Authentication method, system and apparatus of an electronic value
First Claim
1. An authentication method wherein:
- a user owns an electronic value including encrypted value authentication information (F(VPW)) wherein authentication information (VPW) corresponding to said electronic value specified by said user is encoded by a first irreversible calculation process (F),in a process for authenticating said user as the right owner of said electronic value, an authentication side generates a random number (R) and transmits it to said user side,said user side generates value authentication information (F(VPW′
)) from said authentication information (VPW) corresponding to said electronic value input by said user, further generates authentication information (G(R,F(VPW′
))) wherein said random number (R) and said value authentication information (F(VPW′
)) are concatenated and encoded by a second irreversible calculation process (G) and transmits said electronic value and said authentication information (G(R,F(VPW′
))) to said authentication side,said authentication side decrypts code of said received electronic value, extracts said value authentication information (F(VPW)) from said electronic value, generates authentication information (G(R,F(VPW))) wherein said random number (R) and said value authentication information (F(VPW)) are concatenated and encoded by said second irreversible calculation process (G), collates said received authentication information (G(R,F(VPW′
))) with said generated authentication information (G(R,F(VPW))), verifies that they are identical, and authenticates user.
5 Assignments
0 Petitions
Accused Products
Abstract
An authentication system providing a safety authentication process of electronic values with the use of mobile terminals which do not have a tamper-resistant function. The electronic value including encrypted value authentication information (F(VPW)), wherein an authentication information (VPW) corresponding to an electronic value specified by a user is acquired by the hash calculation, is stored in user'"'"'s mobile terminal. In the user authentication process; authentication apparatus generates a random number R and transmits it to mobile terminal, mobile terminal generates value authentication information (F(VPW′)) from authentication information (VPW′) corresponding to electronic value input by user, further executes a hash calculation on data wherein value authentication information (F(VPW′)) and the random number R are concatenated, generates authentication information (F(VPW′)∥R), transmits it to the authentication apparatus with the electronic value, authentication apparatus decrypts the received electronic value, extracts the value authentication information (F(VPW)) from the electronic value, executes the hash calculation on data wherein value authentication information (F(VPW)) and the random number R are concatenated, generates the authentication information (F(VPW)∥R), and collates the received authentication information (F(VPW′)∥R) with the authentication information (F(VPW)∥R), so that the user is authenticated.
190 Citations
21 Claims
-
1. An authentication method wherein:
-
a user owns an electronic value including encrypted value authentication information (F(VPW)) wherein authentication information (VPW) corresponding to said electronic value specified by said user is encoded by a first irreversible calculation process (F), in a process for authenticating said user as the right owner of said electronic value, an authentication side generates a random number (R) and transmits it to said user side, said user side generates value authentication information (F(VPW′
)) from said authentication information (VPW) corresponding to said electronic value input by said user, further generates authentication information (G(R,F(VPW′
))) wherein said random number (R) and said value authentication information (F(VPW′
)) are concatenated and encoded by a second irreversible calculation process (G) and transmits said electronic value and said authentication information (G(R,F(VPW′
))) to said authentication side,said authentication side decrypts code of said received electronic value, extracts said value authentication information (F(VPW)) from said electronic value, generates authentication information (G(R,F(VPW))) wherein said random number (R) and said value authentication information (F(VPW)) are concatenated and encoded by said second irreversible calculation process (G), collates said received authentication information (G(R,F(VPW′
))) with said generated authentication information (G(R,F(VPW))), verifies that they are identical, and authenticates user. - View Dependent Claims (2)
-
-
3. A mobile terminal wherein:
comprising storage means storing an electronic value, generating value authentication information (F(VPW′
)) wherein value authentication information (VPW′
) corresponding to said electronic value input by a user is encoded by a first irreversible calculation process (F), further generating a second random number (R2), said value authentication information (F(VPW′
)) and a first random number (R1) received from an authentication apparatus are concatenated, generating authentication information (G(R1,F(VPW′
))) by a second irreversible calculation process (G) on said concatenation , and transmitting said electronic value, said authentication information (G(R1,F(VPW′
))) and said second random number (R2) to said authentication apparatus, thereby authenticating said user to be the rightful owner of said electronic value.- View Dependent Claims (4, 5, 6)
-
7. An authentication apparatus characterized in:
-
generating a random number (R) and transmitting it to a mobile terminal, receiving authentication information (G(R,F(VPW′
