This application claims priority to Japanese Patent Application No. 2020-016618 filed on Feb. 3, 2020, incorporated herein by reference in its entirety.
The present disclosure relates to the authentication technique.
A car navigation device has the function to prevent theft. For example, when the device is removed by a procedure other than the proper procedure specified by the manufacturer, some commercially available products restrict the use of the device (anti-theft lock) to prevent the device from being started on the assumption that the device has been stolen.
When the anti-theft lock is enabled, some products can be unlocked by performing predetermined authentication. For example, the car navigation device displays a character string to be used as a challenge, and the authenticated server issues a response corresponding to the character string. This challenge-response authentication allows only a legitimate product, which is not stolen product, to be unlocked.
However, when an unlimited number of challenges can be issued on the product to be unlocked, there is a risk that the hash function for generating a response can be estimated by a brute force attack.
The present disclosure provides a technique for improving the security of an authentication system.
A first aspect of the present disclosure relates to an authentication system including a first information processing device and a second information processing device for requesting an authentication device to perform first authentication based on a challenge-response method. More specifically, the first information processing device is configured to perform second authentication with the second information processing device and is configured to request the authentication device to issue a challenge on condition that the second authentication is established. The second information processing device is configured to generate a response corresponding to the challenge issued by the authentication device.
A second aspect of the present disclosure relates to an authentication system including an authentication device, a first information processing device, and a second information processing device. More specifically, the authentication device is configured to issue a challenge, to acquire a response corresponding to the challenge, and to perform first authentication based on the issued challenge and the acquired response.
The first information processing device is configured to perform second authentication with the second information processing device and is configured to request the authentication device to issue a challenge on condition that the second authentication is established. The second information processing device is configured to generate a response corresponding to the challenge issued by the authentication device.
Other aspects include an authentication method performed by the authentication system described above, a program that causes a computer to perform the authentication method, or a non-transitory, computer-readable storage medium that stores therein the program permanently.
According to the present disclosure, security can be improved in the authentication system.
Features, advantages, and technical and industrial significance of exemplary embodiments of the disclosure will be described below with reference to the accompanying drawings, in which like signs denote like elements, and wherein:
An authentication system described in an embodiment is a system for unlocking an in-vehicle terminal that is security locked (usage restriction). The in-vehicle terminal is, for example, a car navigation device, but is not limited to thereto.
Some car navigation devices have the security function to prevent theft. For example, when power is not received from the vehicle on such a car navigation device, a security lock (usage restriction) is locked to prevent the car navigation device from being started on the assumption that the device has been stolen. The security lock can be unlocked by entering a password that has been set by the vehicle owner. On the other hand, when the password is unknown, it is necessary to forcibly unlock the security lock. In such a case, the user brings the navigation device to the manufacture to request the unlocking of the security lock.
A security lock can be forcibly unlocked mainly by challenge-response authentication.
A problem with this system is that the system is subject to a brute force attack. For example, as shown in
The present disclosure provides an authentication system for preventing this problem. The authentication system according to the present disclosure is an authentication system including a first information processing device and a second information processing device for requesting an authentication device to perform first authentication based on a challenge-response method. The authentication device is a device that performs predetermined processing based on whether or not the authentication is successful, but is not a device that is specialized for authentication. As described above, the authentication device may be a device that unlocks the predetermined security lock when the authentication is successful. The authentication device is typically an in-vehicle device such as a car navigation device, but is not limited thereto. The authentication system uses a combination of the first information processing device and the second information processing device to allow the authentication device to perform authentication.
More specifically, the first information processing device is configured to perform second authentication with the second information processing device and is configured to request the authentication device to issue a challenge on condition that the second authentication is established, and the second information processing device is configured to generate a response corresponding to the challenge issued by the authentication device.
The first information processing device may be, for example, a device (user terminal) that performs data processing near the authentication device. The second information processing device may be, for example, a secure device (center server) that manages a plurality of first information processing devices.
