge data and the authentication key generated or selected by the authentication device; and
authenticating, at the authentication device, the authentication target device by comparing the verification data with the response data.
1 Assignment
0 Petitions
Accused Products
Abstract
An authentication method includes: at a first device, selecting an original key in which a first identifier has a first value and a second identifier has a second value from m original keys and generating an authentication key based on the selected original key and the authentication identifier; at a second device, selecting an authentication key generated from the original key in which the first identifier has the first value and the second identifier has the second value from n authentication keys, generating response data based on challenge data and the authentication key, and notifying the generated response data to the first device; at the first device, generating verification data based on the challenge data and the authentication key, and authenticating the authentication target device by comparing the verification data with the response data.
0 Citations
34 Claims
-
1. An authentication method performed by
a first device configured to retain, among n× - m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value, and
a second device configured to retain an authentication identifier and retain n authentication keys generated based on the authentication identifier and each of n original keys in which values of the second identifiers are a same second value among the n×
m original keys,the method comprising; selecting, at the first device, an original key in which the first identifier has the first value and the second identifier has the second value based on the second value acquired from the second device, from the m original keys and generating, at the first device, an authentication key based on the selected original key and the authentication identifier acquired from the second device; selecting, at the second device, an authentication key generated from the original key in which the first identifier has the first value and the second identifier has the second value based on the first value acquired from the first device, from the n authentication keys; generating, at an authentication target device that is one of the first device and the second device, response data based on challenge data acquired from an authentication device that is the other of the first device and the second device and the authentication key generated or selected by the authentication target device, and notifying, by the authentication target device, the generated response data to the authentication device; generating, at the authentication device, verification data based on the challenge data and the authentication key generated or selected by the authentication device; and authenticating, at the authentication device, the authentication target device by comparing the verification data with the response data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value, and
-
11. An authentication device configured to authenticate an authentication target device configured to retain, among n×
- m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value,
the authentication device comprising; a storage unit configured to store an authentication identifier and store n authentication keys generated based on the authentication identifier and each of n original keys in which values of the second identifiers are a same second value among the n×
m original keys;a notification unit configured to notify, to the authentication target device, the authentication identifier, the second value, and challenge data; a selection unit configured to acquire the first value from the authentication target device and to select an authentication key generated from an original key in which the first identifier has the first value and the second identifier has the second value, from the n authentication keys; a generating unit configured to generate verification data based on the authentication key selected by the selecting unit and the challenge data; and an authentication unit configured to authenticate the authentication target device by comparing the verification data with response data acquired from the authentication target device as a response to the challenge data notified to the authentication target device. - View Dependent Claims (12, 13, 15, 17, 18, 19, 20, 21, 22)
- m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value,
-
14. An authentication device configured to authenticate an authentication target device configured to retain an authentication identifier and retain n authentication keys (n is an integer of 2 or greater) generated based on the authentication identifier and each of n original keys in which values of second identifiers are a same second value among n×
- m original keys identified by combinations of n first identifiers having different values and m second identifiers (m is an integer of 2 or greater) having different values,
the authentication device comprising; a storage unit configured to store m original keys in which values of first identifiers are a same first value among the n×
m original keys;a notification unit configured to notify, to the authentication target device, the first value and challenge data; a selection unit configured to acquire the second value from the authentication target device and to select an original key in which the first identifier has the first value and the second identifier has the second value; a first generating unit configured to generate an authentication key based on the original key selected by the selection unit and the authentication identifier acquired from the authentication target device; a second generating unit configured to generate verification data based on the authentication key generated by the first generating unit and the challenge data; and an authentication unit configured to authenticate the authentication target device by comparing the verification data with response data acquired from the authentication target device as a response to the challenge data notified to the authentication target device. - View Dependent Claims (16)
- m original keys identified by combinations of n first identifiers having different values and m second identifiers (m is an integer of 2 or greater) having different values,
