KEY MANAGEMENT DEVICE AND KEY MANAGING METHOD

• Main Authors: ENDO TAKEMI, ITO SHINPU, BABA KENJI, OIKAWA MITSUHIRO
• Format: Patent
• Language: English
• Published: 07.04.2011
• Subjects: CALCULATING; COMPUTING; COUNTING; ELECTRIC COMMUNICATION TECHNIQUE; ELECTRIC DIGITAL DATA PROCESSING; ELECTRICITY; PHYSICS; TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION

PROBLEM TO BE SOLVED: To provide a key management technology having resistance against the fraudulent acquisition of authentication information by spyware while securely managing a user's secret key. SOLUTION: The key management device comprises a key management server device and a secret key management device having a tamper resistant property. The secret key management device manages a user's secret key, and generates an electronic signature (S108). The key management server device determines whether a site of the site identification information of a service providing device received from a terminal device is a fraudulent site (S104). In user authentication (S105), the key management server device transmits temporary authentication information to the terminal device through a second communication means different from a communication means that is usually used in communication with the terminal device, receives response information corresponding to the temporary authentication information from the terminal device through the communication means, compares the received response information with the temporary authentication information when the former corresponds to the latter, and copes with the fraudulent acquisition of authentication information by spyware. COPYRIGHT: (C)2011,JPO&INPIT