Communication device which performs two-way encryption authentication in challenge response format
First Claim
1. A communication apparatus for performing two-way authentication in challenge response format with another communication apparatus on a communication channel, the communication apparatus comprising:
- first authentication key storage means for storing a first authentication key which is only provided to authorized communication apparatuses;
first data converting means for performing a data conversion determined by the first authentication key, the data conversion being based only on a single algorithm, wherein an inverse conversion for the data conversion exists and subjecting a plaintext to the data conversion and the inverse conversion in any order restores the plaintext to an original form;
authenticating means for authenticating the other communication apparatus using communication in the challenge response format and the data conversion performed by the first data converting means; and
proving means for proving an authorization of a present communication apparatus using communication in the challenge response format and the data conversion performed by the first data converting means.
1 Assignment
0 Petitions
Accused Products
Abstract
A supplier device 70 which supplies title data is equipped with a encryption module 74 for performing an encryption which is substitutive in nature and the user device 90 which uses the title data is equipped with a decryption module 93 for performing a decryption which corresponds to the encryption. The supplier device 70 uses this encryption module 74 to prove its own authorization and authenticate other devices. Similarly, the user device 90 uses this decryption module 93 to prove its own authorization and authenticate other devices.
-
Citations
22 Claims
-
1. A communication apparatus for performing two-way authentication in challenge response format with another communication apparatus on a communication channel, the communication apparatus comprising:
-
first authentication key storage means for storing a first authentication key which is only provided to authorized communication apparatuses; first data converting means for performing a data conversion determined by the first authentication key, the data conversion being based only on a single algorithm, wherein an inverse conversion for the data conversion exists and subjecting a plaintext to the data conversion and the inverse conversion in any order restores the plaintext to an original form; authenticating means for authenticating the other communication apparatus using communication in the challenge response format and the data conversion performed by the first data converting means; and proving means for proving an authorization of a present communication apparatus using communication in the challenge response format and the data conversion performed by the first data converting means. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A communication system which is made up of a supplier apparatus that supplies information and a user apparatus that uses the information and which performs two-way authentication in challenge response format on a communication channel, wherein the supplier apparatus comprises:
-
first authentication key storage means for storing a first authentication key which is only provided to authorized supplier apparatuses; first encrypting means for performing an encryption determined by the first authentication key, wherein the encryption is based only on a single algorithm, wherein an inverse conversion for the data conversion exists and subjecting a plaintext to the data conversion and the inverse conversion in any order restores the plaintext to an original form and wherein the first encrypting means is combined with the first authentication key storage means in one integrated circuit; authenticating means for authenticating the user apparatus; and proving means for proving an authorization of the supplier apparatus using the communication in the challenge response format and the encryption performed by the first encrypting means, and the user apparatus comprising; user first authentication key storage means for storing the same first authentication key as the first authentication key storage means in the supplier apparatus; first decrypting means for performing a decryption determined by the first authentication key, wherein the decryption is a reverse conversion of the encryption performed by the first encrypting means in the supplier apparatus and wherein the user first authentication key storage means and the first decrypting means are combined in one integrated circuit; user authenticating means for authenticating the supplier apparatus using communication in challenge response format and the decryption performed by the first decrypting means; and user proving means for proving an authorization of the user apparatus using the communication in challenge response format and the decryption performed by the first decrypting means. - View Dependent Claims (9, 10, 11)
-
-
12. A method of performing two-way authentication and distribution of a secret key in a communication system which is made up of a supplier apparatus that supplies information and a user apparatus that uses the information, the method comprising:
-
a first step in which the supplier apparatus generates a first random number and transmits the first random number to the user apparatus; a second step in which the user apparatus receives the first random number, generates a second random number, combines the first random number and the second random number into a first cryptogram, decrypts the first cryptogram, and transmits a first plaintext obtained from the decryption to the supplier apparatus; a third step in which the supplier apparatus receives the first plaintext, encrypts the first plaintext, wherein an inverse conversion for the encryption exists and subjecting a plaintext to the encryption and the inversion conversion in any order restores the plaintext to original form, divides a second cryptogram obtained from the encryption into first data and second data, the first data corresponding to the first random number and the second data corresponding to the second random number, compares the first random number with the first data, generates a third random number as the secret key if the first data coincides with the first random number, combines the third random number and the second data, encrypts a second plaintext which is obtained from combination using a same encryption method as when encrypting the first plaintext, and transmits to the user apparatus a third cryptogram obtained by encrypting the second plaintext; and a fourth step in which the user apparatus receives the third cryptogram, decrypts the third cryptogram using the same decryption method as when decrypting the first cryptogram, divides a third plaintext obtained by decrypting the third cryptogram into third data and fourth data, the third data corresponding to the second data and the fourth data corresponding to the third random number, compares the third data with the second random number, and, if the third data coincides with the second random number, notifies the supplier apparatus of a coincidence of the third data and the second random number and holds the fourth data as the secret key.
-
-
13. A digital communication system for transmitting titles such as movies and multi media works comprising:
-
a supplier device for transmitting and receiving data over the digital communication system, a plurality of user devices for transmitting and receiving data over the digital communication system, each user device including a first encryption module for challenge and response, said module having a first encrypter containing a first data conversion algorithm, wherein an inverse conversion for the first data conversion algorithm exists and subjecting a plaintext to the first data conversion algorithm and the inverse conversion in any order restores the plaintext to an original form, said user device further comprising a third encrypter containing a third data conversion algorithm; and a transmission apparatus for transmitting data between the supplier and the user devices. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification