Integrated circuit card, integrated circuit card processing system, and integrated circuit card authentication method
First Claim
Patent Images
1. An integrated circuit card, comprising:
- a communication device for receiving external data;
a memory device for storing (a) value data representing an effective value and (b) authentication code generation data, wherein said memory device comprises a memory section for storing (c) first key data, (d) second key data different from the first key data, and (e) card unique data unique to the integrated circuit card; and
an authentication code generation device for processing the value data and the external data, wherein said authentication code generation device comprises;
a first generation device for processing the value data, the first key data, the card unique data, and the external data by using the authentication code generation data to generate a first authentication code; and
a second generation device for processing the value data, the second key data, the card unique data, and the external data by using the authentication code generation data to generate a second authentication code different from the first authentication code.
1 Assignment
0 Petitions
Accused Products
Abstract
An IC card processing system includes a telephone set for generating random number data, an IC card for processing value data, a secret key, and random number data by an authenticator generation function to generate authentication code, a switching unit for processing value data, a secret key, and random number data by an authenticator generation function to generate authentication code, and a comparator for comparing the authentication code generated by the IC card with the authentication code generated by the switching unit to authenticate the IC card.
-
Citations
20 Claims
-
1. An integrated circuit card, comprising:
-
a communication device for receiving external data;
a memory device for storing (a) value data representing an effective value and (b) authentication code generation data, wherein said memory device comprises a memory section for storing (c) first key data, (d) second key data different from the first key data, and (e) card unique data unique to the integrated circuit card; and
an authentication code generation device for processing the value data and the external data, wherein said authentication code generation device comprises;
a first generation device for processing the value data, the first key data, the card unique data, and the external data by using the authentication code generation data to generate a first authentication code; and
a second generation device for processing the value data, the second key data, the card unique data, and the external data by using the authentication code generation data to generate a second authentication code different from the first authentication code.
-
-
2. An integrated circuit card, comprising:
-
a communication device for receiving external data;
a memory device for storing (a) value data representing an effective value and (b) authentication code generation data, wherein said memory device comprises a memory section for storing (c) card unique data unique to said Integrated circuit card and (d) card unique key data generated on the basis of the card unique data; and
an authentication code generation device for processing the value data and the external data wherein said authentication code generation device comprises a generation device for processing the value data, the card unique key data, and the external data by using the authentication code generation data to generate the authentication code.
-
-
3. An integrated circuit card processing system comprising (a) an integrated circuit card and an integrated circuit card processing device for processing said integrated circuit card,
said integrated circuit card comprising: -
a first communication device for receiving random number data transmitted from said integrated circuit card processing device and for transmitting (c) value data representing an effective value and (d) first authentication code generated by said integrated circuit card to said integrated circuit card processing device;
a first memory device for storing (e) the value data and (f) first authentication code generation data; and
a first authentication code generation device for processing the value data and the random number data by using the first authentication code generation data to generate the first authentication code, and said integrated circuit card processing device comprising;
a second communication device for receiving the value data and the first authentication code and for transmitting the random number data;
a second memory device for storing second authentication code generation data identical to the first authentication code generation data;
a random number generation device for generating the random number data;
a second authentication code generation device for processing the value data and the random number data by using the second authentication code generation data to generate the second authentication code;
a determination device for comparing the second authentication code with the first authentication code received via said second communication device to obtain a determination result, said determination result relating to validity of said integrated circuit card; and
a card handling device for handling said integrated circuit card on the basis of the determination result. - View Dependent Claims (4, 5, 6, 7, 8, 9, 10, 11, 12)
a first memory section for storing first key data, and said first authentication code generation device comprises;
a first generation device for processing the value data, the first key data and the random number data by using the first authentication code generation data to generate the first authentication code;
said second memory device comprises;
a second memory section for storing second key data identical to the first key data; and
said second authentication code generation device comprises;
a second generation device for processing the value data, the second key data and the random number data by using the second authentication code generation data to generate the second authentication code.