-
23. An image forming apparatus including an authentication device configured to authenticate an authentication target device configured to retain, among n×
- m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value,
the image forming apparatus comprising; a storage unit configured to store an authentication identifier and store n authentication keys generated based on the authentication identifier and each of n original keys in which values of the second identifiers are a same second value among the n×
m original keys;a notification unit configured to notify, to the authentication target device, the authentication identifier, the second value, and challenge data; a selection unit configured to acquire the first value from the authentication target device and to select an authentication key generated from an original key in which the first identifier has the first value and the second identifier has the second value, from the n authentication keys; a generating unit configured to generate verification data based on the authentication key selected by the selecting unit and the challenge data; and an authentication unit configured to authenticate the authentication target device by comparing the verification data with response data acquired from the authentication target device as a response to the challenge data notified to the authentication target device. - View Dependent Claims (25, 26)
- m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value,
-
24. An image forming apparatus including an authentication device configured to authenticate an authentication target device configured to retain an authentication identifier and retain n authentication keys (n is an integer of 2 or greater) generated based on the authentication identifier and each of n original keys in which values of second identifiers are a same second value among n×
- m original keys identified by combinations of n first identifiers having different values and m second identifiers (m is an integer of 2 or greater) having different values,
the image forming apparatus comprising; a storage unit configured to store m original keys in which values of the first identifiers are a same first value among the n×
m original keys;a notification unit configured to notify, to the authentication target device, the first value and challenge data; a selection unit configured to acquire the second value from the authentication target device and to select an original key in which the first identifier has the first value and the second identifier has the second value; a first generating unit configured to generate an authentication key based on the original key selected by the selection unit and the authentication identifier acquired from the authentication target device; a second generating unit configured to generate verification data based on the authentication key generated by the first generating unit and the challenge data; and an authentication unit configured to authenticate the authentication target device by comparing the verification data with response data acquired from the authentication target device as a response to the challenge data notified to the authentication target device.
- m original keys identified by combinations of n first identifiers having different values and m second identifiers (m is an integer of 2 or greater) having different values,
-
27. An authentication target device configured to be authenticated by an authentication device configured to retain an authentication identifier and retain n (n is an integer of 2 or greater) authentication keys generated based on the authentication identifier and each of n original keys in which values of second identifiers are a same second value among n×
- m original keys identified by combinations of first identifiers having different values and m second identifiers having different values,
the authentication target device comprising; a storage unit configured to store m original keys in which values of the first identifiers are a same first value among the n×
m original keys;a selection unit configured to acquire the second value from the authentication device and to select an original key in which the first identifier has the first value and the second identifier has the second value; a first generating unit configured to generate an authentication key based on the original key selected by the selection unit and the authentication identifier acquired from the authentication device; a second generating unit configured to generate response data based on the authentication key generated by the first generating unit and challenge data acquired from the authentication device; and a notification unit configured to notify, to the authentication device, the first value and the response data. - View Dependent Claims (28, 31, 32)
- m original keys identified by combinations of first identifiers having different values and m second identifiers having different values,
-
29. An authentication target device configured to be authenticated by an authentication device configured to retain, among n×
- m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value,
the authentication target device comprising; a storage unit configured to store an authentication identifier and store n authentication keys generated based on the authentication identifier and each of n original keys in which values of the second identifiers are a same second value among the n×
m original keys;a selection unit configured to acquire the first value from the authentication device and to select an authentication key generated from an original key in which the first identifier has the first value and the second identifier has the second value, from the n authentication keys; a generating unit configured to generate response data based on the authentication key selected by the selecting unit and challenge data acquired from the authentication device; and a notification unit configured to notify, to the authentication device, the authentication identifier, the second value, and response data. - View Dependent Claims (30, 33, 34)
- m original keys identified by combinations of n first identifiers (n is an integer of 2 or greater) having different values and m second identifiers (m is an integer of 2 or greater) having different values, m original keys in which values of first identifiers are a same first value,
Specification