The first information processing device requests the authentication device to issue a challenge on condition that authentication has been established with the second information processing device. In response to this challenge, the second information processing device generates a response corresponding to the challenge. In other words, unless the second information processing device recognizes the first information processing device as a legitimate device, neither the authentication device issues a challenge nor does the second information processing device issue a response to the challenge. This configuration makes it is possible to solve the problem that an unlimited number of requests can be issued to the authentication device.
In addition, the second information processing device may be configured to generate the response on condition that the second authentication is established. Since the second authentication is required both for issuing the challenge and for generating the response, the security can be improved.
In addition, the first information processing device may be configured to transfer a response to the authentication device. The response is a response generated by the second information processing device. In addition, the first information processing device may be configured to transfer the challenge to the second information processing device to request the second information processing device to issue a response. The challenge is a challenge issued by the authentication device. The challenge and the response, though may be sent and received directly between the second information processing device and the authentication device, may be sent via the first information processing device.
In addition, the authentication system may include a plurality of the first information processing devices and the second information processing device may be configured to store a history of response request reception for each of the plurality of the first information processing devices. For example, there may be a plurality of first information processing devices, for example, one for each user and one for each service providing base. In this case, the second information processing device can count the number of times a response is requested. By doing so, a first information processing device that is performing an illegal operation can be detected.
In addition, the second information processing device may be configured to stop issuing a response for the first information processing device that has requested a response more than a predetermined number of times within a predetermined time. When a response is requested more than the predetermined number of times within the predetermined time, further requests may be rejected as an illegal operation.
In addition, the second information processing device may be a center server that manages the plurality of the first information processing devices. Performing the second authentication by the single center server can eliminate a connection by an unauthorized device.
In addition, the first information processing device may be configured not to present the challenge to an operator. The challenge is the challenge issued by the authentication device. Transferring the issued challenge to the center server without providing it to the operator reduces the risk that the challenge is used for an attack.
The authentication system according to the present disclosure may include an authentication device. In this case, the authentication device may be configured not to issue the challenge in response to a request from a device other than the first information processing device that has received the second authentication. The authentication device can improve security by not accepting a challenge issuance request from other means.
In addition, when the authentication device is removed from a vehicle, the authentication device may be configured to stop a predetermined function thereof until the first authentication succeeds. Stopping other functions (for example, navigation function) until the first authentication is performed makes it possible to provide an effective antitheft measure.
Embodiments of the present disclosure will be described below with reference to the drawings. Note that the following configuration of the embodiments is an example and that the present disclosure is not limited to the configuration of the embodiments.
The outline of an authentication system according to a first embodiment will be described below with reference to
The user terminal 200 is a computer for accessing the in-vehicle device 100. The user terminal 200 may be a terminal of an end user or may be a terminal managed by a car dealer or a device manufacturer. The user terminal 200 need not necessarily be under the control of the end user. In this system, there may be a plurality of the user terminals 200. The plurality of user terminals 200 are managed by the center server 300 that will be described later. In the description below, a user terminal that is not managed by the center server 300 is called an unauthorized terminal.
The center server 300 is a server device that manages a plurality of the user terminals 200. In this embodiment, the user terminal 200 functions as an interaction interface between the center server 300 and the in-vehicle device 100, and the center server 300 generates a response. More specifically, the user terminal 200 first sends an authentication request to the center server 300. When the authentication request is received, the center server 300 authenticates the user terminal 200. The authentication method is not limited to a particular method. In this way, the center server 300 confirms that the user terminal 200 is not an unauthorized terminal.
When the authentication is completed, the user terminal 200 sends a challenge issuance request data (challenge request) to the in-vehicle device 100. When the challenge request is received, the in-vehicle device 100 generates a challenge and sends the generated challenge to the user terminal 200. Then, the user terminal 200 relays the received challenge to the center server 300. When the challenge is received, the center server 300 generates a response corresponding to the challenge and sends the generated response to the user terminal 200. Then, the user terminal 200 relays the received response to the in-vehicle device 100.
