Authentication method, communication method, and information processing apparatus
First Claim
1. An authentication method between a first information processing apparatus and a second information processing apparatus, wherein said first information processing apparatus and said second information processing apparatus include storage means for storing a first key and a second key, encryption means for encrypting predetermined data using either one of said first key and said second key and decryption means for decrypting a code generated by either one of said second key and said first key, said method comprising the steps of:
- encrypting random first data into a first code using said first key of said encryption means of said first information processing apparatus;
decrypting said first code into second data using said first key of said decryption means of said second information processing apparatus;
encrypting said second data into a second code using said second key of said encryption means of said second information processing apparatus;
encrypting random third data into a third code using said second key of said encryption means of said second information processing apparatus;
decrypting said second code into fourth data using said second key of said decryption means of said first information processing apparatus;
authenticating said second information processing apparatus by said first information processing apparatus on the basis of said first data and said fourth data;
decrypting said third code into fifth data using said second key of said decryption means of said first information processing apparatus;
encrypting said fifth data into a fourth code using said first key of said encryption means of said first information processing apparatus;
decrypting said fourth code into sixth data using said first key of said decryption means of said second information processing apparatus; and
authenticating said first information processing apparatus by said second information processing apparatus on the basis of said third data and said sixth data.
1 Assignment
0 Petitions
Accused Products
Abstract
Mutual authentication is performed. A reader/writer (R/W) transmits to an IC card a code C1 that is a random number RA encrypted using a key KB. The IC card decrypts the code C1 into plain text M1 using the key KB. The IC card transmits to the R/W a code C2 that is the plain text M1 encrypted using a key KA and a code C3 that is a random number RB encrypted using the key KA. The R/W decrypts the codes C2 and C3 into plain text M2 and plain text M3, respectively, using the key KA. When the R/W determines that the plain text M2 and the random number RA are the same, it authenticates the IC card. Next, the R/W transmits to the IC card a code C4 that is the plain text M3 encrypted using the key KB. The IC card decrypts the code C4 into plain text M4 using the key KB. When the IC card determines that the plain text M4 and the random number RB are the same, it authenticates the R/W.
-
Citations
30 Claims
-
1. An authentication method between a first information processing apparatus and a second information processing apparatus, wherein said first information processing apparatus and said second information processing apparatus include storage means for storing a first key and a second key, encryption means for encrypting predetermined data using either one of said first key and said second key and decryption means for decrypting a code generated by either one of said second key and said first key, said method comprising the steps of:
-
encrypting random first data into a first code using said first key of said encryption means of said first information processing apparatus; decrypting said first code into second data using said first key of said decryption means of said second information processing apparatus; encrypting said second data into a second code using said second key of said encryption means of said second information processing apparatus; encrypting random third data into a third code using said second key of said encryption means of said second information processing apparatus; decrypting said second code into fourth data using said second key of said decryption means of said first information processing apparatus; authenticating said second information processing apparatus by said first information processing apparatus on the basis of said first data and said fourth data; decrypting said third code into fifth data using said second key of said decryption means of said first information processing apparatus; encrypting said fifth data into a fourth code using said first key of said encryption means of said first information processing apparatus; decrypting said fourth code into sixth data using said first key of said decryption means of said second information processing apparatus; and authenticating said first information processing apparatus by said second information processing apparatus on the basis of said third data and said sixth data.
-
-
2. A communication method between a first information processing apparatus and a second information processing apparatus, wherein said first information processing apparatus and said second information processing apparatus include storage means for storing a first key and a second key, encryption means for encrypting predetermined data using either one of said first key and said second key, decryption means for decrypting a code generated by either one of said second key and said first key, transmission means for transmitting said encrypted predetermined data and receiving means for receiving said encrypted predetermined data, said method comprising the steps of:
-
encrypting random first data into a first code using said first key of said encryption means of said first information processing apparatus; transmitting said first code to said second information processing apparatus using said transmission means of said first information processing apparatus; receiving said first code from said first information processing apparatus using said receiving means of said second information processing apparatus; decrypting said first code into second data using said first key of said decryption means of said second information processing apparatus; encrypting said second data into a second code using said second key of said encrypting means of said second information processing apparatus; encrypting random third data into a third code using said second key of said encryption means of said second information processing apparatus; transmitting said second code and said third code to said first information processing apparatus using said transmission means of said second information processing apparatus; receiving said second code and said third code from said second information processing apparatus using said receiving means of said first information processing apparatus; decrypting said second code into fourth data using said second key of said decryption means of said first information processing apparatus; authenticating said second information processing apparatus by said first information processing apparatus on the basis of said first data and said fourth data; decrypting said third code into fifth data using said second key of said decryption means of said first information processing apparatus; encrypting said fifth data into a fourth code using said first key of said second encryption means of said first information processing apparatus; transmitting said fourth code to said second information processing apparatus using said transmission means of said first information processing apparatus; receiving said fourth code from said first information processing apparatus using said receiving means of said second information processing apparatus; decrypting said fourth code into sixth data using said first key of said decryption means of said second information processing apparatus; and authenticating said first information processing apparatus by said second information processing apparatus on the basis of said third data and said sixth data. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. An information processing apparatus of a plurality of information processing apparatuses, comprising:
-
storage means for storing a first key and a second key; encryption means for encrypting predetermined data using one of said first key and said second key; decryption means for decrypting a code generated by one of said second key and said first key; transmission means for transmitting a code encrypted by said encryption means to one of said plurality of information processing apparatuses; receiving means for receiving a code from said one of said plurality of information processing apparatuses; and authentication means for authenticating said one of said plurality of information processing apparatuses on the basis of said predetermined data and data generated by decrypting the code received from said one of said plurality of information processing apparatuses, wherein said encryption means encrypts random first data into a first code using said first key, said transmission means transmits said first code to said one of said plurality of information processing apparatuses, said receiving means receives a second code and a third code from said one of said plurality of information processing apparatuses, said decryption means decrypts said second code into second data using said second key and decrypts said third code into third data using said second key, said authentication means authenticates said one of said plurality of information processing apparatuses on the basis of said first data and said second data, said encryption means encrypts said third data into a fourth code using said first key, and said transmission means transmits said fourth code to said one of said plurality of information processing apparatuses. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
-
24. An information processing apparatus for use with a plurality of information processing apparatuses, comprising:
-
storage means for storing a first key and a second key; encryption means for encrypting predetermined data using one of said first key and said second key; decryption means for decrypting a code generated by one of said second key and said first key; transmission means for transmitting a code encrypted by said encryption means to one of said plurality of information processing apparatuses; receiving means for receiving a code from said one of said plurality of information processing apparatuses; and authentication means for authenticating said one of said plurality of information processing apparatuses on the basis of said predetermined data and data obtained by decrypting said code received from one of said plurality of information processing apparatuses, wherein said receiving means receives a first code from said one of said plurality of information processing apparatuses, said decryption means decrypts said first code into first data using said first key, said encryption means encrypts said first data into a second code using said second key and encrypts random second data into a third code using said second key, said transmission means transmits said second code and said third code to said one of said plurality of information processing apparatuses, said receiving means receives a fourth code from said one of said plurality of information processing apparatuses, said decryption means decrypts said fourth code into third data using said second key, and said authentication means authenticates said one of said plurality of information processing apparatuses on the basis of said second data and said third data. - View Dependent Claims (25, 26, 27, 28, 29, 30)
-
Specification