Method of authentication at time of update of software embedded in information terminal, system for same and program for same
First Claim
1. A software update system of an information terminal comprising:
- an information terminal;
a software download server connected to the information terminal via a network, the software download server storing update software; and
a security unit communicable with the information terminal via a near field radio network,wherein the software download server creates a time-limited authentication key, computes a hash value of a file included in the update software for each file to create a hash table in which hash values of a file is listed, and encrypts the hash table using the authentication key,the security unit obtains the encrypted hash table and the authentication key from the software download server, andthe information terminal obtains the encrypted hash table from the security unit as a first table, obtains the authentication key from the security unit, determines whether or not a time limit of the authentication key is valid, obtains the encrypted hash table from the software download server as a second table if the time limit is determined to be valid, decrypts the first and second tables using the authentication key, compares the first and second tables after decryption, initiates download of the update software from the software download server if it is determined both the tables are identical to each other, computes a hash value of the downloaded update software as the download is completed, compares the computed hash value with the hash value in either the first or second table after the decryption, and permits activation of the downloaded update software if both hash values are identical to each other.
2 Assignments
0 Petitions
Accused Products
Abstract
A load on a server or a network is suppressed at a minimum, the authentication server is not necessary, and download of falsified software is prevented. A server creates a time-limited authentication key, computes a hash value of a file included in update software for each file to create a hash table in which hash values of a file are listed, and encrypts the hash table using the authentication key. A unit obtains the encrypted hash table and the authentication key from a server. An information terminal obtains the encrypted hash table from the unit, obtains the authentication key from the unit, determines whether or not a time limit of the authentication key is valid, obtains the encrypted hash table from the server if the time limit is determined to be valid as a result of the determination, decrypts the tables using the authentication key, compares the tables after decryption, and initiates download of the update software if both the tables are identical to each other.
-
Citations
10 Claims
-
1. A software update system of an information terminal comprising:
-
an information terminal; a software download server connected to the information terminal via a network, the software download server storing update software; and a security unit communicable with the information terminal via a near field radio network, wherein the software download server creates a time-limited authentication key, computes a hash value of a file included in the update software for each file to create a hash table in which hash values of a file is listed, and encrypts the hash table using the authentication key, the security unit obtains the encrypted hash table and the authentication key from the software download server, and the information terminal obtains the encrypted hash table from the security unit as a first table, obtains the authentication key from the security unit, determines whether or not a time limit of the authentication key is valid, obtains the encrypted hash table from the software download server as a second table if the time limit is determined to be valid, decrypts the first and second tables using the authentication key, compares the first and second tables after decryption, initiates download of the update software from the software download server if it is determined both the tables are identical to each other, computes a hash value of the downloaded update software as the download is completed, compares the computed hash value with the hash value in either the first or second table after the decryption, and permits activation of the downloaded update software if both hash values are identical to each other. - View Dependent Claims (2, 3)
-
-
4. An information terminal that updates software embedded therein, wherein the information terminal is configured to:
- obtain an encrypted hash table as a first table from a security unit communicable via a near field radio network, the encrypted hash table being created by a software download server by creating a time-limited authentication key, computing a hash value of a file included in the update software for each file to create a hash table in which hash values of a file are listed, and encrypting the hash table using the authentication key;
obtain the authentication key from the security unit;
determine whether or not a time limit thereof is valid;
obtain the encrypted hash table as a second table from the software download server via a network if the time limit is determined to be valid as a result of the determination;
decrypt the first and second tables using the authentication key;
compare the first and second tables after decryption with each other;
initiate download of the update software from the software download server via a network if both the tables are identical to each other;
compute a hash value of the downloaded update software as the download is completed;
compare the computed hash value with the hash value in either the first or second table after the decryption; and
permit activation of the downloaded update software if both hash values are identical to each other.
- obtain an encrypted hash table as a first table from a security unit communicable via a near field radio network, the encrypted hash table being created by a software download server by creating a time-limited authentication key, computing a hash value of a file included in the update software for each file to create a hash table in which hash values of a file are listed, and encrypting the hash table using the authentication key;
-
5. A method of updating software of an information terminal in a system, the system including the information terminal, a software download server that is connected to the information terminal via a network and stores update software, and a security unit communicable with the information terminal via a near field radio network, the method comprising:
-
the software download server creating a time-limited authentication key, computing a hash value of a file included in the update software for each file to create a hash table in which hash values of a file are listed, and encrypting the hash table using the authentication key; the security unit obtaining the encrypted hash table and the authentication key from the software download server; and the information terminal obtaining the encrypted hash table as a first table from the security unit, obtaining the authentication key from the security unit, determining whether or not a time limit of the authentication key is valid, obtaining the encrypted hash table as a second table from the software download server if the time limit is determined to be valid as a result of the determination, decrypting the first and second tables using the authentication key, comparing the first and second tables after decryption, initiating download of the update software from the software download server if both the tables are identical to each other, computing a hash value of the downloaded update software as the download is completed, comparing the computed hash value with the hash value in either the first or second table after the decryption, and permitting activation of the downloaded update software if both hash values are identical to each other. - View Dependent Claims (6, 7)
-
-
8. A method of updating software embedded in an information terminal, comprising:
- obtaining an encrypted hash table as a first table from a security unit communicable via a near field radio network, the encrypted hash table being created by a software download server by creating a time-limited authentication key, computing a hash value of a file included in the update software for each file to create a hash table in which hash values of a file are listed, and encrypting the hash table using the authentication key;
obtaining the authentication key from the security unit;
determining whether or not a time limit thereof is valid;
obtaining the encrypted hash table as a second table from the software download server via a network if the time limit is determined to be valid as a result of the determination;
decrypting the first and second tables using the authentication key;
comparing the first and second tables after decryption with each other;
initiating download of the update software from the software download server via a network if both the tables are identical to each other;
computing a hash value of the downloaded update software as the download is completed;
comparing the computed hash value with the hash value in either the first or second table after the decryption; and
permitting activation of the downloaded update software if both hash values are identical to each other.
- obtaining an encrypted hash table as a first table from a security unit communicable via a near field radio network, the encrypted hash table being created by a software download server by creating a time-limited authentication key, computing a hash value of a file included in the update software for each file to create a hash table in which hash values of a file are listed, and encrypting the hash table using the authentication key;
-
9. A non-transitory computer readable medium storing a software update program for updating software installed in an information terminal, the software update program causing a computer used as the information terminal to:
- obtain an encrypted hash table as a first table from a security unit communicable via a near field radio network, the encrypted hash table being created by a software download server by creating a time-limited authentication key, computing a hash value of a file included in the update software for each file to create a hash table in which hash values of a file are listed, and encrypting the hash table using the authentication key;
obtain the authentication key from the security unit;
determine whether or not a time limit thereof is valid;
obtain the encrypted hash table as a second table from the software download server via a network if the time limit is determined to be valid as a result of the determination;
decrypt the first and second tables using the authentication key;
compare the first and second tables after decryption with each other;
initiate download of the update software from the software download server via a network if both the tables are identical to each other;
compute a hash value of the downloaded update software as the download is completed;
compare the computed hash value with the hash value in either the first or second table after the decryption; and
permit activation of the downloaded update software if both hash values are identical to each other. - View Dependent Claims (10)
- obtain an encrypted hash table as a first table from a security unit communicable via a near field radio network, the encrypted hash table being created by a software download server by creating a time-limited authentication key, computing a hash value of a file included in the update software for each file to create a hash table in which hash values of a file are listed, and encrypting the hash table using the authentication key;
Specification