The present invention relates to a user authentication apparatus and a user authentication method used for authenticating a user.
As a user authentication method widely popularized, it is known to make a user input his/her own user ID and password at the time of performing user authentication and to check if the user is a regular user by confirming whether the inputted password and user ID correspond to a registered personal identification number or not. However, in such system where a fixed password itself is input, there is a danger of authenticating a third person instead of the regular user if the password is looked by the third person when the user inputs the password.
In order to solve the above problem, a system is disclosed in Japanese Unexamined Patent Publication No. 2000-305899, where a user authentication apparatus and system making a user register not a password but a formula is disclosed. FIG. 2 shows a structure of the conventional user authentication apparatus shown in Japanese Unexamined Patent Publication No. 2000-305899. In FIG. 2, a user authentication apparatus 1, a terminal 2 provided in the user authentication apparatus 1, a management means 10, a registration renewal means 11, a random number generating means 12, a specifying means 13, a calculation means 14 and a judging means 15 are shown.
Now, operations will be explained. In the user authentication apparatus 1, the registration renewal means 11 receives a formula inputted from the terminal 2 and registers the formula into the management means 10, with having correspondence to a user ID. Thus, a corresponding relation between the user ID and the formula corresponding to the user authentication object is registered in the management means 10. When a request for user authentication is issued after the management means 10 receives the managed data, the specifying means 13 specifies a formula corresponding to the user ID based on the managed data of the management means 10. On the other hand, the random number generating means 12 generates a random number, displays it on the display screen of the terminal apparatus 2, and notifies the generated random number to the calculation means 14.
Then, the calculation means 14 computes a numerical value used for user authentication, based on the random number generated by the random number generating means 12 and the formula specified by the specifying means 13. The judging means 15 executes the user authentication by judging whether a numerical value inputted through the terminal 2 in response to the random number presented by the random number generating means 12 coincides with the numerical value computed by the calculation means 14.
According to the conventional system, since the random number presented to a user varies at every authentication, it is impossible for a malicious third person to be authenticated by stealing a look at a numerical value itself to be input and pretending to be a regular user by means of using the numerical value. However, since a formula is used as a password for authenticating a user, it is a heavy load for the user to use a complicated formula as the password. On the other hand, using a simple formula as a password will have more danger of the formula being guessed by the third person. In addition, since the formula used for a password does not change at every authentication, if the authentication is repeatedly executed in front of the same third person, the danger of the password being guessed will become larger. Moreover, it is also a load for the user to necessarily memorize a formula unlike the widely popularized password composed of a character queue or numbers.
The present invention aims to solve the above problems. It is an object of the present invention to provide a user authentication apparatus and a user authentication method of high security where a widely popularized password composed of characters or numbers is used, there is little load for the user at the time of authentication, and the danger of a password being guessed by a third person is low even when an input value is looked by the third person at the time of authentication.
According to the present invention, an authentication system including a terminal apparatus which a user utilizes and an authentication apparatus which communicates with the terminal apparatus and performs user authentication to the user, comprises:
According to the present Embodiment, the memory part 104 is composed of a nonvolatile memory and can be attached/detached to/from the terminal apparatus 101. According to the present Embodiment, the management part 107 is composed of a hard disk apparatus, relates a user password with a user ID, and memorizes them. The random number generating part 108 generates a ten-digit random number. Concretely, according to the present invention, the random number generating part 108, the calculation part 109, and the judging part 110 are realized by programs. These programs are stored in a hard disk apparatus, a nonvolatile memory, a flexible disk, etc., and loaded onto the server apparatus 106 from them to be executed on CPU.
The communication part 105 of the terminal apparatus 101 and the communication part 111 of the server apparatus 106 are linked through a network, such as radio communication, cable communication, and the Internet.
Now, operations will be explained. First, operations at the time of performing user authentication from the terminal apparatus 101 to the server apparatus 106 will be explained.
First, when a user performs authentication using the terminal apparatus 101, an authentication request including a user ID and an authentication type being authentication for the terminal apparatus 101 or being authentication for the server apparatus 106 is received from the input part 103 (S101). It is checked whether the received authentication request is to the terminal apparatus 101 or to the server apparatus 106 (S102). When the authentication request is to the server apparatus 106, the authentication request including the user ID is transmitted to the server apparatus 106 through the communication part 105 (S103). Then, the terminal apparatus 101 receives a set of random numbers for the authentication request transmitted through the communication part 105, from the server apparatus 106 (S104) and displays one random number in the received set of random numbers, on the display part 102 (S105). An input numerical value (response value) which the user input in response to the random number displayed on the display part 102 is received from the input part 103 (S106). It is checked whether all the random numbers received from the server apparatus 106 have been displayed on the display part 102 or not (S107). When there is a random number not having been displayed yet, the processing from S105 is repeated. When all the random numbers have been displayed, input numerical values (response value) inputted by the user are transmitted to the server apparatus 106 through the communication part 105 (S108) and an authentication result is received through the communication part 105 (S109). Checking the received authentication result (S110), only when the authentication result indicates authentication success, all the random numbers having been used for the authentication and the input numerical values corresponding to the random numbers are stored in the memory part 104 (S111). Then, the authentication result received from the server apparatus 106 is displayed on the display part 102 (S112) to finish the authentication processing.
On the other hand, when the received authentication request is to the terminal apparatus 101 at S102, it is checked whether random numbers and input numerical values corresponding to the random numbers are stored in the memory part (random number response value memory part) 104 or not (S113). When the random numbers and the input numerical values corresponding to the random numbers are not stored in the memory part 104, the authentication request including the user ID is transmitted to the server apparatus 106 through the communication part 105 (S103).
When the random numbers and the input numerical values corresponding to the random numbers are stored in the memory part 104, one random number in the set of the random numbers stored in the memory part 104 is displayed on the display part 102 (S114). An input numerical value (response value) which the user input in response to the random number displayed on the display part 102 is received through the input part 103 (S115). It is checked whether all the random numbers stored in the memory part 104 have been displayed on the display part 102 or not (S116). Then, when there is a random number not having been displayed yet, the processing from S114 is repeated. When all the random numbers have been displayed, the judging part (terminal side authentication judging part) 112 compares all the input numerical values received through the input part 103 with all the input numerical values stored in the memory parts 104, and checks whether both of them coincide or not. (S117). When both of them coincide, success of the authentication is displayed on the display part 102 (S118) to finish the authentication processing. On the other hand, when the input numerical values do not coincide, failure of the authentication is displayed on the display part 102 (S119) to finish the authentication processing.
First, an authentication request including a user ID is received from the terminal apparatus 101 (S201). Then, it is checked whether the user ID included in the received authentication request has been registered in the management part 107 or not (S202). When the user ID has been registered in the management part 107, a password stored to be corresponding to the user ID is extracted (S203). On the other hand, when the user ID has not been registered in the management part 107, failure of the authentication is stored in the judging part 110 (S204). Next, in the random number generating part 108, random numbers needed for authenticating the user are generated (S205). According to Embodiment 1, since authentication is performed by using four input numerical values, four random numbers are generated for one authentication. A set of generated random numbers is transmitted to the terminal apparatus 101 through the communication part 111 (S206). Then, input numerical values (response value) are received from the terminal apparatus 101 (S207), and it is checked whether failure of the authentication has been recorded in the judging part 110 or not (S208). When failure of the authentication has not been recorded in the judging part 110, numerical values (authentication value) to be used for the authentication are calculated by the calculation part 109 (S209) and it is checked whether they coincide with the received input numerical value or not (S210). At the check of S210, when the input numerical values (response value) received from the terminal apparatus 101 coincide with the numerical values (authentication value) calculated by the calculation part 109, success of the authentication is transmitted to the terminal apparatus 101 as a result of the authentication (S211). On the other hand, at the check of S210, when the input numerical values (response value) received from the terminal apparatus 101 do not coincide with the numerical values (authentication value) calculated by the calculation part 109, failure of the authentication is transmitted to the terminal apparatus 101 as a result of the authentication (S212). In addition, at the check of S208, when failure of authentication is stored in the judging part 110, the failure of authentication stored in the judging part 110 is cleared and failure of the authentication is transmitted to the terminal apparatus 101 as a result of the authentication (S212).
When starting authentication, a user inputs a user ID into the user ID input field 202 of the user ID input screen 201 through the input part 103. In the case of performing an authentication request to the terminal apparatus 101, the authentication request including the user ID to the terminal apparatus 101 can be received at S101, by operating the log-in button 203. In the case of performing an authentication request to the server apparatus 106, the authentication request including the user ID to the server apparatus 106 can be received at S101 by operating the server log-in button 204.
