MEASURING APPARATUS AUTHENTIFICATION SYSTEM

PROBLEM TO BE SOLVED: To solve the problems that when adopting a method of executing authentification between components by writing a plurality of authentification keys on the components in advance, apparatus authentification can be executed even by combining components manufactured at different tim...

Full description

Saved in:
Bibliographic Details
Main Authors IGUCHI SHINYA, MATSUBARA YUKO, ONOZUKA AKIHIRO
Format Patent
LanguageEnglish
Japanese
Published 06.08.2015
Subjects
ADVERTISING
CODING OR CIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHERPURPOSES INVOLVING THE NEED FOR SECRECY
CRYPTOGRAPHY
DISPLAY
EDUCATION
ELECTRIC COMMUNICATION TECHNIQUE
ELECTRICITY
PHYSICS
SEALS
TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHICCOMMUNICATION
Online AccessGet full text

Cover

More Information
Summary:PROBLEM TO BE SOLVED: To solve the problems that when adopting a method of executing authentification between components by writing a plurality of authentification keys on the components in advance, apparatus authentification can be executed even by combining components manufactured at different time but when a leakage of a specific authentification key occurs, unauthorized access becomes possible by abusing the key if the authentification is successful by the key, and if an operating key is generated and set by a cheap portable terminal that cannot be mounted with a physical random number generator when starting operation, a key generation algorithm is leaked when the portable terminal is stolen, which allows an illegal person who acquires the algorithm to predict the operating key.SOLUTION: A flag for determining validity/invalidity of a manufacturing key is managed together with the manufactured key in one set, and when the manufactured key is leaked, the flag is set to be invalid. Inter-apparatus authentification is executed only by a valid manufactured key. Further, at the time of writing an operating key, random number is generated by a key management system and transmitted to a portable terminal, and the portable terminal generates the operating key on the basis of the random number and an ID of an apparatus, sets the key on the apparatus and invalidates the manufactured key when setting the operating key. 【課題】部品に事前に複数の認証鍵を書き込んで部品間で認証する方式を採用した場合、製造時期が異なる部品同士を組み合わせても機器認証は可能となるが、特定の認証鍵の漏洩が発生していた場合、その鍵で認証が成功すると、その鍵を悪用して部品へ不正アクセスが可能となる。また、運用開始時に物理乱数生成器を搭載できない安価な携帯端末で運用鍵を生成して設定すると、携帯端末の盗難時、鍵生成アルゴリズムが漏洩し、それを入手した不正者による運用鍵の予測が可能となる。【解決手段】製造鍵の有効無効判定フラグを製造鍵とセットで管理し、製造鍵が漏洩した時はそのフラグを無効にセットする。機器間認証は、有効な製造鍵のみで実施する。また、運用鍵書き込み時、鍵管理システムで乱数を生成し、携帯端末へ送信し、携帯端末はその乱数と機器IDから運用鍵を生成して機器へ設定し、設定時に製造鍵を無効化する。【選択図】図1
Bibliography:Application Number: JP20140016355