System and method for authentication, and device and method for authentication
First Claim
1. An authentication system for performing authentication processing between a first device and a second device, said first device comprising:
- first memory means for storing a plurality of data areas and a first plurality of keys, wherein each of said first plurality of keys indicates access to a corresponding one of said plurality of data areas;
first generation means for generating a first single authentication key from two or more of the first plurality of keys stored in said first memory means, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas; and
first communication means for communicating said first single authentication key with said second device, andsaid second device comprising;
second memory means for storing a second plurality of keys equivalent to said first plurality of keys;
second generation means for generating a second single authentication key from two or more of the second plurality of keys stored in said second memory means; and
second communication means for communicating said second single authentication key with said first device,wherein one of said first device and said second device further comprises encipherment means for enciphering information using a corresponding one of said first single authentication key and said second single authentication key, andwherein another of said first device and said second device further comprises decipherment means for deciphering said information enciphered by said encipherment means using another corresponding one of said first single authentication key and said second single authentication key.
1 Assignment
0 Petitions
Accused Products
Abstract
In authentication using a plurality of cipher keys, the authentication time is shortened. In the case that an encipher key to encipher key are required to take an access to each area out of the area to area in a memory of an IC card, a plurality of areas to have an access is informed to the IC card from a reader writer, a plurality of cipher keys corresponding to these areas (for example, cipher key 1, cipher key 2, and cipher key 4) is read out, and reduction processing section generates one reduction key from these cipher keys. A random number which is generated from a random number generation section of the reader writer is transferred to the IC card, and an encipherment section enciphers the random number using the reduction key. The reader writer receives the enciphered random number from the IC card, and deciphers it using the reduction key, and judges the IC card to be proper if the deciphered random number is equal to the generated random number.
94 Citations
22 Claims
-
1. An authentication system for performing authentication processing between a first device and a second device, said first device comprising:
-
first memory means for storing a plurality of data areas and a first plurality of keys, wherein each of said first plurality of keys indicates access to a corresponding one of said plurality of data areas; first generation means for generating a first single authentication key from two or more of the first plurality of keys stored in said first memory means, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas; and first communication means for communicating said first single authentication key with said second device, and said second device comprising; second memory means for storing a second plurality of keys equivalent to said first plurality of keys; second generation means for generating a second single authentication key from two or more of the second plurality of keys stored in said second memory means; and second communication means for communicating said second single authentication key with said first device, wherein one of said first device and said second device further comprises encipherment means for enciphering information using a corresponding one of said first single authentication key and said second single authentication key, and wherein another of said first device and said second device further comprises decipherment means for deciphering said information enciphered by said encipherment means using another corresponding one of said first single authentication key and said second single authentication key. - View Dependent Claims (2, 3)
-
-
4. An authentication method for performing authentication processing between a first device and a second device, the method in said first device comprising:
-
a first memory step of storing a plurality of data areas and a first plurality of keys, wherein each of said first plurality of keys indicates access to a corresponding one of said plurality of data areas; a first generation step of generating a first single authentication key from two or more of the first plurality of keys stored in said first memory step, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas; and a first communication step of communicating said first single authentication key with said second device, and the method in said second device comprising; a second memory step of storing a second plurality of keys equivalent to said first plurality of keys; second generation step of generating a second single authentication key from two or more of the second plurality of keys stored in said second memory step; and a second communication step of communicating said second single authentication key with said first device, wherein one of said first device and said second device further performs processing in an encipherment step of enciphering information using a corresponding one of said first single authentication key and said second single authentication key, and wherein another of said first device and said second device further performs processing in a decipherment step of deciphering said information enciphered in said encipherment step using another corresponding one of said first single authentication key and said second single authentication key.
-
-
5. An authentication device for performing authentication processing with another device, said authentication device comprising:
-
communication means for communicating a first single authentication key with said another device; memory means for storing a first plurality of keys; generation means for generating said first single authentication key from two or more of said first plurality of keys stored in said memory means; notification means for notifying, to said another device, information required to generate a second single authentication key from two or more of a second plurality of keys stored in said another device and data to be enciphered using said second single authentication key, wherein said second plurality of keys is equivalent to said first plurality of keys; and decipherment means for decoding the enciphered data using said first single authentication key. - View Dependent Claims (6)
-
-
7. An authentication method for performing authentication processing between an authentication device and another device, comprising:
-
a communication step of communicating a first single authentication key with said another device; a memory step of storing a first plurality of keys; a generation step of generating said first single authentication key from two or more of said first plurality of keys stored in said memory step; a notification step of notifying, to said another device, information required to generate a second single authentication key from two or more of a second plurality of keys stored in said another device and data to be enciphered using said second single authentication key, wherein said second plurality of keys is equivalent to said first plurality of keys; and a decipherment step of deciphering the enciphered data using said first single authentication key.
-
-
8. An authentication device for performing authentication processing with another device, said authentication device comprising:
-
communication means for communicating a single authentication key with said another device; memory means for storing a plurality of data areas and a plurality of keys, wherein each of said plurality of keys indicates access to a corresponding one of said plurality of data areas; generation means for generating said single authentication key from two or more of the plurality of keys stored in said memory means based on information notified by said another device, wherein said single authentication key indicates access to two or more corresponding of said plurality of data areas; and an encipherment means for enciphering the information notified by said another device using said single authentication key.