According to Embodiment 1, a character queue of a plurality of digits (in the present Embodiment, a four-digit number queue) is registered as a password for each user. In the server apparatus 106, the random number generating part 108 generates a random number for each digit of the password, transmits the random number generated for each digit to the terminal apparatus 101, and transmitted random numbers are displayed on the display part 102.
The user inputs a calculation result obtained by using the random number displayed in 302, as an input numerical value, into the input field 303 through the input part 103 with respect to each of four numbers composing the password from the most significant digit in order. In calculating input numerical values, the user uses one number in one digit of the password and one random number displayed in 302 so as to calculate one input numerical value. Concretely, among numbers included in the random number, a number placed at a digit-position concerning a number of the password for which an input numerical value is being calculated, is added to the number of the password to obtain a total numerical value Then, only a numerical value in the ones place is input into the input field 303. In addition, according to the present Embodiment, after inputting a numerical value concerning the first digit, the next random number is displayed in the display part. Thus, the user repeats the input processing for each digit of the password until finishing inputting a calculation value concerning the last digit of the password.
For example, in the case that the password is “2085” and the random number displayed first is “3681350952”, the value “2” which is in the most significant digit in the password is added to the value “6” which is in the 2nd digit from the most significant digit in the random numbers, and the first input value becomes “8” which is a value in the ones place of the added total value “8”.
On the other hand, in the server apparatus 106 according to the Embodiment 1, at S209, the calculation part (authentication value calculation part) 109 calculates for each digit of the password an authentication value which is used for authentication, by using the following formula:
Ans[i]=((Rand[i]/10(10−Pass[i]))%10+Pass[i])%10
In the case of calculating the first input value by applying the formula to the example of the above-stated random numbers, they become i=1, Rand[1].=3681350952, and Pass[1]=2.
Ans[1]=((3681350952/10(10−2))%10+2)%10=8
Thus, Ans[1].=8. At S210, the judging part (authentication judging part) 110 of the server apparatus 106 compares the authentication value Ans[i] used for authentication with the input numerical value (response value) from the terminal apparatus 101 with respect to each digit of the password, and judges whether the authentication is to be permitted or not by checking if both of them coincide or not.
Thus, according to Embodiment 1, a numerical value to be input into the input part 103 of the terminal apparatus 101 is not the password itself but a value in the ones place of a total obtained by adding a number in the password to a numerical value in the displayed random numbers which is located at a digit-position indicated by the number in the password. Therefore, even when the input value at the time of authentication is looked by a third person, the danger that the password is guessed and unjustly used for authentication can be reduced. In addition, although the password is a four-digit number according to the Embodiment 1, the password is not restricted to four digits.
Moreover, the maximum of the number of times of authentication failure is not settled in Embodiment 1. However, it is also acceptable to reject to receive authentication any more when failure of authentication is repeated more than the number of times prescribed beforehand. In this case, an area for memorizing the number of times of authentication failure is provided in the memory part 104 in the terminal apparatus 101. Then, when authentication succeeds at S110 and S117, 0 is set to the number of times of authentication failure in the memory part 104, and when authentication fails at S117, one is added to the number of times of authentication failure in the memory part 104. Then, when the number of times of authentication failure becomes more than the number of times prescribed beforehand, if random numbers and input values for the random numbers have been memorized in the memory part 104, these numbers are deleted. In the server apparatus 106, an area for memorizing the number of times of authentication failure relating to a user ID for every user is provided in the management part 107. Then, when authentication succeeds at S210, 0 is set to the number of times of authentication failure of the user in the management part 107, and when authentication fails at S210, one is added to the number of times of authentication failure of the user in the management part 107. When it is checked whether the user ID included in the authentication request received at S202 is registered in the management part 107 or not, if the number of times of authentication failure of this user becomes more than the number of times prescribed beforehand, failure of authentication is transmitted to the terminal apparatus 101, as an authentication result at S212.
By dint of this, it is possible to prevent a malicious third person from unjustly executing authentication by checking all possibilities even if the password is unknown to the third person.
In Embodiment 1, an input value is calculated by using a calculation value in the ones place of a total obtained by adding a number in the password to a value in the displayed random numbers which is located at a digit-position indicated by the number in the password. At the time of an input value being input, simultaneously the input value is expressed as * in the input field 303 and the challenge value 302 displayed in the display part 102 is updated to be random numbers for the next password. Therefore, even if a value itself in the displayed random numbers which is located at a digit-position indicated by a number in the password is used as the input value, the danger of the password being guessed and unjustly used for authentication can be reduced even when the input value at the time of authentication is looked by a third person.
In Embodiment 1, a value in the ones place of a total obtained by adding a number in the password to a value in the displayed random numbers which is located at a digit-position indicated by the number in the password is used as a calculation value. However, instead of adding the number of the password, it is also acceptable to use a calculation value obtained by adding either one number in the numbers composing the password.
Also in this case, a four-digit number is registered as a password for each user. The user inputs a calculation result obtained by using the random number displayed in 402, as an input numerical value, into the input field 403 through the input part 103, with respect to each of four numbers composing the password from the most significant digit in order. In calculating input numerical values, the user uses the password and one random number displayed in 402 so as to calculate one input numerical value. Concretely, among numbers included in the random number, a number placed in a digit-position corresponding to a number of the password for which an input numerical value is being calculated, is added to a number of the password which is located at the same digit-position if the four-digit password is repetitiously arranged in blank spaces, to obtain a total numerical value Then, only a numerical value in the ones place of the total numerical value is input into the input field 403.
For example, in the case that the password is “2085” and the random number displayed first is “3681350952”, the first input value becomes “6” by adding the value “6” which is the 2nd digit from the most significant digit in the random numbers to the value “0” which is the 2nd digit from the most significant digit in the password.
On the other hand, in the above case, a value to be used for authentication can be calculated at S209 in the server apparatus 106 by using the following formula:
Ans[i]=((Rand[i]/10(10−Pass[i]))%10+Pass[Pass[i]%4])%10
In the case of applying the formula to the example of the above-stated random number at the first digit, they become i=1, Rand[1]=3681350952, Pass[1]=2. and Pass[2]=0.
Ans[1]=((3681350952/10(10−2))%10)+0=6
Thus, Ans[1].=6. At S210, the judging part (authentication judging part) 110 of the server apparatus 106 compares the authentication value Ans[i] used for authentication with the input numerical value (response value) from the terminal apparatus 101 with respect to each digit of the password, and judges whether the authentication is to be permitted or not by checking if both of them coincide or not.
Thus, according to the present Embodiment, a numerical value to be input into the input part 103 of the terminal apparatus 101 is not the password itself but a value in the ones place of a total obtained by adding a value in the displayed random number which is located at a digit-position indicated by a number in the password, to either one number in the numbers composing the password. Therefore, even when the input value at the time of authentication is looked by a third person, the danger that the password is guessed and unjustly used for authentication can be reduced.
As mentioned above, a numerical value to be input into the input part of the terminal apparatus is not a password itself, and user authentication can be performed by using a value obtained based on the password and the random number displayed in the terminal apparatus. Therefore, even when the input value at the time of authentication is looked by a third person, the danger that the password is guessed and unjustly used for authentication can be reduced. For the user, it is possible to use a password having the same form as the conventional one, and to utilize an authentication system having higher security than the conventional authentication method, by only performing a simple calculation based on the password, in response to random numbers changing at every authentication, without needing a special authentication device.
In the above Embodiment 1, one random number is used as a challenge value when an input numerical value is calculated from one digit of a password. Next, an Embodiment in which a plurality of random numbers is used as a challenge value for each digit of the password will be described. An example where two random numbers are used as a challenge value for each digit of a password will be described below. A group of a plurality of random numbers for each digit of a password is called a random number group. According to the present Embodiment, a eight-digit number is used as a password, eight input numerical values are inputted at the time of authentication for the server apparatus, and five input numerical values are inputted at the time of authentication for the terminal apparatus.
According to the present Embodiment, the memory part 504, the conversion part 505, and the judging part 506 are installed in an IC card 514, and concretely realized by programs. These programs are stored in a flash memory in the IC card and executed by CPU in the IC card. In addition, the IC card can be attached/detached to/from the terminal apparatus 501.
According to the present Embodiment, the management part 509 is composed of a hard disk apparatus, relates a user password with a user ID, and memorizes them.
The random number generating part 510 generates a ten-digit random number where no number at each digit is in duplicate.
Concretely, according to the present invention, the random number generating part 510, the calculation part 511, and the judging part 512 are realized by programs. These programs are stored in a hard disk apparatus, a nonvolatile memory, a flexible disk, etc., and loaded onto the server apparatus 508 from them to be executed on CPU.
The communication part 507 of the terminal apparatus 501 and the communication part 513 of the server apparatus 508 are linked through a network, such as radio communication, cable communication, and the Internet.