-
-
5. A system according to claim 3, wherein said card handling device comprises:
a card processing device for permitting a transaction when the validity of said integrated circuit card is certified from the determination result and for inhibiting a transaction when the validity of said integrated circuit card is not certified.
-
6. A system according to claim 3, wherein said second memory device comprises:
-
a memory section for storing device unique data unique to said integrated circuit card processing device and random number generation data, and said random number generation device comprises;
a generation device for processing the device unique data by using the random number generation data to generate the random number data.
-
-
7. A system according to claim 3, further comprising a card issuing unit for writing the value data in said first memory device and for issuing said integrated circuit card in which the value data is written.
-
8. A system according to claim 3, wherein said integrated circuit card processing device comprises:
-
a terminal device for directly communicating with said integrated circuit card, and a host device for communicating with said integrated circuit card via said terminal device, said terminal device comprises;
said second communication device and said random number generation device, and said host device comprises;
said second memory device, said second authentication code generation device, said determination device, and said card handling device.
-
-
9. A system according to claim 3, wherein said first communication device comprises:
-
a transmission device for transmitting card unique data unique to said Integrated circuit card, said first memory device comprises;
a first memory section for storing first key data and the card unique data, said first authentication code generation device comprises;
a first generation device for processing the value data the first key data, the card unique data, and the random number data by using the first authentication code generation data to generate the first authentication code, said second communication device comprises;
a reception device for receiving the card unique data transmitted from said integrated circuit card, said second memory device comprises;
a second memory section for storing second key data identical to the first key data, and said second authentication code generation device comprises;
a second generation device for processing the value data, the card unique data, the second key data and the random number data by using the second authentication code generation data to generate the second authentication code.
-
-
10. A system according to claim 3, wherein said first communication device comprises:
-
a transmission device for transmitting card unique data unique to said integrated circuit card, said first memory device comprises;
a first memory section for storing first key data, second key data different from the first key data, and the card unique data, said first authentication code generation device comprises;
a first generation device for processing the value data, the first key data, the card unique data and the random number data by using the first authentication code generation data to generate the first authentication code; and
a second generation device for processing the value data, the second key data, the card unique data and the random number data by using the first authentication code generation data to generate the first authentication code, said second communication device comprises;
a reception device for receiving the card unique data transmitted from said integrated circuit card, said second memory device comprises;
a second memory section for storing third key data identical to the first key data and fourth key data identical to the second key data, said second authentication code generation device comprises;
a third generation device for processing the value data, the card unique data, the third key data and the random number data by using the second authentication code generation data device to generate the second authentication code; and
a fourth generation for processing the value data, the card unique data, the fourth key data and the random number data by using the second authentication code generation data to generate the second authentication code, and said determination device comprises;
a first determination device for comparing the first authentication code generated by said first generation device with the second authentication code generated by said third generation device to determine the validity of said card; and
a second determination device for comparing the first authentication code generated by said second generation device with the second authentication code generated by said fourth generation device to determine the validity of said card.
-
-
11. A system according to claim 3, wherein said first communication device comprises:
-
a transmission device for transmitting card unique data unique to said integrated circuit card, said first memory device comprises;
a first memory section for storing the card unique data, and first card unique key data generated from the card unique data and first key data, said first authentication code generation device comprises;
a first generation device for processing the value data, the first card unique key data and the random number data by using the first authentication code generation data to generate the first authentication code, said second communication device comprises;
a reception device for receiving the card unique data transmitted from said integrated circuit card, said second memory device comprises;
a second memory section for storing second key data identical to the first key data, said integrated circuit card processing device comprises;
a key data generation device for generating second card unique key data from the card unique data and the second key data, and said second authentication code generation device comprises;
a second generation device for processing the value data, the second card unique key data and the random number data by using the second authentication code generation data to generate the second authentication code.
