公开(公告)号：US20060143453A1

公开(公告)日：2006-06-29

申请号：US10518499

申请日：2003-06-19

申请人： Kenji Imamoto ,  Katsuyoshi Okawa ,  Tsutomu Hashimoto

发明人： Kenji Imamoto ,  Katsuyoshi Okawa ,  Tsutomu Hashimoto

IPC分类号： H04L9/00

CPC分类号： H04L63/067 ,  H04L9/0891 ,  H04L9/3273 ,  H04L63/0869

摘要： An objective of the present invention is to obtain a mutual authentication method in which mutual authentication is carried out securely and conveniently. In order to achieve the above objective, in the mutual authentication process, a private key K0, being an initial value, is stored in a client and a server (Pc0, Ps0). The client generates a random number R, calculates secret data C and authentication data A, and transmits the data items to the server (Pc1). The server receives the authentication data A and the secret data C from the client, and generates a random number Q, calculates secret data S, and authentication data B and returns the data items, as well as updating the private key K0 with a private key K1 (Ps1). The client receives from the server the authentication data B and the secret data S, generates the random number R, calculates secret data C2, authentication data A2, and returns the data items to the server, and updates the private key K0 with the private key K1(Pc2). The client and the server check whether or not validity is established (Psm+1, Pcm+1). Further in the authentication method above, there is a method for generating a onetime ID, assuming that the onetime ID is identification information usable just one time in the authentication between a plurality of devices or application. In each of the devices or applications which carries out the authentication, a variable shared key which changes per predefined communication unit requiring the authentication is generated, a function value of one-way function is obtained in which the variable shared key is used as an argument, a onetime ID hard to tap and superior in security is generated based on the function value, and the onetime ID is utilized.

公开(公告)号：US20090138367A1

公开(公告)日：2009-05-28

申请号：US11815583

申请日：2006-02-03

申请人： Katsuyoshi Okawa

发明人： Katsuyoshi Okawa

IPC分类号： G06Q20/00 ,  G06Q30/00 ,  G06Q10/00

CPC分类号： G06Q30/0603 ,  G06Q20/02 ,  G06Q20/04 ,  G06Q20/102 ,  G06Q20/12 ,  G06Q20/40 ,  G06Q30/0601 ,  G06Q40/12

摘要： There are provided a network settling card and a network settling program, which can perform a settling procedure on a commodity selected by a user, in a shopping system through a network or in an actual shop, even if the card information and the personal information of the user and so on are not notified, as well as an authentication server, and a shopping system and a settling method. The network settling card includes an authentication processing unit for performing authentication using an authentication key created on the basis of the information of a card to be used in a settling procedure. The authentication processing unit performs the settling procedure on the commodity selected by the user by creating a one-time ID by an authentication key, by acquiring a one-time ID created by an authentication server for authenticating the one-time ID, and by authenticating the authentication server by the authentication key.

摘要翻译： 提供网络结算卡和网络结算程序，其可以通过网络或实际商店在购物系统中通过用户选择的商品执行结算程序，即使卡信息和个人信息 不通知用户等，以及认证服务器，购物系统和结算方法。 网络结算卡包括认证处理单元，用于使用基于要在结算过程中使用的卡的信息创建的认证密钥进行认证。 认证处理单元通过由身份验证密钥创建一次性ID，通过获取由认证服务器创建的用于认证一次性ID的一次性ID，并通过认证来认证，对用户选择的商品执行建立过程 认证服务器通过认证密钥。

公开(公告)号：US20080162934A1

公开(公告)日：2008-07-03

申请号：US12071993

申请日：2008-02-28

申请人： Katsuyoshi Okawa

发明人： Katsuyoshi Okawa

IPC分类号： H04L9/00

CPC分类号： H04L63/0838 ,  G06F21/445 ,  G06F2221/2129 ,  H04L9/3273 ,  H04L63/04

摘要： A method of mutual authentication between a server and a plurality of clients, including:(a) generating, by a client, a first client random number and a first client one time ID based on first and second values;(b) sending the first client one time ID and an encrypted version of the first client random number to the server by the client;(c) generating, by the server, a first server random number and a first server ID based on the first client random number and the first value;(d) sending, by the server, the first server one time ID and an encrypted version of the first server random number to the client by the server;(e) generating, by the client, a second client random number and a second client one time ID based on said first server and first client random numbers;(f) sending, by the client, the second client one time ID and an encrypted version of the second client random number to the server by the client;(g) generating, by the server, a second server random number and a second server one time ID based on the second client random number and first server random number; and(h) repeating (d) to (g), using updated random numbers and client and server one time IDs to provide periodic authentication, wherein the one time IDs thus generated do not contain any unchanging arguments intrinsically related to the two parties.

摘要翻译： 一种服务器与多个客户端之间的相互验证方法，包括：（a）基于第一和第二值，由客户端产生第一客户端随机数和第一客户端一次ID; （b）客户端向服务器发送第一客户端一次ID和第一客户端随机数的加密版本; （c）由所述服务器根据所述第一客户端随机数和所述第一值生成第一服务器随机数和第一服务器ID; （d）服务器将服务器将第一服务器一次性ID和加密版本的第一服务器随机数发送给客户端; （e）基于所述第一服务器和第一客户端随机数，由客户端生成第二客户端随机数和第二客户端一次ID; （f）由客户端向客户端发送第二客户端一次性ID和第二客户端随机数的加密版本到客户端; （g）由服务器根据第二客户机随机数和第一服务器随机数生成第二服务器随机数和第二服务器一次ID; 和（h）使用更新的随机数和客户端和服务器的一次性ID来重复（d）至（g）以提供周期性认证，其中由此产生的一次ID不包含与双方本质上相关的任何不变的参数。