In the description below, the authentication processing performed by the in-vehicle device 100 (by challenge response) is referred to as first authentication, and the authentication processing performed by the center server 300 for authenticating the user terminal 200 is referred to as second authentication. In the description below, it is assumed that the in-vehicle device 100 is a car navigation device sold as an option by an automobile manufacturer and that the user terminal 200 is a terminal owned by a car dealer. It is also assumed that the center server 300 is a server device managed by an automobile manufacturer for managing a plurality of the user terminals 200.
The in-vehicle device 100 is a car navigation device as described above. The in-vehicle device 100 includes a control unit 101, a storage unit 102, a communication unit 103, and an input/output unit 104.
The control unit 101 is an arithmetic unit responsible for the control processing performed by the in-vehicle device 100. The control unit 101 can be implemented by an arithmetic processing unit such as a CPU. The control unit 101 is configured to include two functional modules, a function unit 1011 and a security unit 1012. Each functional module may be implemented by executing the corresponding program, stored in the storage unit 102, by the CPU.
The function unit 1011 provides the main functions of the car navigation device. For example, the function unit 1011 provides the navigation function, audio/visual function, and the like. The security unit 1012 performs the security function. More specifically, when the power supplied from the vehicle to the in-vehicle device 100 is not received, the security unit 1012 enables the security lock. When the security lock is enabled, the function unit 1011 stops its operation. The security unit 1012 is configured to be capable of executing challenge-response authentication (first authentication) when the security lock is enabled. When the challenge-response authentication is successful, the security unit 1012 unlocks the security lock and causes the function unit 1011 to restart its operation.
The storage unit 102 includes a main storage device and an auxiliary storage device. The main storage device is a memory in which a program executed by the control unit 101 and data used by the control program are loaded. The auxiliary storage device is a device in which a program executed in the control unit 101 and data used by the program are stored. A hash function used in challenge-response authentication is stored in the storage unit 102.
The communication unit 103 is a communication interface for communicating with the user terminal 200. The communication standard used by the communication unit 103 may be Wi-Fi (registered trademark) or Bluetooth (registered trademark), or may be a standard based on short-range wireless communication. The in-vehicle device 100 and the user terminal 200 communicate with each other within the line-of-sight distance.
The input/output unit 104 is an interface for inputting/outputting information. The input/output unit 104 includes, for example, a display device and a touch panel. The input/output unit 104 may include a keyboard, a pointing device, a microphone, and the like.
The user terminal 200 includes a control unit 201, a storage unit 202, a communication unit 203, and an input/output unit 204.
The control unit 201 is an arithmetic unit responsible for the control processing performed by the user terminal 200. The control unit 201 can be implemented by an arithmetic processing unit such as a CPU. The control unit 201 is configured to include two functional modules, a first authentication unit 2011 and a request unit 2012. Each functional module may be implemented by executing the corresponding program, stored in the storage unit 202, by the CPU.
The first authentication unit 2011 establishes second authentication with the center server 300. More specifically, the first authentication unit 2011 sends data for receiving authentication (first authentication data) to the center server 300, and receives data indicating that authentication has been established (second authentication data) from the center server 300. The received data is sent to the request unit 2012. The request unit 2012 performs the following three types of processing: processing for sending challenge requesting data (challenge request) to the in-vehicle device 100, processing for relaying a challenge, sent from the in-vehicle device 100, to the center server 300, and processing for relaying a response, sent from the center server 300, to the in-vehicle device 100. A challenge request is generated only when second authentication data is received from the center server 300.
The storage unit 202 includes a main storage device and an auxiliary storage device. The main storage device is a memory in which a program executed by the control unit 201 and data used by the control program are loaded. The auxiliary storage device is a device in which a program executed in the control unit 201 and data used by the program are stored.