-
-
12. A system according to claim 3, wherein said first communication device comprises:
-
a transmission device for transmitting card unique data unique to said integrated circuit card, said first memory device comprises;
a first memory section for storing (g) the card unique data, (h) first card unique key data generated from the card unique data and first key data, and (i) second card unique key data generated from the card unique data and second key data different from the first key data, said first authentication code generation device comprises;
a first generation device for processing the value data, the first card unique key data and the random number data by using the first authentication code generation data to generate the first authentication code; and
a second generation device for processing the value data, the second card unique key data and the random number data by using the first authentication code generation data to generate the first authentication code, said second communication device comprises;
a reception device for receiving the card unique data transmitted from said integrated circuit card, said second memory device comprises;
a second memory section for storing third key data identical to the first key data and fourth key data identical to the second key data, said integrated circuit card processing device comprises;
a first key data generation device for generating third card unique key data from the card unique data and the third key data; and
a second key data generation device for generating fourth card unique key data from the card unique data and the fourth key data, said second authentication code generation device comprises;
a third generation device for processing the value data, the third card unique key data, and the random number data by using the second authentication code generation data to generate the second authentication code; and
a fourth generation device for processing the value data, the fourth card unique key data, and the random number data by using the second authentication code generation data to generate the second authentication code, and said determination device comprises;
a first determination device for comparing the first authentication code with the second authentication code to determine the validity of said card; and
a second determination device for comparing the first authentication code with the second authentication code to determine the validity of said card.
-
-
13. An integrated circuit card authentication method executed in an integrated circuit card in which value data representing an effective value and first authentication code generation data are stored, and an integrated circuit card processing device which processes said integrated circuit card and stores second authentication code generation data identical to the first authentication code generation data, comprising:
-
the first step of generating random number data;
the second step of processing the value data stored in said integrated circuit card and the random number data generated in the first step, by using the first authentication code generation data stored in said integrated circuit card to generate first authentication code;
the third step of processing the value data stored in said integrated circuit card and the random number data generated in the first step, by using the second authentication code generation data stored in said integrated circuit card processing device to generate second authentication code; and
the fourth step of comparing the first authentication code with the second authentication code to authenticate said integrated circuit card. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
said integrated circuit card processing device stores second key data identical to the first key data, the second step comprises: the fifth step of processing the value data and the first key data which are stored in said integrated circuit card, and the random number data generated in the first step, by using the first authentication code generation data stored in said integrated circuit card to generate the first authentication code, and the third step comprises;
the sixth step of processing the value data stored in said integrated circuit card, the second key data stored in said integrated circuit card processing device, and the random number data generated in the first step, by using the second authentication code generation data stored in said integrated circuit card processing device to generate the second authentication code.
-
-
15. A method according to claim 13, further comprising the fifth step of permitting transaction using said integrated circuit card when validity of said integrated circuit card is certified from an authentication result in the fourth step, and inhibiting transaction using said integrated circuit card when the validity of said integrated circuit card is not certified.
-
16. A method according to claim 13, wherein said integrated circuit card processing device stores device unique data unique to said integrated circuit card processing device and random number generation data used to generate the random number data, and
the first step comprises: the fifth step of processing the device unique data stored in said integrated circuit card processing device, by using the random number generation data stored in said integrated circuit card processing device to generate the random number data.
-
17. A method according to claim 13, wherein said integrated circuit card stores first key data and card unique data,
said integrated circuit card processing device stores second key data identical to the first key data, the second step comprises: -
the fifth step of processing the value data, the first key data, and the card unique data which are stored in said integrated circuit card, and the random number data generated in the first step, by using the first authentication code generation data stored in said integrated circuit card to generate the first authentication code, and the third step comprises;
the sixth step of processing the value data and the card unique data which are stored in said integrated circuit card, the second key data stored in said integrated circuit card processing device, and the random number data generated in the first step, by using the second authentication code generation data stored in said integrated circuit card processing device to generate the second authentication code.