Now, operations will be explained. First, operations at the time of performing user authentication from the terminal apparatus 501 to the server apparatus 508 will be explained.
First, when a user performs authentication using the terminal apparatus 501, an authentication request including a user ID and an authentication type being authentication for the terminal apparatus 501 or being authentication for the server apparatus 508 is received from the input part 503 (S301). Next, it is checked whether the received authentication request is to the terminal apparatus 501 or to the server apparatus 508 (S302). When the authentication request is to the server apparatus 508, the authentication request including the user ID is transmitted to the server apparatus 508 through the communication part 507 (S303). Then, the terminal apparatus 501 receives a set of random number groups in response to the authentication request transmitted through the communication part 507, from the server apparatus 508 (S304) and displays a random number group (a set of two random numbers) in the received set of random number groups on the display part 502 (S305). An input numerical value (response value) which the user input in response to the random number group displayed on the display part 502 is received from the input part 503 (S306). It is checked whether all the random number groups received from the server apparatus 508 have been displayed on the display part 502 or not (S307). When there is a random number group not having been displayed yet, the processing from S305 is repeated. On the other hand, when all the random number groups have been displayed, input numerical values (response values) inputted by the user are transmitted to the server apparatus 508 through the communication part 507 (S308) and an authentication result is received through the communication part 507 (S309). Checking the received authentication result (S310), only when the authentication result indicates authentication success, a part of random number groups having been used for the authentication and the input numerical values corresponding to these random number groups are stored in the memory part 504 (S311). Then, the authentication result received from the server apparatus 508 is displayed on the display part 502 (S312) to finish the authentication processing.
On the other hand, when the received authentication request is to the terminal apparatus 501 at S302, it is checked whether the random number groups and input numerical values corresponding to them are stored in the memory part 504 or not (S313). When the random number groups and the input numerical values corresponding to them are not stored in the memory part 504, the authentication request including the user ID is transmitted to the server apparatus 508 through the communication part 507 (S303).
On the other hand, when the random number groups and the input numerical values corresponding to them are stored in the memory part 504, after converting these numerical values on the memory part 504 by the conversion part (random number change part) 505 (S314), one random number group (a set of two random numbers) in the set of the converted random number groups (random number groups whose random numbers have been changed) stored in the memory part 504 is displayed on the display part 502 (S315). Then, an input numerical value (response value) which the user input in response to the random number group displayed on the display part 502 is received through the input part 503 (S316). It is checked whether all the random number groups stored in the memory part 504 have been displayed on the display part 502 or not (S317). Then, when there is a random number group not having been displayed yet, the processing from S315 is repeated. On the other hand, when all the random number groups have been displayed, the judging part (terminal side authentication judging part) 506 checks whether or not all the input numerical values received through the input part 503 coincide with all the input numerical values (authentication values) stored in the memory parts 504 (S318). When all of them coincide, success of the authentication is displayed on the display part 502 (S319) to finish the authentication processing. On the other hand, when the input numerical values do not coincide, failure of the authentication is displayed on the display part 502 (S320) to finish the authentication processing.
First, an authentication request including a user ID is received from the terminal apparatus 501 (S401). Then, it is checked whether the user ID included in the received authentication request has been registered in the management part 509 or not (S402). When the user ID has been registered in the management part 509, a password stored to be corresponding to the user ID is extracted (S403). On the other hand, when the user ID has not been registered in the management part 509, failure of the authentication is stored in the judging part 512 (S404). Next, in the random number generating part 510, random number groups, the number of which is needed for authenticating the user, are generated (S405). According to server authentication of Embodiment 2, since the authentication is performed by using eight input numerical values, sixteen random numbers (eight random number groups) are generated for performing authentication once. A set of generated random number groups is transmitted to the terminal apparatus 501 through the communication part 513 (S406). Then, in response to them, input numerical values (response values) are received from the terminal apparatus 501 (S407), and it is checked whether failure of the authentication has been recorded in the judging part 512 or not (S408). When failure of the authentication has not been recorded in the judging part 512, authentication values to be used for the authentication are calculated by the calculation part 511 (S409). Then, the authentication value is compared with the received input numerical value, for each digit of the password, and both of them are checked whether they coincide or not (S410). At the check of S410, when the input numerical values received from the terminal apparatus 501 coincide with the authentication values calculated by the calculation part 511, success of the authentication is transmitted to the terminal apparatus 501 as a result of the authentication (S411). On the other hand, at the check of S410, when the input numerical values received from the terminal apparatus 501 do not coincide with the authentication values calculated by the calculation part 511, failure of the authentication is transmitted to the terminal apparatus 501 as a result of the authentication (S412). In addition, at the check of S408, when failure of authentication is stored in the judging part 510, the failure of authentication stored in the judging part 512 is cleared and failure of the authentication is transmitted to the terminal apparatus 501 as a result of the authentication (S412).
At the time of performing authentication from the user at the terminal apparatus 501, the user ID input screen 201 shown in
When starting authentication, a user inputs a user ID into the user ID input field 202 of the user ID input screen 201 displayed on the display part 502. In the case of performing an authentication request to the terminal apparatus 501, the authentication request including the user ID to the terminal apparatus 501 can be received at S301, by operating the log-in button 203. By operating the server log-in button 204, the authentication request including the user ID to the server apparatus 508 can be received at S301
In
According to Embodiment 2, a number queue of a eight-digit number is registered as a password for each user. In the server apparatus 508, the random number generating part 510 generates a random number group for each digit of the password, transmits the random number group generated for each digit to the terminal apparatus 501, and transmitted random number groups are displayed on the display part 502. The user inputs a calculation result obtained by using the random numbers displayed in 602, as an input numerical value, into the input field 603 through the input part 503, with respect to each of eight numbers composing the password from the most significant digit in order. In calculating input numerical values, the user uses two numbers in two digits of the password and two random numbers displayed in 602 so as to calculate one input numerical value. Concretely, a number in the numbers composing the challenge value 1, which is located at a digit-position indicated by the number in the password for which an input numerical value is being calculated, is added to a number in the numbers composing the challenge value 2, which is located at a digit-position indicated by the next number in the password to obtain a total numerical value. Then, only a numerical value in the ones place of the total is input into the input field 603. In addition, according to the present Embodiment, after inputting a numerical value concerning the first digit, the next random number group is displayed on the display part. The user repeats the input processing for each digit of the password until finishing inputting a calculation value concerning the last digit of the password. For the last digit of the password, the first digit of the password is used as a next digit number.
For example, in the case that the password is “20851212”, the displayed challenge value 1 is “3681350952”, and the displayed challenge value 2 is “2946312548”, because the 1st digit from the most significant digit in the password is “2” and the value at the next digit-position in the password is “0”, the value “6” which is at the 2nd digit from the most significant digit in the challenge value 1 is added to the value “8” which is at the 10th digit from the most significant digit in the challenge value 2, and the first input value becomes “4” which is a value in the ones place of the total “14”.
On the other hand, in the server apparatus 508 according to the Embodiment 2, at S409, the calculation part (authentication value calculation part) 511 calculates for each digit of the password an authentication value which is used for authentication, based on the input numerical value received from the terminal apparatus 501, by using the following formula:
Ans[i]=((Rand1[i]/10(10−Pass[i]))%10+(Rand2[i]/10(10−Pass[i+1]))%10)%10
In the case of calculating the first input value by applying the formula to the example of the above-stated random numbers, they become i=1, Rand[1].=3681350952, Rand2[1]=2946312548, Pass[1]=2, and Pass[2]=10.
Thus, Ans[1]=4. At S410, by comparing the authentication value Ans[i] used for authentication with the input numerical value (response value) from the terminal apparatus 501 with respect to each digit of the password, and by checking whether both of them coincide or not, it is judged if the authentication is to be permitted or not.
In
In Embodiment 2, when the authentication for the server is successful, each first five values in the eight challenge values 1, the eight challenge values 2 and the eight input numerical values used for the authentication are memorized in the memory part 504.
When authentication for the terminal is requested, the conversion part (random number change part) 505 executes conversion of the challenge value 1, the challenge value 2, and the input numerical value memorized in the memory part 504, at S314.
The first one set of challenge value 1, challenge value 2, and input numerical value which have not been converted is extracted from the memory part 504 (S501), and a matrix C of 10×10, whose element is Cij=(chg1i+chg2j)%10 which is a total of numbers of the challenge value 1 and the challenge value 2 at each digit, is generated (S502). i and j are integers from 1 to 10.
Next, by converting each element of matrix C to 1 when each element is equal to the input numerical value and by converting each element of matrix C to 0 when each element is not equal to the input numerical value, a matrix C′ of 10×10 is generated (S503).
In the integers from 0 to 9, an arbitrary numerical value is determined as a new input numerical value N (authentication value) and rewritten to the memory part 504 (S504).