-
-
9. An authentication method for performing authentication processing between an authentication device and another device, comprising:
-
a communication step of communicating a single authentication key with said another device; a memory step of storing a plurality of data areas and a plurality of keys, wherein each of said plurality of keys indicates access to a corresponding one of said plurality of data areas; a generation step of generating said single authentication key from two or more of the plurality of keys stored in said memory step based on information notified by said another device, wherein said single authentication key indicates access to two or more corresponding of said plurality of data areas; and an encipherment step of enciphering the information notified by said another device using said single authentication key.
-
-
10. An authentication system for performing authentication processing between a first device and a second device, said first device comprising:
-
first memory means for storing a first authentication key, a first common data and a first plurality of keys, wherein each of said first plurality of keys corresponds to said first common data combined with a respective one of a second plurality of keys; first generation means for generating a first single authentication key from said first authentication key and a corresponding one of said first plurality of keys; first notification means for notifying information required for said second device to generate a second single authentication key corresponding to said first single authentication key; and first communication means for communicating said first single authentication key with said second device, and said second device comprising; second memory means for storing a plurality of data areas, said second plurality of keys and a second common data equivalent to said first common data, wherein each of said second plurality of keys indicates access to a corresponding one of said plurality of data areas; second generation means for generating said second single authentication key from the notified information, two or more of said second plurality of keys, and said common data; and second communication means for communicating said second single authentication key with said first device; and wherein one of said first device and said second device further comprises encipherment means for enciphering data using a corresponding one of said first single authentication key and said second single authentication key, and wherein another of said first device and said second device further comprises decipherment means for deciphering the data enciphered by said encipherment means using another corresponding one of said first single authentication key and said second single authentication key. - View Dependent Claims (11, 12, 13)
-
-
14. An authentication method for performing authentication processing between a first device and a second device,
the method in said first device comprising: -
a first memory step of storing a first authentication key, a first common data and a first plurality of keys, wherein each of said first plurality of keys corresponds to said first common data combined with a respective one of a second plurality of keys; a first generation step generating a first single authentication key from said first authentication key and a corresponding one of said first plurality of keys; an first information step of notifying information required for said second device to generate a second single authentication key corresponding to said first single authentication key; and a first communication step of communicating said first single authentication key with said second device, and the method in said second device comprising; a second memory step of storing a plurality of data areas, said second plurality of keys and a second common data equivalent to said first common data, wherein each of said second plurality of keys indicates access to a corresponding one of said plurality of data areas; a second generation step of generating said second single authentication key from the notified information, two or more of said second plurality of keys, and said common data; and a second communication step of communicating said second single authentication key with said first device, and wherein one of said first device and said second device further performs an encipherment step of enciphering data using a corresponding one of said first single authentication key and said second single authentication key, and wherein another of said first device and said second device further performs a decipherment step of deciphering the data enciphered in said encipherment step using another corresponding one of said first single authentication key and said second single authentication key.
-
-
15. An authentication device for performing authentication processing with a second device comprising:
-
memory means for storing a first authentication key, a first common data and a first plurality of keys, wherein each of said first plurality of keys corresponds to said first common data combined with a respective one of a second plurality of keys; generation means for generating a first single authentication key from said first authentication key and a corresponding one of said first plurality of keys; notification means for notifying information required for said second device to generate a second single authentication key corresponding to said first single authentication key; communication means for communicating said first single authentication key with said second device; and encipherment means for enciphering data using said first single authentication key. - View Dependent Claims (16, 17)
-
-
18. An authentication method for performing authentication processing with a second device, the method comprising:
-
a memory step of storing a first authentication key, a first common data and a first plurality of keys, wherein each of said first plurality of keys corresponds to said first common data combined with a respective one of a second plurality of keys; a generation step of generating a first single authentication key from said first authentication key and a corresponding one of said first plurality of keys; a notification step of notifying information required for said second device to generate a second single authentication key corresponding to said first single authentication key; a communication step of communicating said first single authentication key with said second device; and an encipherment step of enciphering data using said first single authentication key.
-
-
19. An authentication device for performing authentication processing with a second device, said authentication device comprising:
-
memory means for storing a plurality of data areas, a plurality of keys and common data, wherein each of said plurality of keys indicates access to a corresponding one of said plurality of data areas; generation means for generating a first single authentication key from two or more of the plurality of keys and said common data, in accordance with information received from said second device, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas; communication means for communicating said first single authentication key with said second device; and decipherment means for deciphering data using said first single authentication key, wherein said data was enciphered by said second device. - View Dependent Claims (20, 21)
-
-
22. An authentication method for performing authentication processing with a second device, the method comprising:
-
a memory step of storing a plurality of data areas, a plurality of keys and common data, wherein each of said plurality of keys indicates access to a corresponding one of said plurality of data areas; a generation step of generating a first single authentication key from two or more of the plurality of keys keys and said common data, in accordance with information received from said second device, wherein said first single authentication key indicates access to two or more corresponding of said plurality of data areas; a communication step of communicating said first single authentication key with said second device; and a decipherment step of deciphering data using said first single authentication key, wherein said data was enciphered by said second device.
-
Specification