-
-
18. A method according to claim 13, wherein said integrated circuit card stores first key data, second key data different from the first key data, and card unique data,
said integrated circuit card processing device stores third key data identical to the first key data, and fourth key data identical to the second key data, the second step comprises: -
the fifth step of processing the value data, the first key data, and the card unique data which are stored in said integrated circuit card, and the random number data generated in the first step, by using the first authentication code generation data stored in said integrated circuit card to generate the first authentication code; and
the sixth step of processing the value data, the second key data, and the card unique data which are stored in said integrated circuit card, and the random number data generated in the first step, by using the first authentication code generation data stored in said integrated circuit card to generate the first authentication code, the third step comprises;
the seventh step of processing the value data and the card unique data which are stored in said integrated circuit card, the third key data stored in said integrated circuit card processing device, and the random number data generated in the first step, by using the second authentication code generation data stored in said integrated circuit card processing device to generate the second authentication code; and
the eighth step of processing the value data and the card unique data which are stored in said integrated circuit card, the fourth key data stored in said integrated circuit card processing device, and the random number data generated in the first step, by using the second authentication code generation data stored in said integrated circuit card processing device to generate the second authentication code, and the fourth step comprises;
the ninth step of comparing the first authentication code generated in the fifth step with the second authentication code generated in the seventh step to authenticate said integrated circuit card; and
the 10th step of comparing the first authentication code generated in the sixth step with the second authentication code generated in the eighth step to authenticate said integrated circuit card.
-
-
19. A method according to claim 13, wherein said integrated circuit card stores card unique data unique to said integrated circuit card, and first card unique key data generated from the card unique data and first key data,
said integrated circuit card processing device stores second key data identical to the first key data, the second step comprises: -
the fifth step of processing the value data and the first card unique key data which are stored in said integrated circuit card, and the random number data generated in the first step, by using the first authentication code generation data stored in said integrated circuit card to generate the first authentication code, and the third step comprises;
the sixth step of generating second card unique key data from the card unique data stored in said integrated circuit card and the second key data stored in said integrated circuit card processing device; and
the seventh step of processing the value data stored in said integrated circuit card, the second card unique key data generated in the sixth step, and the random number data generated in the first step, by using the second authentication code generation data stored in said integrated circuit card processing device to generate the second authentication code.
-
-
20. A method according to claim 13, wherein said integrated circuit card stores card unique data unique to said integrated circuit card, first card unique key data generated from the card unique data and first key data, and second card unique key data generated from the card unique data and second key data different from the first key data,
said integrated circuit card processing device stores third key data identical to the first key data, and fourth key data identical to the second key data, the second step comprises: -
the eighth step of processing the value data and the first card unique key data which are stored in said integrated circuit card, and the random number data generated in the first step, by using the first authentication code generation data stored in said integrated circuit card to generate the first authentication code; and
the ninth step of processing the value data and the second card unique key data which are stored in said integrated circuit card, and the random number data generated in the first step, by using the first authentication code generation data stored in said integrated circuit card to generate the first authentication code, the third step comprises;
the 10th step of generating the second card unique key data from the card unique data stored in said integrated circuit card and the third key data stored in said integrated circuit card processing device;
the 11th step of generating the second card unique key data from the card unique data stored in said integrated circuit card and the fourth key data stored in said integrated circuit card processing device;
the 12th step of processing the value data stored in said integrated circuit card, the second card unique key data generated in the 10th step, and the random number data generated in the first step, by using the second authentication code generation data stored in said integrated circuit card processing device to generate the second authentication code; and
the 13th step of processing the value data stored in said integrated circuit card, the second card unique key data generated in the 11th step, and the random number data generated in the first step, by using the second authentication code generation data stored in said integrated circuit card processing device to generate the second authentication code, and the fourth step comprises;
the 14th step of comparing the first authentication code generated in the eighth step with the second authentication code generated in the 12th step to authenticate said integrated circuit card; and
the 15th step of comparing the first authentication code generated in the ninth step with the second authentication code generated in the 13th step to authenticate said integrated circuit card.
-
Specification