Then, a new challenge value 1 is calculated based on the following matrix calculation formula (S505).
CH1′=C′×CH1+[N−1,N−1,N−1,N−1,N−1,N−1,N−1,N−1,N−1,N−1]
Next, a new challenge value 2 is calculated based on the following formula (S506).
CH2i=(11−CH1i)%10
After rewriting these new generated challenge values into the memory part 504, it is checked whether all the groups of the challenge value 1, the challenge value 2, and the input numerical value memorized in the memory part 504 have been converted or not (S508). When all the groups have been converted, it goes to end, and if there is a group which has not been converted yet, the processing from S501 will be repeated.
For example, in the case that the first two digits of a password are “20”, the challenge value 1 is “3681450972” and the challenge value 2 is “2946317508”, because the 1st digit from the most significant digit in the password is “2” and the value at the 2nd digit-position in the password is “0”, the value “6” which is at the 2nd digit from the most significant digit in the challenge value 1 is added to the value “8” which is at the 10th digit from the most significant digit in the challenge value 2, and the first input value becomes “4” which is a value in the ones place of the total “14”.
Thus, according to Embodiment 2, a numerical value to be input into the input part 503 of the terminal apparatus 501 is not the password itself but a value in the ones place of a total obtained by adding numbers in the displayed two random numbers, which are located at digit-positions indicated by each of two digits in the password. Therefore, even when the input value at the time of authentication is looked by a third person, the danger that the password is guessed and unjustly used for authentication can be reduced. In addition, by using a ten-digit random number where no number is in duplicate, it becomes possible to repeatedly perform the authentication for the terminal apparatus 501 with displaying different random numbers and without connecting to the server apparatus 508, by using these converted numerical values based on two random numbers and input numerical values in response to the two random numbers memorized in the memory part 504 when the authentication for the server apparatus 508 was previously successful, at the time of the authentication for the terminal apparatus 501.
In Embodiment 2, sets of two random numbers and an input numerical value memorized in the memory part 504 when the authentication for the server apparatus 508 was successful, are a part of eight sets of two random numbers and an input numerical value used for the authentication for the server apparatus 508, like 5 sets. However, it is also acceptable to memorize all the values of the eight sets and use them at the next time of authentication for the terminal apparatus 501. In Embodiment 2, an eight-digit number is used as a password. However the password is not limited to the eight-digit number.
In addition, for the authentication at the terminal apparatus, it is also acceptable to use the random number and the input apparatus which were used for the authentication for the server, as described in Embodiment 1.
In Embodiment 2, the memory part 504 of the terminal apparatus 501 is provided in the IC card 514, and can be attached/detached to/from the terminal apparatus 501. It is also acceptable to divide the memory part 504 into two, to provide one in the IC card 514, to include the other one in the terminal apparatus 501, to memorize the input value at the last time of the authentication in the memory part in the IC card 514, to memorize the random number at the last time of the authentication in the memory apparatus included in the terminal apparatus 501, and therefore to separately store random numbers and input numerical values in response to them to be needed at the next time of the authentication for the terminal apparatus 501, in separate memory apparatuses. In this case, by separately possessing the terminal apparatus 501 and the IC card 514 at the time of not using them, it is possible to prevent the terminal apparatus 501 from being unjustly utilized.
In Embodiment 2, an eight-digit number is used as a password. However, it is possible to perform user authentication using a password of a sign queue of a plurality of digits including not only a number but also an alphabet and a special character, by adding not only the display of digit of a number but also the notation of an alphabet and a special character to the password input screen as shown in
In
In this case, in the calculation part 511 of the server apparatus 508, authentication can be performed by converting a password into a numerical value based on the conversion table shown in
In Embodiment 1, a four-digit number is used as a password. However, it is possible to perform user authentication using a password including not only a number but also an alphabet and a special character, by adding not only the display of digit of a number but also the notation of an alphabet and a special character to the password input screen as shown in
In
In this case, in the calculation part 109 of the server apparatus 106, authentication can be performed by converting a password into a numerical value based on the conversion table shown in
In this case, the random number generating part 108 generates random number of 26 digits. The following formula is used for calculating a value used for authentication in S209.
Ans[i]=((Rand[i]/10(26−Pass[i]))%10+Pass[Pass[i]%4])%10
where i is a number of an input value, Ans is an array of values used for authentication, Rand is an array of random numbers generated for authentication, Pass is an array of numbers in the password from the most significant digit, “/” denotes a calculation for obtaining a quotient of division, and “%” denotes a calculation for obtaining a remainder of division. When a number of the password is 0, 10 is applied to Pass[i].
In Embodiment 1 and Embodiment 2, the case that when a user inputs an input numerical value into the input field of the password input screen, * is displayed so that the inputted numerical value may not be understood by a third person has been described. However, in order to prevent the error of a numerical value input, the numerical value inputted itself can be displayed in the input field.
As mentioned above, a numerical value to be input into the input part of the terminal apparatus is not a password itself, and user authentication can be performed by using a value obtained based on the password and random numbers displayed in the terminal apparatus. Therefore, even when the input value at the time of authentication is looked by a third person, the danger that the password is guessed and unjustly used for authentication can be reduced. For the user, it is possible to use a password having the same form as the conventional one, and to utilize an authentication system having higher security than the conventional authentication method, by only performing a simple calculation based on the password, in response to random numbers changing at every authentication, without needing a special authentication device.
In the above Embodiments, random numbers are displayed on the terminal apparatus at the time of accessing the server apparatus, and authentication is performed at the server apparatus based on input numerical values which a user input in response to the random numbers. Next, in a network system where service provider provides a service through a service provide apparatus being different from the authentication apparatus of the third person in which a user registration is done, an Embodiment applied to authentication at the time of a user accessing the service provide apparatus will be described.
According to the present Embodiment, the memory part 1104 is composed of an volatile memory included in the terminal apparatus 1101, and memorizes a private key of a user received from the authentication apparatus 1107. Concretely, according to the present invention, the authentication part 1105 is realized by programs. These programs are stored in a hard disk apparatus, a nonvolatile memory, a flexible disk, etc., and loaded onto the terminal apparatus 1101 from them to be executed on CPU. The key generating part 1108 generates a set of a private key and a public key.
According to the present Embodiment, the management part 1109 is composed of a hard disk apparatus, relates a user password, a public key generated in the key generating part 1108, and the validity term of the public key with a user ID, and memorizes them.
The random number generating part 1110 generates a ten-digit random number.
Concretely, according to the present Embodiment, the key generating part 1108, the random number generating part 1110, the calculation part 1111, and the judging part 1112 are realized by programs. These programs are stored in a hard disk apparatus, a nonvolatile memory, a flexible disk, etc., and loaded onto the authentication apparatus 1107 from them to be executed on CPU.
Concretely, according to the present Embodiment, the authentication part 1115 is realized by programs. These programs are stored in a hard disk apparatus, a nonvolatile memory, a flexible disk, etc., and loaded onto the service provide apparatus 1114 from them to be executed on CPU.
The communication part 1106 of the terminal apparatus 1101, the communication part 1113 of the authentication apparatus 1107 and the communication part 116 of the service provide apparatus are linked through a network, such as radio communication, cable communication, and the Internet.
Now, operations will be explained.
First, in the case of a user performing authentication for the service provide apparatus 1114 using the terminal apparatus 1101, when receiving information which specifies a user ID and the service provide apparatus 1114 from the input part 1103 at 1201, the terminal apparatus 1101 transmits an authentication request 1202 including a user ID to the authentication apparatus 1107. When receiving the authentication request 1202, if the user ID included in the authentication request 1202 has been registered in the management part 1109, the authentication apparatus 1107 generates random number sets 1204 at 1203, the number of which is required for authenticating the user, and transmits them to the terminal apparatus 1101. The terminal apparatus 1101 displays the received random number sets 1204 on the display part 1102, receives all input numerical values 1206 inputted in response to the displayed random numbers sets at 1205, and transmits them to the authentication apparatus 1107. Receiving all the input numerical values 1206 from the terminal apparatus 1101, the authentication apparatus 1107 calculates authentication values to be used for authentication, by the calculation part 1111 based on the user password on the management part 1109 at 1207, and performs authentication depending upon whether they coincide with all the input numerical values 1206 or not The above stated processing can also be performed by either method of the Embodiment 1 or Embodiment 2.
