公开(公告)号：US08132234B2

公开(公告)日：2012-03-06

申请号：US11902129

申请日：2007-09-19

申请人： Taketsugu Yao

发明人： Taketsugu Yao

IPC分类号： G06F7/04

CPC分类号： H04L63/1433 ,  H04L63/123 ,  H04L63/1441 ,  H04L2463/143 ,  H04W12/10 ,  H04W12/12 ,  H04W84/18

摘要： There is provided an unauthorized terminal inferring device (100) device that is connected to a plurality of communications terminal devices (IDi) by a multi-hop network. The device (100) includes a communications terminal information control portion (120) that controls identification information and key information for the communications terminal devices (IDi), a transmission portion (160) that transmits challenge information to the devices (IDi), a receiving portion (170) that receives from the devices (IDi) response information that corresponds to the challenge information, a response information verification portion (130) that verifies whether or not an authenticator that is contained in the response information is correct, and an unauthorized terminal device inferring processing portion (140) that, in a case where the verification result indicates that the response information is not legitimate, requests that each of the devices (IDi) retransmit received and generated information, then infers which communications terminal device performed the unauthorized behavior.

摘要翻译： 提供了通过多跳网络连接到多个通信终端设备（IDi）的未经授权的终端推断设备（100）设备。 设备（100）包括控制通信终端设备（IDi）的识别信息和密钥信息的通信终端信息控制部分（120），向设备（IDi）发送质询信息的传输部分（160），接收 从所述设备（IDi）接收与所述挑战信息相对应的响应信息的部分（170），验证所述响应信息中包含的认证符是否正确的响应信息验证部分（130） 设备推断处理部分（140），其中在验证结果指示所述响应信息不合法的情况下，请求重新接收每个设备（IDi）并生成信息，然后推断哪个通信终端设备执行未经授权的行为 。

公开(公告)号：US20100228981A1

公开(公告)日：2010-09-09

申请号：US12591474

申请日：2009-11-20

申请人： Taketsugu Yao

发明人： Taketsugu Yao

IPC分类号： H04L9/32

CPC分类号： H04L9/0838 ,  H04L9/3242 ,  H04L63/062 ,  H04L63/08 ,  H04L2209/80

摘要： A communication method in which an operation, such as authentication, required when a new communication terminal participates in a mesh network is carried out in a more efficient manner. A second communication terminal that has already established an adjacent communication link with at least two first communication terminals, out of a plurality of communication terminals, distributes an adjacent terminal list including terminal identifiers of the first communication terminals along with a temporal key generated by the second communication terminal. One of the first communication terminals that received the adjacent terminal list and the temporal key distributes adjacent registration information, which is generated using a second temporal key. The other one of the first communication terminals that received both the adjacent terminal list and the adjacent registration information determines whether the terminal identifier of one of the first communication terminals is included in the adjacent terminal list, and whether the first temporal key distributed along with the adjacent terminal list matches with the second temporal key used for generating the adjacent registration information. If both determination results are affirmative, one of the first communication terminals is authenticated.

摘要翻译： 以更有效的方式执行在新的通信终端参与网状网络时所需的诸如认证的操作的通信方法。 已经与多个通信终端中的至少两个第一通信终端建立了相邻通信链路的第二通信终端分配包括第一通信终端的终端标识符的相邻终端列表以及由第二通信终端生成的时间密钥 通讯终端 接收相邻终端列表的第一通信终端之一和时间密钥分配使用第二时间密钥生成的相邻注册信息。 接收到相邻终端列表和相邻注册信息的第一通信终端中的另一个确定第一通信终端之一的终端标识是否包括在相邻终端列表中，以及第一时间密钥是否与 相邻终端列表与用于生成相邻注册信息的第二时间密钥匹配。 如果两个确定结果都是肯定的，那么第一通信终端之一被认证。

公开(公告)号：US20080133921A1

公开(公告)日：2008-06-05

申请号：US11976374

申请日：2007-10-24

申请人： Taketsugu Yao

发明人： Taketsugu Yao

IPC分类号： H04L9/06

CPC分类号： H04L9/0891 ,  H04L9/3242 ,  H04L2209/38 ,  H04L2209/805

摘要： This invention provides a message authentication system including: a message sending device having a send notice information generating unit that generates a first authentication code to certify a message and a second authentication code to certify the first authentication code and that sends the message and an authentication code generation key after authenticating reception certification information for the send notice information from a message receiving device; and including the message receiving device having a reception certification information generating unit that generates the reception certification information to certify the receiving of the send notice information, a first authentication code authenticating unit that authenticates the first authentication code by using the second authentication code and the authentication code generation key, a message authenticating unit that authenticates the message by using the authenticated first authentication code and the authentication code generation key. Thereby, the data capacity held by a node can be reduced.

摘要翻译： 本发明提供了一种消息认证系统，包括：消息发送设备，具有生成用于认证消息的第一认证码的发送通知信息生成单元和用于认证第一认证码的第二认证码，并发送消息和认证码 从消息接收装置认证发送通知信息的接收认证信息后，生成密钥; 并且包括具有接收认证信息生成单元的消息接收装置，所述接收认证信息生成单元生成接收认证信息以证明发送通知信息的接收;第一认证码认证单元，其通过使用第二认证码和认证来认证第一认证码 代码生成密钥，通过使用认证的第一认证码和认证码生成密钥来认证消息的消息认证单元。 由此，可以减少由节点保持的数据容量。