Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-02-25
2003-11-25
Barron, Gilberto (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S156000, C713S171000, C713S170000, C713S176000, C380S046000, C380S030000, C380S282000, C705S067000, C705S072000
Reexamination Certificate
active
06654883
ABSTRACT:
This application is based on an application No. 10-043230 filed in Japan, the content of which is hereby incorporated by reference.
BACKGROUND OF THE INVENTION
(1) Field of the Invention
The present invention relates to a device authentication and encrypted communication system. Secure data communication takes place between one of a plurality of user devices and a system device, after each device has confirmed the legitimacy of the other.
(2) Description of the Related Art
Generally speaking, ensuring the security of valuable data during data communication is a serious problem. When transferring such data, it is essential to confirm that the receiver device is legitimate. In addition, the data needs to be protected from interception or tampering by a third party while being sent on communication paths.
A typical example of the kind of data communication system that attaches great importance to ensuring security is an automatic highway toll collecting system using radio communication.
Automatic Highway Toll Collecting System
The following is an explanation of a hypothetical automatic highway toll collecting system based on current thinking.
In this automatic highway toll collecting system, payment of highway usage charges, or tolls, is made by radio communication between an onboard device installed in a vehicle and roadside devices located at each highway entrance and exit toll gate.
The onboard device uses a removable IC (Integrated Circuit) card. This functions as a prepaid card, on which balance information showing a certain sum of money is recorded.
At a highway entrance gate (hereinafter referred to as an entrance gate) an onboard device transmits an onboard device ID to a roadside device by radio. The roadside device then sends entrance information, including a gate ID, entrance time and the like, to the onboard device. The onboard device receives the entrance information from the roadside device and records it on the IC card.
Conversely, at a highway exit gate (hereinafter referred to as an exit gate) an onboard device transmits entrance information and balance information to a roadside device by radio. The roadside device then calculates the highway toll based on the received entrance information, subtracts the toll from the received balance information and updates the balance information. The updated balance information is then transmitted to the onboard device by radio.
It should be noted that the automatic highway toll collecting system is assumed to contain several million cars and several thousand roadside devices. Furthermore, radio communication between onboard devices and roadside devices is possible over a range of several tens of meters, so that vehicles having an onboard device do not need to stop at entrance or exit gates in order to pay tolls or similar. As a result, traffic congestion in the vicinity of such gates can be reduced.
This kind of automatic highway toll payment system would naturally need to achieve error-free high speed communication in order to operate successfully. However, the following security issues also need to be resolved.
Firstly, a roadside device must confirm that an onboard device is legitimate. A roadside device needs to recognize immediately that a communication from a bogus onboard device is fake, so that countermeasures, such as barring the gate or recording the numberplate of the offending vehicle while photographing the driver, can be taken.
On the other hand, the onboard device also needs to confirm that the roadside device is legitimate. Attempts to make illegal profit, occurring when a bogus roadside device communicates with an onboard device, need to be prevented One example of such an attempt is altering the entrance information recorded inside the IC card, so that the toll paid is for a shorter distance than the actual distance traveled.
Furthermore, the content of radio communication between an onboard device and a roadside device must not be vulnerable to interception and misuse by a third party.
Ensuring Data Communication Security by Using Shared Secret Information
The above-mentioned security issues can be resolved by using widely-known device authentication and encrypted communication techniques when performing data transfer by radio between an onboard device and a roadside device.
For example, a certain secret key encryption algorithm and certain secret information may be shared between the onboard device and the roadside device. This secret information is conventionally known as an encryption key or a decryption key. If the secret key encryption algorithm and the secret information are shared between the onboard device and the roadside device, they can be used to perform mutual device authentication, to encrypt data before transmission and to decrypt data after reception.
Here, encryption and decryption based on a secret key encryption algorithm requires a comparatively smaller computational ability than a public key encryption algorithm, making high-speed processing possible. As a result, encrypted communication based on a secret key encryption algorithm is effective in an automatic highway toll collecting system that collects tolls automatically without requiring vehicles to stop.
However, since the automatic highway toll collecting system described above has a plurality of onboard devices, each must be provided with unique secret information. The reason for this is as follows, Assume that an onboard device A and an onboard device B have the same secret information. Should a third party somehow manage to obtain the secret information of onboard device A and use it to produce a bogus onboard device A′, attempts to exclude bogus onboard device A′ from the system by using a list will result in the simultaneous exclusion of the legitimate onboard device B.
Problems
Here, if the secret information differs for each onboard device, the question of how a roadside device is to obtain the secret information of every onboard device becomes a problem.
One possible method is to store information corresponding to the IDs and secret information of all of the onboard devices in advance in the roadside devices. However, if this method is used, updating the storage content of the several thousand roadside devices existing in the system is extremely troublesome. Also, the method has a weakness in that the secret information in all of the onboard devices will be exposed in the event of one of the roadside devices being analyzed by a third party.
Another method involves deriving the secret information for an onboard device from a secret function f in the onboard device ID. The value of this function f (ID) is recorded in the onboard device, and the roadside device possesses the same function, so that a method in which the roadside device receives notice of the onboard device ID, from which it then derives the secret information, can be envisaged. However, this method has a drawback in that, if a roadside devices is analyzed by a third party, the function f will be exposed, which results in the secret information in all of the onboard devices being compromised.
It should be noted that these problems are not peculiar to an automatic highway toll collecting system. Similar problems will also be apparent in any system in which the need to ensure security of data communication between one of a plurality of user devices and one of a plurality of system devices produces a system that requires secret data to be shared between user devices and system devices.
SUMMARY OF THE INVENTION
The present invention is designed to overcome the above problems, and relates to device authentication and encrypted communication occurring between a user device and a system device. The first objective or the invention is to provide a device authentication and encrypted communication system having a security function which maintains a high security level for communication even when illegal intrusion and analysis threaten the system device. Furthermore, when this kind of device authentication and encrypted communication uses encryption and decryp
Barron Gilberto
Callahan Paul E.
LandOfFree
Device authentication and encrypted communication system... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Device authentication and encrypted communication system..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Device authentication and encrypted communication system... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3167173