Then, when the authentication is successful since the authentication values coincide with the input numerical values, the key generating part 1108 generates a set of a private key 1209 and a public key 1212 at 1208, registers the public key 1212 with a validity term, relating to the user ID, in the management part 1109, and transmits the private key 1209 to the terminal apparatus 1101. In addition, in transmitting the private key 1209 from the authentication apparatus 1107 to the terminal apparatus 1101, an anonymous communication, such as SSL (Secure Sockets Layer) communication by the public key of the authentication apparatus is used. Receiving the private key 1209 from the terminal, the terminal apparatus 1101 transmits an authentication request 1210 including the user ID to the service provide apparatus 1114 which has been specified. Receiving the authentication request 1210, the service provide apparatus 1114 transmits a key demand 1211 including the user ID, which is acquired from the received authentication request 1210, to the authentication apparatus 1107.
The authentication apparatus 1107 acquires the user ID from the received key demand 1211, checks the validity term of the public key 1212 memorized to be relating with the user ID, in the management part 1109, and, if it is within the validity term, transmits the public key 1212 to the service provide apparatus 1114. Receiving the public key 1212 from the authentication apparatus 1107, the service provide apparatus 1114 generates arbitrary information by the authentication part 1115 as authentication information 1216 at 1213, encrypts it to be encryption information 1214 by using the received public key 1212, and transmits it to the terminal apparatus 1101. Receiving the encryption information 1214, the terminal apparatus 1101 decrypts the received encryption information 1214 at 1215 to be authentication information 1216, using the private key 1209, by the authentication part (decryption part) 1105, and transmits the authentication information 1216 to the service provide apparatus 1114. Receiving the authentication information 1216 from the terminal apparatus 1101, the service provide apparatus 1114 performs authentication depending upon whether the received authentication information 1216 coincides with the authentication information 1216 before the encryption using the public key 1212. Then, only when the authentication is successful because both of the information coincide, service is rendered to the terminal apparatus 1101.
According to the present Embodiment, when a plurality of service providers rendering service which a user wants to utilize exists on a network, it is possible for the user to execute user authentication and receive the service without user registration individually at the service provide apparatus of each service provider, and it is possible not to input the password itself at the time of the user authentication and to reduce the danger that the password is guessed and unjustly used for authentication even when the input at the time of authentication is looked by a third person.
As mentioned above, a numerical value to be input into the input part of the terminal apparatus is not a password itself, and user authentication can be performed by using a value obtained based on the password and random numbers displayed on the terminal apparatus. Therefore, even when the input value at the time of authentication is looked by a third person, the danger that the password is guessed and unjustly used for authentication can be reduced. For the user, it is possible to use a password having the same form as the conventional one, and to utilize an authentication system having higher security than the conventional authentication method, only by performing a simple calculation based on the password, in response to random numbers changing at every authentication, without needing a special authentication device.
Moreover, the above-mentioned authentication system can be applied to the authentication at a plurality of service provide apparatuses rendering service to a user, and even when utilizing a plurality of services, the user can utilize the service without inputting the password itself into the terminal apparatus. Therefore, the danger of the service being unjustly utilized can be reduced.
In Embodiments 1 through 3, authentication for the terminal apparatus is performed by using random numbers transmitted from the authentication apparatus. In the present Embodiment, the case of the terminal apparatus independently performing user authentication will be explained.
The memory part 1304 memorizes a password of a user to whom authentication is performed by the terminal apparatus 1301 and a private key of the user which is paired with a public key of the user. The password of the user is a sign queue of a plurality of digits like Embodiments 1 through 3.
The random number generating part 1305 generates a ten-digit random number where no number at each digit is in duplicate.
Next, operations will be explained. Operations at the time of performing user authentication for the terminal apparatus 1301 will be described.
First, in the case of a user performing authentication using the terminal apparatus 1301, an authentication request is received from the input part 1302 (S1401). Next, the terminal apparatus 1301 generates random number groups, the number of which is required for authenticating the user, in the random number generating part 1305 (S1402). Then, random number groups (set of random numbers equal to or more than two) are displayed on the display part 1302 out of the generated random number groups (S1403). Input numerical values (response values) which the user input in response to the random number groups displayed on the display part 1302 are received from the input part 1303 (S1404), and it is checked whether all the random number groups generated by the random number generating part 1305 have been displayed on the display part 1302 or not (S1405). Then, when there is a random number group not having been displayed yet, the processing from S1403 is repeated. On the other hand, when all the random number groups have been displayed, the password memorized in the memory part 1304 is extracted (S1406), authentication values to be used for the authentication are calculated in the calculation part 1306 (S1407) and, the calculated authentication values are compared with the input numerical values received for each digit of the password, it is checked whether both of them coincide or not (S1408). At the check of S1408, when the input numerical values received from the input part 1303 coincide with the authentication values calculated by the calculation part 1305, access of the user to the terminal apparatus 1301 and the IC card 1308 is permitted (S1409), and success of the authentication is displayed on the display part 1302 (S1410). On the other hand, when the input numerical values do not coincide, failure of the authentication is displayed on the display part 1302 (S1411).
In the case of performing authentication from the a user at the terminal apparatus 1301, the response value input screen 801 of
In addition, in the terminal apparatus 1301 according to Embodiment 4, the calculation part 1306 calculates an authentication value for each digit of the password by using the following formula which is the same as the one used in Embodiment 2:
Ans[i]=((Rand1[i]/10(10−Pass[i]))%10+(Rand2[i]/10(10−Pass[i+1]))%10)%10
Furthermore, it is possible in the calculation part 1306 of the terminal apparatus 1301 to perform authentication by obtaining authentication values based on a password including not only a number but an alphabet and a special character by using the conversion table shown in
According to the present embodiment, a numerical value to be input into the input part of the terminal apparatus is not a password itself, and user authentication can be performed by using a value obtained based on the password and random number groups displayed in the terminal apparatus. Therefore, even when the input numerical value at the time of authentication is looked by a third person, the danger of unjustly using data in the terminal apparatus and in the IC card by guessing the password can be reduced. For the user, it is possible to use a password having the same form as the conventional one, and to utilize an authentication system having higher security than the conventional authentication system, by only performing a simple calculation based on the password, in response to random number groups changing at every authentication, without needing a special authentication device. Therefore, the authentication system of the present Embodiment can be used as the user authentication for an IC card in which a private key of a user being paired with a public key of the user is stored. Thus, in the authentication system using a public key, the authentication system of high security can be utilized.
In addition, in the above explanation, a random number group (set of random numbers equal to or more than two) is used. However, it is also acceptable to generate one random number for each digit of a password to be used for user authentication like the Embodiment 1. When using one random number for each digit of a password, the same structure as the one shown in
Ans[i]=((Rand[i]/10(10−Pass[i]))%10+Pass[i])%10
where i is a number of an input value, Ans is an array of values used for authentication, Rand is an array of random numbers generated for authentication, Pass is an array of numbers in the password from the most significant digit, “/” denotes a calculation for obtaining a quotient of division, and “%” denotes a calculation for obtaining a remainder of division. When a number of the password is 0, 10 is applied to Pass[i].
The present Embodiment will describe the case that a set of a random number for display and a random number for background (random number for additional element) is used for each digit of a password, the random number for display is displayed, as a challenge value, on a prescribed background pattern on the response value input screen, a background pattern of each password candidate is determined based on the random number for background, and the password candidate is displayed on each background pattern.
According to the present Embodiment, a queue of eight signs including numbers, alphabets, and special characters is used as a password, and eight input numerical values are input at the time of authentication for the server apparatus and authentication for the terminal. Moreover, the random number for background is supposed to be a random number array composed of five ten-digit random numbers.
A background pattern determination part 1515 determines a background pattern (additional element) of each password candidate (reference sign group) on the response value input screen by using a random number for background (random number for additional element). The background pattern determination part 1515 is corresponding to an example of an additional element determination part.
According to the present Embodiment, the memory part 1504, the conversion part 1505, and the judging part 1506 are concretely realized by programs, stored in a flash memory 1514 and loaded onto the terminal apparatus 1501 to be executed on CPU.
According to the present Embodiment, the management part 1509 is composed of a hard disk apparatus, relates a user password with a user ID, and memorizes them.
The random number generating part 1510 generates a set of a ten-digit random number where no number at each digit is in duplicate as a random number for display and an array of random number for background being composed of five ten-digit random numbers where no number at each digit is in duplicate as random numbers for background.
According to the present invention, the random number generating part 1510, the calculation part 1511, and the judging part 1512 are concretely realized by programs. These programs are stored in a hard disk apparatus, a nonvolatile memory, a flexible disk, etc., and loaded onto the server apparatus 1508 from them to be executed on CPU.
The communication part 1507 of the terminal apparatus 1501 and the communication part 513 of the server apparatus 1508 are linked through a network, such as radio communication, cable communication, and the Internet.
Now, operations will be explained. First, operations at the time of performing user authentication from the terminal apparatus 1501 to the server apparatus 1508 will be explained.
