Password recovery system
First Claim
1. A password recovery system for re-supplying a password, said password recovery system comprising:
- a communication terminal device for receiving a predetermined service via a network using the password; and
a portable recording medium for storing the password, the portable recording medium being coupled to said communication terminal device,wherein said communication terminal device comprises;
a controller for receiving from an external communication terminal device a signed data set, based on an indication for recovering the password from a user of said communication terminal device when the user forgets the password, the external communication terminal device guaranteeing legitimacy of the user of said communication terminal device and generating the signed data set with a secret key, and for outputting to said portable recording medium the received signed data set when said portable recording medium is coupled to said communication terminal device, andwherein said portable recording medium comprises;
a memory for storing a public key corresponding to the secret key; and
a controller for inputting from said communication terminal device the signed data set, and for judging, using the public key and the signed data set, whether the signed data set is signed by the external communication terminal device, said judging being performed solely by said controller of said portable recording medium,wherein said controller of said portable recording medium recovers the same password as the password stored in said memory of said portable recording medium when it is judged that the signed data set is signed by the external communication terminal device, and outputs the recovered password to said communication terminal device, andwherein said controller of said portable recording medium does not recover the same password as the password stored in said memory of said portable recording medium when it is judged that the signed data set is not signed by the external communication terminal device.
3 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides a password recovery system that re-supplies a password to only the legitimate user of the password. The password recovery system includes a memory card with CPU and a mobile phone. When a password needs to be recovered, a phone call is made, to the mobile phone, from a telephone connected to a phone line whose phone number is registered in advance into the memory card with CPU. The mobile phone then obtains the telephone number of the phone line via a caller'"'"'s telephone number notifying service. It is judged whether the obtained telephone number and the registered phone number are the same, and when they are the same, the password stored in the memory card with CPU will be re-supplied so that the user can recover it.
-
Citations
12 Claims
-
1. A password recovery system for re-supplying a password, said password recovery system comprising:
-
a communication terminal device for receiving a predetermined service via a network using the password; and a portable recording medium for storing the password, the portable recording medium being coupled to said communication terminal device, wherein said communication terminal device comprises; a controller for receiving from an external communication terminal device a signed data set, based on an indication for recovering the password from a user of said communication terminal device when the user forgets the password, the external communication terminal device guaranteeing legitimacy of the user of said communication terminal device and generating the signed data set with a secret key, and for outputting to said portable recording medium the received signed data set when said portable recording medium is coupled to said communication terminal device, and wherein said portable recording medium comprises; a memory for storing a public key corresponding to the secret key; and a controller for inputting from said communication terminal device the signed data set, and for judging, using the public key and the signed data set, whether the signed data set is signed by the external communication terminal device, said judging being performed solely by said controller of said portable recording medium, wherein said controller of said portable recording medium recovers the same password as the password stored in said memory of said portable recording medium when it is judged that the signed data set is signed by the external communication terminal device, and outputs the recovered password to said communication terminal device, and wherein said controller of said portable recording medium does not recover the same password as the password stored in said memory of said portable recording medium when it is judged that the signed data set is not signed by the external communication terminal device. - View Dependent Claims (2, 3)
-
-
4. A communication terminal device for re-supplying a password to a user of the communication terminal device and for receiving a predetermined service via a network using the password, wherein a portable recording medium is coupled to said communication terminal device, the portable recording medium storing the password, and said communication terminal device comprising:
-
a controller for receiving from an external communication terminal device a signed data set, based on an indication for recovering the password from the user of said communication terminal device when the user forgets the password, the external communication terminal device guaranteeing legitimacy of the user of said communication terminal device and generating the signed data set with a secret key, and for outputting to the portable recording medium the received signed data set when the portable recording medium is coupled to said communication terminal device, wherein the portable recording medium comprises; a memory for storing the password and a public key corresponding to the secret key; and a controller for inputting from said communication terminal device the signed data set, and for judging, using the public key and the signed data set, whether the signed data set is signed by the external communication terminal device, said judging being performed solely by said controller of said portable recording medium, wherein the controller of the portable recording medium recovers the same password as the password stored in the memory of the portable recording medium when it is judged that the signed data set is signed by the external communication terminal device, and outputs the recovered password to said communication terminal device, and wherein the controller of the portable recording medium does not recover the same password as the password stored in the memory of the portable recording medium when it is judged that the signed data set is not signed by the external communication terminal device. - View Dependent Claims (5, 6, 7, 8)
-
-
9. A portable recording medium for being coupled to a communication terminal device for receiving a predetermined service via a network using a password and for re-supplying the password to a user of the communication terminal device, the communication terminal device receiving from an external communication terminal device a signed data set, based on an indication for recovering the password from the user of the communication terminal device when the user forgets the password, the external communication terminal device guaranteeing legitimacy of the user of the communication terminal device and generating the signed data set with a secret key, and for outputting to said portable recording medium the received signed data set when said portable recording medium is coupled to the communication terminal device, said portable recording medium comprising:
-
a memory for storing the password and a public key corresponding to the secret key; and a controller for inputting from the communication terminal device the signed data set, and for judging, using the public key and the signed data set, whether the signed data set is signed by the external communication terminal device, said judging being performed solely by said controller of said portable recording medium, wherein said controller recovers the same password as the password stored in said memory of said portable recording medium when it is judged that the signed data set is signed by the external communication terminal device, and outputs the recovered password to the communication terminal device, and wherein said controller does not recover the same password as the password stored in said memory of said portable recording medium when it is judged that the signed data set is not signed by the external communication terminal device. - View Dependent Claims (10, 11)
-
-
12. A password recovery method for re-supplying a password using a communication terminal device and a portable recording medium coupled to the communication terminal device, the communication terminal device receiving a predetermined service via a network using the password, and the portable recording medium storing the password, the method comprising:
-
receiving, at the communication terminal device, from an external communication terminal device a signed data set, based on an indication for recovering the password from a user of the communication terminal device when the user forgets the password, the external communication terminal device guaranteeing legitimacy of the user of the communication terminal device and generating the signed data set with a secret key; outputting, at the communication terminal device, to the portable recording medium the received signed data set when the portable recording medium is coupled to the communication terminal device; storing, at the portable recording medium, the password and a public key corresponding to the secret key; inputting, at the portable recording medium, from the communication terminal device the signed data set; and judging, at the portable recording medium, using the public key and the signed data set, whether the signed data set is signed by the external communication terminal device, said judging being performed solely by a controller the portable recording medium, wherein, when it is judged by said judging that the signed data set is signed by the external communication terminal device, the portable recording medium recovers the same password as the password stored in the memory of the portable recording medium, and outputs the recovered password to the communication terminal device, and wherein, when it is judged by said judging that the signed data set is not signed by the external communication terminal device, the portable recording medium does not recover the same password as the password stored in the memory of the portable recording medium.
-
Specification