TERMINAL AUTHENTICATION SYSTEM, SERVER DEVICE, AND TERMINAL AUTHENTICATION METHOD

US 20150350196A1
Filed: 05/14/2015
Published: 12/03/2015
Est. Priority Date: 05/27/2014
Status: Active Grant

First Claim

Patent Images

1. A terminal authentication system comprising:

a client terminal; and

a server device,wherein the client terminal and the server device are connected to each other through a network,wherein the client terminal includesa storage unit that stores secret information different for each client terminal and a client certificate including a hash value of the secret information which is derived from the secret information, anda first communication unit that transmits first information based on the secret information and the client certificate to the server device, andwherein the server device includesa second communication unit that receives the first information and the client certificate from the client terminal,a unidirectional function processing unit that derives a hash value from the secret information based on the first information, using a unidirectional function, andan authentication processing unit that authenticates the client terminal on the basis of the derived hash value and the hash value of the secret information which is included in the client certificate.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Provided is a terminal authentication system including a client terminal and a server device. The client terminal transmits first information based on secret information different for each client terminal and a client certificate including a hash value of the secret information which is derived from the secret information, to a server device. The server device receives the first information and the client certificate, derives a hash value from the secret information based on the first information using a unidirectional function, and authenticates the client terminal on the basis of the derived hash value and the hash value of the secret information which is included in the client certificate.

Citations

8 Claims

1. A terminal authentication system comprising:
- a client terminal; and
  
  a server device,wherein the client terminal and the server device are connected to each other through a network,wherein the client terminal includesa storage unit that stores secret information different for each client terminal and a client certificate including a hash value of the secret information which is derived from the secret information, anda first communication unit that transmits first information based on the secret information and the client certificate to the server device, andwherein the server device includesa second communication unit that receives the first information and the client certificate from the client terminal,a unidirectional function processing unit that derives a hash value from the secret information based on the first information, using a unidirectional function, andan authentication processing unit that authenticates the client terminal on the basis of the derived hash value and the hash value of the secret information which is included in the client certificate.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The terminal authentication system of claim 1,wherein the client certificate includes a public key of the client terminal,wherein the storage unit stores a secret key of the client terminal,wherein the server device includesa random number generation unit that generates a first random number sequence,a second data encryption unit that encrypts a first random number including the first random number sequence, using the public key of the client terminal which is included in the client certificate,wherein the second communication unit transmits the encrypted first random number to the client terminal,wherein the first communication unit receives the encrypted first random number from the server device,wherein the client terminal includesa first data decryption unit that decrypts the encrypted first random number using the secret key of the client terminal to thereby acquire the first random number, anda first data encryption unit that encrypts the secret information using the first random number,wherein the first communication unit transmits the encrypted secret information to the server device,wherein the second communication unit receives the encrypted secret information from the client terminal, andwherein the server device includes a second data decryption unit that decrypts the encrypted secret information using the first random number to thereby acquire the secret information.
  - 3. The terminal authentication system of claim 2,wherein the first data encryption unit encrypts the secret information using a public key of the server device and the first random number,wherein the first communication unit transmits the encrypted secret information to the server device,wherein the second communication unit receives the encrypted secret information from the client terminal, andwherein the second data decryption unit decrypts the encrypted secret information using a secret key of the server device and the first random number to thereby acquire the secret information.
  - 4. The terminal authentication system of claim 1, wherein the secret information includes a second random number sequence.
  - 5. The terminal authentication system of claim 1,wherein the first communication unit and the second communication unit communicate with each other through a secure communication path, andwherein the first information includes the secret information.
  - 6. The terminal authentication system of claim 1, wherein the client certificate includes at least one of identification information of the client terminal and authority information.

7. A server device which is connected to a client terminal through a network, the server device comprising:
- a communication unit that receives first information based on secret information different for each client terminal and a client certificate including a hash value of the secret information which is derived from the secret information, from the client terminal;
  
  a unidirectional function processing unit that derives a hash value from the secret information based on the first information, using a unidirectional function; and
  
  an authentication processing unit that authenticates the client terminal on the basis of the derived hash value and the hash value of the secret information which is included in the client certificate.

8. A terminal authentication method in a server device which is connected to a client terminal through a network, the terminal authentication method comprising:
- a step of receiving first information based on secret information different for each client terminal and a client certificate including a hash value of the secret information which is derived from the secret information, from the client terminal;
  
  a step of deriving a hash value from the secret information based on the first information, using a unidirectional function; and
  
  a step of authenticating the client terminal on the basis of the derived hash value and the hash value of the secret information which is included in the client certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Panasonic Intellectual Property Management Co., Ltd. (Panasonic Holdings Corporation)
Original Assignee
Panasonic Intellectual Property Management Co., Ltd. (Panasonic Holdings Corporation)
Inventors
Toyonaga, Saburo, Tanaka, Hiroyuki, Ike, Kenjiro, Matsuo, Masakatsu

Granted Patent

US 10,015,159 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/0823 using certificates cryptogr...

H04L 63/0876 based on the identity of th...

TERMINAL AUTHENTICATION SYSTEM, SERVER DEVICE, AND TERMINAL AUTHENTICATION METHOD

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

8 Claims

Specification

Solutions

Use Cases

Quick Links

TERMINAL AUTHENTICATION SYSTEM, SERVER DEVICE, AND TERMINAL AUTHENTICATION METHOD

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

8 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links