On the other hand, when the received authentication request is to the terminal apparatus 1501 at S1602, it is checked whether the random number sets and input numerical values in response to the random number sets are stored in the memory part 1504 or not (S1613). When the random number sets and the input numerical values in response to the random number sets are not stored in the memory part 1504, the authentication request including the user ID is transmitted to the server apparatus 1508 through the communication part 1507 (S1603).
On the other hand, when the random number sets and the input numerical values in response to the random number sets are stored in the memory part 1504, these values on the memory part 1504 are converted by the conversion part (random number change part) 1505. A new input numerical value (authentication value) is computed based on a random number for display after the random number change and a random number for background after the random number change. Then, the random numbers for display after the random number change, the random numbers for background after the random number change, and the new input numerical values are memorized in the memory part 1504 (S1614). In addition, the processing of S1614 is performed like the processing described in the Embodiment 2.
Next, the random number for display after the random number change is displayed on the display part 1502 using one random number set out of the random number sets after the conversion (random number set after the random number change) memorized in the memory part 1504, and a password candidate is displayed on the background pattern determined by the background pattern determination part 1515 based on the array of random numbers for background after the random number change (S1615).
Then, an input numerical value (response value) which the user input in response to the random number displayed on the display part 1502 using the random number set is received through the input part 1503 (S1616). It is checked whether the random numbers were displayed on the display part 1502 by using all the random number sets stored in the memory part 1504 or not (S1617). Then, when there is a random number set not having been displayed yet, the processing from S1615 is repeated. On the other hand, the random numbers have been displayed by using all the random number sets, the judging part (terminal side authentication judging part) 1506 checks whether or not all the input numerical values received through the input part 1503 coincide with all the input numerical values (authentication values) stored in the memory part 1504 (S1618). When all of them coincide, success of the authentication is displayed on the display part 1502 (S1619) to finish the authentication processing. On the other hand, when the input numerical values do not coincide, failure of the authentication is displayed on the display part 1502 (S1620) to finish the authentication processing.
In addition, in the present Embodiment, the random number sets and the numerical values are converted at S1614. However, it is also acceptable that the judging part 1506 performs user authentication for the terminal apparatus by using the random numbers for display, the arrays of random numbers for background, and the input numerical values stored in the memory part 1504 without converting, as described in Embodiment 1.
First, an authentication request including a user ID is received from the terminal apparatus 1501 (S1701). Then, it is checked whether the user ID included in the received authentication request has been registered in the management part 1509 or not (S1702). When the user ID has been registered in the management part 1509, the password stored to be corresponding to the user ID is extracted (S1703). On the other hand, when the user ID has not been registered in the management part 1509, failure of the authentication is stored in the judging part 1512. Next, in the random number generating part 1510, random number sets (set of random number for display and random number for background), the number of which is required for the user authentication, are generated (S1705). Since authentication is performed based on eight input values in the server authentication according to Embodiment 5, eight sets of a ten-digit random number, being as a random number for display, and a random number array, being as an array of random numbers for background, including five ten-digit random numbers, are generated for one authentication. That is, a set of a random number for display and an array of random numbers for background is generated for each digit of a password. The generated random number sets are transmitted to the terminal apparatus 1501 through the communication part 1513 (S1706).
Then, in response to it, an input numerical values (response value) are received from the terminal apparatus 1501 (S1707), and it is checked whether failure of the authentication has been recorded in the judging part 1512 or not (S1708). When failure of the authentication has not been recorded in the judging part 1512, an authentication values to be used for the authentication are calculated by the calculation part 1511 (S1709). Then, the authentication value is compared with the received input numerical value, for each digit of the password, and both of them are checked whether they coincide or not (S1710). At the check of S1710, when the input numerical values received from the terminal apparatus 501 coincides with the authentication values calculated by the calculation part 1511, success of the authentication is transmitted to the terminal apparatus 1501 as a result of the authentication (S1711). On the other hand, at the check of S1710, when the input numerical values received from the terminal apparatus 1501 do not coincide with the authentication values calculated by the calculation part 1511, failure of the authentication is transmitted to the terminal apparatus 1501 as a result of the authentication (S1712). In addition, at the check of S1708, when failure of authentication is stored in the judging part 1512, the failure of authentication stored in the judging part 1512 is cleared and failure of the authentication is transmitted to the terminal apparatus 1501 as a result of the authentication (S1712).
At the time of performing authentication from the user at the terminal apparatus 1501, the user ID input screen 201 shown in
When a user starts authentication, a user ID is input into the user ID input field 202 of the user ID input screen 201 displayed on the display part 1502. In the case of performing an authentication request to the terminal apparatus 1501, the authentication request including the user ID to the terminal apparatus 1501 can be received at S1601, by operating the log-in button 203. In addition, by operating the server log-in button 204, the authentication request including the user ID to the server apparatus 1508 can be received at S1601
In
In the response value input screen (
Moreover, in the response value input screen (
In the terminal apparatus 1501, the memory part 1504 memorizes a background pattern array Patern[10] whose elements are background pattern codes of ten types to display different background patterns, and the background pattern determination part 1515 converts the value of each digit of the array BGRand[i][5] of random numbers for background for the i-th password, into a pattern code for screen drawing, using the pattern array for background and by the formula below in S1605 and S1615, and displays it as a background located at the m-th line from the top and the n-th from the left of the password candidate display 1802 of the response screen input 1801.
BGPaternmn=Patern[(BGRand[i][m−1]/1010−n)%10]
where “/” denotes a calculation for obtaining a quotient of division, and “%” denotes a calculation for obtaining a remainder of division. This formula is repeated for all the digits of BGRand[i] (1≦m≦5, 1≦n≦10).
Moreover, Patern[n−1] is displayed as the n-th background from the left and as a fixed background pattern of the random number display 1803 of the response screen input 1801.
Then, on the background, letters of the password candidate and the random number of DispRand[i] which is the random number for display for the i-th password are displayed.
BGRand[1][5]=[5124397860, 2351869047, 4790617538, 9871543026, 6403972815],
DispRand[1]=2571034869
In order from the top character in the eight characters composing a password, the user specifies a random number of one-digit by using the password candidate display 1802 and the random number display 1803. Concretely, finding a one-digit random number in the random number display 1803 which has the same background pattern as the objective character of the password in the password candidate display 1802, the user inputs the numerical value having been found into the input field 1804. In addition, according to the present Embodiment, after finishing inputting a numerical value for the first character of the password, the response value input screen 1801 using the next random number set is displayed on the display part 1502. The user repeats the input processing for each character of the password until the input of the response value for the last digit of the password finishes.
For example, in the example of
When a response value is input through the input part 1503, the random number display 1803 and the password candidate display 1802 are updated using a random number set of the random number for display and the random number for background for the next character in the password.
On the other hand, in the server apparatus 1508 according to Embodiment 5, the calculation part (authentication value calculation part) 1511 calculates an authentication value to be used for authentication, for each character of the password at S1709, by using the following formula including conversion of the password character into a numerical value, using the conversion table shown in
Ans[i]=(DispRand[i]/109−((BGRand[i][Trans(Pass[i])/10]/10
where i is a number of an input value, Ans[i] is an array of values used for authentication, DispRand[i] is a ten-digit random number for display which is generated for authentication of the i-th password and BGRand[i][5] is an array of random numbers for background whose elements are five ten-digit random numbers for background which are generated for authentication of the i-th password. Pass[i] is an array of characters in the password, Trans(x) is a function relating to the character x, returning a numerical value obtained by using the conversion table shown in
In the example of the random number of
Thus, Ans[1]=6. At S1710, the authentication value Ans[i] to be used for authentication is compared with the input numerical value (response value) from the terminal apparatus 1501 with respect to each character of the password, and it is judged whether the authentication is to be permitted or not by checking if both of them coincide or not.
The above-stated contents of the calculation by the calculation part 1511 of the server apparatus 1508 corresponds to the processing performed by the user for the terminal apparatus 1501. That is, in the calculation part 1511, a calculation equivalent to such processing is done that with respect to each digit of password, a sign of password, a random number for display, and a random number for background respectively corresponding to a digit, are used to determine a background pattern (additional element) which is added to a sign corresponding to the sign of the password out of each sign (reference sign) in the password candidate display (reference sign group) displayed on the terminal apparatus, and that based on the determined background pattern (additional element) a value of a digit in the random number for display corresponding to the sign to which the determined background pattern is added is specified. An authentication value used for user authentication is computed for each digit of the password by this calculation.
According to Embodiment 5, when the authentication for the server is successful, the eight sets of the random number for display and the array of random numbers for background used for authentication are memorized in the memory part 1504 of the terminal apparatus 1501.
When authentication for the terminal is required, the conversion part (random number change part) 1505 converts the random number for display and the array of random numbers for background memorized in the memory part 1504 in S1614.