The communication unit 203 is a communication interface for communicating with the in-vehicle device 100. The communication unit 203 can communicate with the in-vehicle device 100 using the same communication standard that the communication unit 103 uses. The communication unit 203 is also a communication interface for communicating with the center server 300. The communication unit 203 can communicate with the center server 300 via a wide area network such as the Internet. The communication unit 203 may have interface means (communication module or communication interface) for communicating with the center server 300 via a wide area network.
The input/output unit 204 is an interface for inputting/outputting information. The input/output unit 204 includes, for example, a display device and a touch panel. The input/output unit 204 can input/output information (identifier, password, etc. of the user terminal 200) for performing the second authentication. However, for security reason, the input/output unit 204 preferably should not output the information related to the first authentication. Concealing a challenge generated by the in-vehicle device 100 reduces an attack risk.
The center server 300 includes a control unit 301, a storage unit 302, and a communication unit 303.
The control unit 301 is an arithmetic unit responsible for the control processing performed by the center server 300. The control unit 301 can be implemented by an arithmetic processing unit such as a CPU. The control unit 301 is configured to have two functional modules, a second authentication unit 3011 and a calculation unit 3012. Each functional module may be implemented by executing the corresponding program, stored in the storage unit 302, by the CPU.
The second authentication unit 3011 authenticates the user terminal 200 based on a request from the user terminal 200. More specifically, the second authentication unit 3011 receives first authentication data from the user terminal 200 and performs the second authentication based on the received first authentication data. The authentication may be a method using a common key or a method using a public key. The authentication method is not limited to a particular one. When the second authentication is established, the second authentication unit 3011 sends the second authentication data to the user terminal 200.
The calculation unit 3012 generates a response corresponding to the challenge generated by the in-vehicle device 100. The calculation unit 3012 uses the hash function stored in the storage unit 302, which will be described later, to generate a response corresponding to the challenge generated by the in-vehicle device 100 and sends the generated response to the user terminal 200.
The storage unit 302 includes a main storage device and an auxiliary storage device. The main storage device is a memory in which a program executed by the control unit 301 and data used by the control program are loaded. The auxiliary storage device is a device in which a program executed in the control unit 301 and data used by the program are stored. In addition, the storage unit 302 stores data for authenticating the user terminal 200 (data to be compared with the first authentication data) and the same hash function that is stored in the in-vehicle device 100.
The communication unit 303 is a communication interface for communicating with the user terminal 200. The communication unit 303 can communicate with the user terminal 200 using the same communication standard that the communication unit 203 uses.
Next, a flow for unlocking a security lock on the in-vehicle device 100 will be described. When the user brings a locked in-vehicle device 100 to a car dealer, the car dealer first confirms that the in-vehicle device is not a stolen device and, then, starts the procedure for unlocking the in-vehicle device.
First, in step S11, the user terminal 200 (first authentication unit 2011) generates the first authentication data. The first authentication data may be a password or a digital certificate. When the first authentication data is a password, the user terminal 200 may acquire the character string via the input/output unit 204. The generated first authentication data is sent to the center server 300 (second authentication unit 3011).
In step S12, the center server 300 (the second authentication unit 3011) authenticates the user terminal 200 based on the received first authentication data. When the first authentication data is a password, the hashed password may be used for comparison. When the first authentication data is a digital certificate, digital certificate identity may be verified.
When the user terminal 200 is successfully authenticated, the second authentication unit 3011 generates second authentication data. The second authentication data may be any data that allows the user terminal 200 to recognize that the authentication has succeeded. The second authentication data is sent to the user terminal 200 (the request unit 2012).
In step S13, the request unit 2012 that has received the second authentication data generates a challenge request. The challenge request may be fixed data or may be data that varies according to a session/terminal as long as the in-vehicle device 100 can verify its validity.
In addition, the challenge request may be the second authentication data itself. That is, the challenge request may be data generated only when authentication is established between the user terminal 200 and the center server 300. The challenge request may also be data encoded with the private key of the center server 300. In this case, the in-vehicle device 100 can decode the challenge request using the public key of the center server 300 to confirm that the challenge request has been generated by the center server 300.