))) and an electronic value from said mobile terminal,decrypting code of an encrypted part of said electronic value, and validating said electronic value, further extracting value authentication information (F(VPW)) from said electronic value, wherein the function (F) is a first irreversible calculation process, generating authentication information (G(R,F(VPW))) wherein said value authentication information (F(VPW)) and said random number (R) are concatenated and encoded by a second irreversible calculation process (G), and collating received authentication information (G(R,F(VPW′
))) with generated authentication information (G(R,F(VPW))), verifying that they are identical, thereby authenticating a user. - View Dependent Claims (8, 9, 10, 11)
-
-
12. An electronic value issuance server wherein:
-
extracting authentication information (VPW) corresponding to an electronic value specified by a user from electronic value issuance request received from said mobile terminal, generating value authentication information (F(VPW)) wherein said authentication information (VPW) corresponding to said electronic value is encoded by a first irreversible calculation process (F), generating an encryption key from data (H(F(VPW))) wherein said value authentication information (F(VPW)) is encoded by a third irreversible calculation process (H) and a master key, generating said electronic value with the use of said value authentication information (F(VPW)) and said generated encryption key, and transmitting said electronic value to said mobile terminal. - View Dependent Claims (14, 15, 16)
-
-
13. An electronic value issuance server wherein:
extracting authentication information (F(VPW)) corresponding to an electronic value specified by user, wherein authentication information (VPW) is encoded by a first irreversible calculation process (F), from electronic value issuance request message received from a mobile terminal, generating an encryption key from data (H(F(VPW))) wherein said value authentication information (F(VPW)) is encoded by a second irreversible calculation process (H) and a master key, generating said electronic value with the use of said value authentication information (F(VPW)) and said generated encryption key, and transmitting said electronic value to mobile terminal.
-
17. An authentication system, comprised of a mobile terminal managed by a user, an authentication apparatus and an electronic value issuance server, wherein:
-
said mobile terminal stores an electronic value received from said electronic value issuance server, said electronic value includes an encrypted value authentication information (F(VPW)) wherein authentication information (VPW) corresponding to said electronic value specified by said user is encoded by a first irreversible calculation process (F), in a process for authenticating said user to be the rightful owner of said electronic value, said authentication apparatus generates a random number (R) and transmits said random number to said mobile terminal, said mobile terminal generates value authentication information (F(VPW′
)) from authentication information (VPW′
) corresponding to said electronic value specified by said user,further generates authentication information (G(R,F(VPW′
))) wherein said value authentication information (F(VPW′
)) and said random number (R) are concatenated and encoded by a second irreversible calculation process (G), and transmits said electronic value and said authentication information (G(R,F(VPW′
))) to said authentication apparatus,said authentication apparatus decrypts code of received electronic said value, extracts value authentication information (F(VPW)) from said electronic value, generates authentication information (G(R,F(VPW))) wherein said value authentication information (F(VPW)) and said random number (R) are concatenated and encoded by said second irreversible calculation process (G), collates said received authentication information (G(R,F(VPW′
))) with said generated authentication information (G(R,F(VPW))), verifies that they are identical, and authenticates said user. - View Dependent Claims (18)
-
-
19. A lock apparatus wherein:
-
in issuance of an electronic key, an issuance function of said electronic key extracting value authentication information (F(VPW)) corresponding to said electronic key specified by a user, wherein authentication information (VPW) is encoded by a first irreversible calculation process (F), from an electronic key issuance request message received from a mobile terminal, generating an encryption key from data (H(F(VPW))) wherein said value authentication information (F(VPW)) is encoded by a second irreversible calculation process (H) and a master key, generating said electronic key with the use of said value authentication information (F(VPW)) and said generated encryption key, and transmits said encryption key to said mobile terminal, in authentication of said electronic key, an authentication function of said electronic key generating a random number (R) and transmitting said random number to said mobile terminal, receiving authentication information (G(R,F(VPW′
))) and said electronic key from said mobile terminal, decrypting code of an encrypted part of said electronic key, and validating said electronic key, further extracting said value authentication information (F(VPW)) from said electronic key, generating authentication information (G(R,F(VPW))) wherein said value authentication information (F(VPW)) and said random number (R) are concatenated and encoded by a third irreversible calculation process (G), and collating said received authentication information (G(R,F(VPW′
))) with said generated authentication information (G(R,F(VPW))), verifying that they are identical, thereby authenticating said user. - View Dependent Claims (20, 21)
-
Specification