First, one set of a random number for display DispRand[i], an array of random numbers for background BGRand[i][10], and an input numerical value Ans[i] corresponding to them, which have not been converted yet, is extracted from the memory part 1504 (S1901), and m which satisfies the following formula is calculated, as a number m of the selected background pattern (S1902).
(DispRand[i]/109−m)%10=Ans[i]
Next, a ten-digit random number where no number at each digit is in duplicate is generated as a new random number for display DispRand′[i] (S1903).
Next, a one-digit random number is generated as an input numerical value Ans′[i] expected to be input at the next authentication time (S1904).
Next, m′ which satisfies the following formula is calculated as a number m′ of a background pattern expected to be selected at the next authentication time (S1905).
(DispRand′[i]/109−′)%10=Ans′[i]
Next, a ten-digit random number R′ where no number at each digit is in duplicate is generated as an element of an array BGRand′[i] of random numbers for background to be used at the next authentication time (S1906).
Next, regarding the element R′ of the newly generated array of random numbers for background, the numbers of the element R′ are shifted cyclically to the left and is updated until the digit-position of the number m′ in the element R′ becomes coincident with the digit-position of the number m in the element R of the memorized array BGRand[i] of random numbers for background.
(R%10)×109+R/10
In order to check whether the digit-position of the numerical value m′ in the element R′ coincides with the digit-position of the numerical value m in the element R, n which satisfies the following formula is calculated, regarding one element R of the memorized array BGRand[i] of random numbers for background.
(R/10n)%10=m
It is checked whether the following formula holds this n.
(R′/10n)%10=m′
When it does not hold, the numerical values of the element R′ are shifted to the left cyclically and is updated by the following calculation (S1907).
(R′%10)×109+R′/10
Next, it is checked whether all the elements of the array BGRand′[i] of random numbers for background to be used for the next authentication have been generated. When not all the elements have been generated yet, the processing from S1906 is repeated (S1908). When all the elements have been generated, a set of the random number for display DispRand′ [i], the array BGRand′[i] of random numbers for background which have been newly generated, and an input numerical value Ans′[i] expected to be in response to them is memorized in the memory part 1504 as converted data (S1909).
Next, it is checked whether the above-mentioned conversion was carried out for all the random number sets memorized at the last authentication time (S1910), if the conversion processing has been carried out for all the random number sets, it goes to end, and if there is a non-converted one, the processing from S1901 will be repeated.
In Embodiment 5, background pattern codes of ten types for displaying different background patterns of ten types for drawing background are used. When the display part 1502 of the terminal apparatus 1501 can react to color display, it is also acceptable to use color codes of ten types for displaying different colors of ten types for drawing of background. Moreover, a background pattern and a color can also be used simultaneously for a background. Furthermore, it is also acceptable to use ten colors as a display color of each sign of a password candidate.
Although the response value input screen 1801 is made of one screen in Embodiment 5, it is also acceptable to be made of two screens of a random number screen for displaying a password candidate and a random number for display and a background display screen for displaying a background by a random number for background. Then, it is possible to switch these two screens to display, at the time of pressing a prescribed key other than the number key of the input part 1503, or to switch from the random number display screen to the background display screen only while a prescribed key is being pressed. In this case, not only a drawing pattern and a color but also a sign, a pictorial symbol, etc. can be used for background.
In the present Embodiment, a password is a sign queue of eight-digit including numbers, alphabets and special characters. However, the length of the password is not limited to eight-digit, and either longer or shorter than the eight digits is also acceptable.
In the Embodiment 5, at the time of a user inputting an input numerical value into the input field at the password input screen, it is possible to perform user authentication by using a numerical value having the same additional element, such as a background pattern, a background color, or a pictorial symbol, as the password which the user memorizes, among the random numbers displayed on the terminal apparatus Therefore, even when the input value at the time of authentication is looked by a third person, the danger that the password is guessed and unjustly used for authentication can be reduced. For the user, it is possible to use the same password as the conventional one, and to utilize an authentication system having higher security than the conventional authentication method, only by performing a simple comparison of a background pattern, a background color or a background sign based on a password, for a random number changing at every authentication, without needing a special authentication device
The present Embodiment will describe an example of the case that a terminal apparatus independently performs user authentication by using an authentication method where a set of a random number for display and a random number for background (random number for additional element) is used for each digit of a password, and where a random number for display is displayed, as a challenge value, on a prescribed background pattern in a response value input screen, by using a background pattern of each password candidate based on a random number for background, and the password candidate is displayed on its background pattern.
According to the present Embodiment, a queue of eight digits including numbers, alphabets, and special characters is used as a password, and eight input numerical values are input at the time of authentication for the terminal. Moreover, the random number for background is supposed to be a random number array composed of five ten-digit random numbers.
The memory part 2104 memorizes a password of a user who performs authentication through the terminal apparatus 2101.
A background pattern determination part 2109 determines a background pattern (additional element) of each password candidate (reference sign group) on the response value input screen by using a random number for background (random number for additional element). The background pattern determination part 2109 is corresponding to an example of an additional element determination part.
The random number generating part 2105 generates a set of a random number for display being a ten-digit random number where no number at each digit is in duplicate and a random number for background being an array of random numbers for background whose elements are five ten-digit random numbers where no number at each digit is in duplicate.
Next, operations will be explained. Operations at the time of performing user authentication for the terminal apparatus 2101 will be described.
First, at the time of a user performing authentication using the terminal apparatus 2101, an authentication request is received from the input part 2102 (S2001). Next, in the terminal apparatus 2101, the random number generating part 2105 generates random number sets (set of random number for display and random number for background), the number of which is required for the user authentication (S2002). Since authentication is performed based on eight input values according to Embodiment 6, eight sets of a random number for display being a ten-digit random number and an array of random numbers for background whose elements are five ten-digit random numbers generated for one authentication. That is, a set of a random number for display and an array of random numbers for background is generated for each digit of a password. Then, the random number for display in the generated random number sets is displayed on the display part 2102, and a password candidate is displayed on a background pattern determined by the background pattern determination part 2109 based on the array of random numbers for background (S2003). Input numerical values (response values) which the user input in response to the random number displayed on the display part 2102 by using the random number set are received from the input part 2103 (S2004), and it is checked whether all the random number sets generated by the random number generating part 2105 have been displayed on the display part 2102 or not (S2005). Then, when there is a random number set not having been displayed yet, the processing from S2003 is repeated. On the other hand, when all the random number sets have been displayed, the password memorized in the memory part 2104 is extracted (S2006), an authentication value to be used for the authentication is calculated in the calculation part 2106 (S2007) and, the judging part 2107 compares it with the input numerical value received for each digit of the password, and checks whether both of them coincide or not (S2008). At the check of S2008, when the input numerical value received from the input part 2103 coincides with the authentication value calculated by the calculation part 2005, access of the user to the terminal apparatus 2101 and the IC card 2108 is permitted (S2009), and success of the authentication is displayed on the display part 2102 (S2010). On the other hand, when the input numerical value does not coincide, failure of the authentication is displayed on the display part 2102 (S2011).
In the case of performing authentication from the a user at the terminal apparatus 2101, the response value input screen 1801 of
In the terminal apparatus 2101, the memory part 2104 memorizes a background pattern array Patern[10] whose elements are background pattern codes of ten types displayed by different background patterns, and the background pattern determination part 2109 converts the value of each digit of the array BGRand[i][5] of random numbers for background for the i-th password, into a pattern code for screen drawing, by using the pattern array for background and by the formula below in S2003, and displays it as a background of the one at the m-th line from the top and the n-th from the left of the password candidate display 1802 in the response screen input 1801.
BGPaternmn=Patern[(BGRand[i][m−1]/1010−n)%10]
where “/” denotes a calculation for obtaining a quotient of division, and “%” denotes a calculation for obtaining a remainder of division. This formula is repeated for all the digits of BGRand[i] (1≦m≦5, 1≦n≦10).
Moreover, Patern[n−1] is displayed as the n-th background from the left and as a fixed background pattern of the random number display 1803 of the response screen input 1801.
Then, on the background, a letter of the password candidate and the random number of DispRand[i] which is the random number for display for the i-th password are displayed.
When a response value is input through the input part 2103, the random number display 1803 and the password candidate display 1802 are updated by using a random number for display and a random number for background in the random number set for the next character in the password.
In the terminal apparatus 2101 according to Embodiment 6, the calculation part 2106 calculates an authentication value to be used for authentication, for each digit of the password, by using the following formula which is the same as the one used in Embodiment 5.