In step S14, the in-vehicle device 100 (the security unit 1012) generates a challenge based on the received challenge request. The challenge may be a random character string with a predetermined number of digits. The generated challenge is sent to the center server 300 via the user terminal 200. When there is a plurality of types of in-vehicle devices 100 each of which uses a different hash function, the in-vehicle device 100 may send, together with the challenge, the information identifying the hash function to be used.
In step S21, the center server 300 (the calculation unit 3012) generates a response corresponding to the received challenge. The calculation unit 3012 uses the hash function, stored in the storage unit 302, to generate a response corresponding to the received challenge, and sends the generated response to the in-vehicle device 100 via the user terminal 200. When there is a plurality of hash functions used in the system, the center server 300 may identify the hash function to be used based on the data sent from the in-vehicle device 100.
In step S22, the in-vehicle device 100 (the security unit 1012) verifies the received response and determines whether to unlock the security lock. More specifically, the in-vehicle device 100 compares the result, generated by encoding the challenge, which was generated by itself, using the hash function stored in the storage unit 102, and the received response. If they match, the security lock is unlocked.
As described above, in the authentication system according to the first embodiment, the user terminal 200 performs authentication with the center server 300 and, only when the authentication is successful, issues a challenge request to the in-vehicle device 100. This configuration makes it possible to prevent an unauthorized terminal (a terminal that has not been authenticated by the center server 300) from issuing a challenge request, preventing an attack that estimates the hash function.
In the first embodiment, the center server 300 issues a response on condition that the center server 300 has successfully authenticated the user terminal 200. In the first embodiment, there is no limit on the number of times is a response is issued. On the other hand, in the second embodiment, there is a limit on the number of times a response is issued for each of the user terminals 200.
In the second embodiment, the center server 300 stores, for each of the user terminals 200, the number of times a request is received from that user terminals 200. More specifically, the center server 300 stores a table (history table), such as the one shown in
In the second embodiment, when a request is received from the user terminal 200, the calculation unit 3012 refers to the history table and, when an abnormal activity is detected, stops generating a response. For example, when the user terminal 200 that sends an authentication request has already received authentication (step S12 in
Modification
The above embodiment is merely an example, and the present disclosure may be modified as necessary for implementation without departing from the spirit of the present disclosure. For example, the processing and means described in the present disclosure can be freely combined for implementation as long as there is no technical contradiction.
Although the in-vehicle device 100 generates a challenge in response to a challenge request in this embodiment, the in-vehicle device 100 may verify the validity of the terminal that has sent the challenge request considering a case in which the challenge request is illegally copied. In other words, if the terminal that has sent a challenge request is not the user terminal 200 that has completed authentication with the center server 300, the in-vehicle device 100 may not need to respond to the challenge request.
Furthermore, the processing described as being performed by one device may be divided among two or more devices. Conversely, the processing described as being performed by different devices may be performed by one device. In a computer system, it is possible to flexibly change the hardware configuration (server configuration) to implement each function.
The present disclosure can also be implemented by supplying a computer with a computer program that implements the functions described in the above embodiment and by causing one or more processors of the computer to read and execute the program. Such a computer program may be provided to the computer by a non-transitory computer-readable storage medium that can be connected to the system bus of the computer or may be provided to the computer via a network. The non-transitory computer-readable storage medium includes, for example, any type of disk, such as a magnetic disk (floppy (registered trademark) disk, hard disk drive (HDD), etc.) and an optical disc (CD-ROM, DVD disc, Blu-ray disc, etc.), and any type of medium suitable for storing electronic instructions such as a read only memory (ROM), a random access memory (RAM), an EPROM, an EEPROM, a magnetic card, a flash memory, and an optical card.
Number | Date | Country | Kind |
---|---|---|---|
2020-016618 | Feb 2020 | JP | national |