Ans[i]=(DispRand[i]/109−((BGRand[i][Trans(Pass[i])/10]/10
where i is a number of an input value, Ans[i] is an array of values used for authentication, DispRand[i] is a ten-digit random number for display which is generated for authentication of the i-th password and BGRand[i][5] is an array of random numbers for background whose elements are five ten-digit random numbers for background which are generated for authentication of the i-th password. Pass[i] is an array of characters in the password, Trans(x) is a function relating to the character x, returning a numerical value obtained by using the conversion table shown in
At S 2008, the authentication value Ans[i] to be used for authentication is compared with the input numerical value (response value) from the input part 2103 of the terminal apparatus 2101 with respect to each character of the password, and it is judged whether the authentication is to be permitted or not by checking if both of them coincide or not.
In the present Embodiment like the case of Embodiment 5, different colors of ten types can be used for drawing the background. A combination of a background pattern and a color can also be used. It is also acceptable to use a pictorial character as shown in
According to the present Embodiment as stated above, even when the terminal apparatus independently performs user authentication, at the time of a user inputting an input numerical value into the input field at the password input screen, it is possible to perform user authentication by using a numerical value having the same additional element, such as a background pattern, a background color, or a pictorial symbol, as the password which the user memorizes, among the random numbers displayed on the terminal apparatus.
Therefore, even when the input value at the time of authentication is looked by a third person, the danger that the password is guessed and unjustly used for authentication can be reduced. For the user, it is possible to use the same password as the conventional one, and to utilize an authentication system having higher security than the conventional authentication method, only by performing a simple comparison of a background pattern, a background color or a background sign based on a password, for a random number changing at every authentication, without needing a special authentication device.
Now, features of the authentication system etc. described in Embodiments from 1 to 6 will be stated again.
The authentication system according to Embodiments from 1 to 6 has the following features. The authentication system including a terminal apparatus which a user utilizes and an authentication apparatus which communicates with the terminal apparatus and performs user authentication to the user, comprises:
The authentication system according to Embodiments from 1 to 6 has the following features: The terminal apparatus further includes:
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes:
The authentication system according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes:
The authentication system according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes:
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes:
The authentication system according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus and the authentication apparatus can communicate with a service provide apparatus which provides service to the terminal apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. The authentication system includes a terminal apparatus which a user utilizes, an authentication apparatus which communicates with the terminal apparatus and performs user authentication to the user, and a service provide apparatus which can communicate with the terminal apparatus and the authentication apparatus and provides service to the terminal apparatus, wherein
The authentication apparatus according to Embodiments from 1 to 6 has the following features. The authentication apparatus for communicating with a terminal apparatus which a user utilizes and performing user authentication to the user, includes:
The authentication apparatus according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The authentication apparatus according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus which can communicate with an authentication apparatus for performing user authentication includes:
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes:
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes:
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus can communicate with the authentication apparatus which memorizes a sign queue of a plurality of digits as a password and generates a random number for each digit of the password,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes:
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus can communicate with the authentication apparatus which memorizes a sign queue of a plurality of digits as a password and generates a random number group composed of random numbers equal to or more than two, for each digit of the password,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes:
The authentication method according to Embodiments from 1 to 6 has the following features. The authentication method using a terminal apparatus which a user utilizes and an authentication apparatus which communicates with the terminal apparatus and performs user authentication to the user, comprises steps of:
The authentication method according to Embodiments from 1 to 6 has the following features. The authentication method uses a terminal apparatus which a user utilizes, an authentication apparatus which communicates with the terminal apparatus and performs user authentication to the user, and a service provide apparatus which can communicate with the terminal apparatus and the authentication apparatus and provides service to the terminal apparatus. The authentication apparatus performs,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus which performs user authentication to a user includes:
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The authentication method according to Embodiments from 1 to 6 has the following features. The authentication method of performing user authentication to a user includes steps of:
The authentication system according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
In the authentication apparatus,
In the terminal apparatus,
In the authentication apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes
The authentication system according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The authentication apparatus according to Embodiments from 1 to 6 has the following features. In the authentication apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. The terminal apparatus further includes,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The terminal apparatus according to Embodiments from 1 to 6 has the following features. In the terminal apparatus,
The authentication system according to Embodiments from 1 to 6 has the following features. The authentication system which is used for user authentication includes:
The authentication system according to Embodiments from 1 to 6 has a feature that the memory means, the calculation means, and the judging means are included in an IC card.
The authentication system according to Embodiments from 1 to 6 has a feature that the memory means is composed of an independent memory apparatus which can be attached/detached to/from the terminal apparatus.
The authentication system according to Embodiments from 1 to 6 has the following features that the authentication system includes:
The authentication system according to Embodiments from 1 to 6 has a feature that the management means, the calculation means, and the judging means are included in an IC card.
The authentication system including a terminal apparatus and a server apparatus which can communicate through a network, according to Embodiments from 1 to 6 has the following features. The terminal apparatus includes
The server apparatus includes
The authentication system including a terminal apparatus and a server apparatus which can communicate through a network, according to Embodiments from 1 to 6 has the following features. The terminal apparatus includes
The server apparatus includes
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus includes,
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus includes,
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus includes,
The authentication system according to Embodiments from 1 to 6 has a feature that the memory means and the judging means are included in an IC card.
The authentication system according to Embodiments from 1 to 6 has the following features. The terminal apparatus includes,
The authentication system according to Embodiments from 1 to 6 has a feature that the terminal apparatus includes the memory means, the conversion means and the judging means in an IC card.
The authentication system according to Embodiments from 1 to 6 has a feature that the terminal apparatus and the memory apparatus can communicate through a network.
The authentication system according to Embodiments from 1 to 6 has the following features. The authentication system includes a user authentication apparatus used for user authentication and a service provide apparatus which provides service to the user. The user authentication apparatus includes a terminal apparatus and a server apparatus which can communicate through a network. The terminal apparatus includes
The server apparatus includes
The service provide apparatus includes an authentication means for requesting the public key of the user from the server apparatus for the authentication request received from the terminal apparatus, and performing authentication for the terminal apparatus with using the public key of the user received from the server apparatus.
As mentioned above, according to Embodiments from 1 to 6, it is possible to realize user authentication of high security with having little load for the user, because the user authentication is performed by using a plurality of random numbers.
According to Embodiments from 1 to 6, it is possible to realize user authentication of high security even at a terminal apparatus of a simple equipment structure, because a plurality of random numbers transmitted from the authentication apparatus and a response value for a plurality of random numbers are utilized for the user authentication at the terminal apparatus.
According to Embodiments from 1 to 6, it is possible to perform user authentication in the terminal apparatus independently of user authentication in the authentication apparatus, since the user authentication in the terminal apparatus is performed by generating new random numbers by changing the contents of a plurality of random numbers transmitted from the authentication apparatus. Therefore, user authentication of higher security can be realized in the terminal apparatus.
Moreover, according to Embodiments from 1 to 6, it is impossible for the third person to guess the password because user authentication is performed by generating a random number for each digit of the password and using a different random number for each digit of the password. Therefore, user authentication of high security can be realized.
Moreover, according to Embodiments from 1 to 6, it is impossible for the third person to guess the password because a random number group composed of random numbers of equal to or more than two is generated for each digit of the password and user authentication is performed with using a different random number group for each digit of the password. Therefore, user authentication of high security can be realized.
Moreover, according to Embodiments from 1 to 6, it can be applied to the user authentication in the service provide apparatus to together use a private key and a public key. Therefore, the danger that service of the service provide apparatus is unjustly used can be avoided.
Moreover, according to Embodiments from 1 to 6, since user authentication in the terminal apparatus is also performed using a plurality of random numbers, user authentication of high security can be realized in the terminal apparatus, without giving a load to the user.
Moreover, according to Embodiments from 1 to 6, since user authentication is also performed in the terminal apparatus by generating a random number for each digit of a password and using a different random number for each digit of the password, it is impossible for the third person to guess the password. Therefore, user authentication of high security can also be performed in the terminal apparatus.
Moreover, according to Embodiments from 1 to 6, also with respect to user authentication in the terminal apparatus, user authentication is performed by generating a random number group composed of random numbers of equal to or more than two for each digit of the password and using a different random number group for each digit of the password. Therefore, it is impossible for the third person to guess the password, which realizes user authentication of high security in the terminal apparatus.
Moreover, according to Embodiments from 1 to 6, user authentication is performed by judging an additional element of a reference sign corresponding to a sign of password, based on an additional element for each reference sign determined by random numbers for additional element, and by specifying a value of a digit in the random number for display corresponding to the reference sign, based on the additional element. Therefore, it is impossible for the third person to guess the password, which realizes user authentication of high security in the terminal apparatus.
As mentioned above, since user authentication is performed using a plurality of random numbers according to the present invention, user authentication of high security can be realized, without giving a load to a user.
Number | Date | Country | Kind |
---|---|---|---|
2002-266521 | Sep 2002 | JP | national |
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/JP03/11547 | 9/10/2003 | WO | 8/4/2004 |