COMMUNICATION SYSTEM AND COMMUNICATION DEVICE

摘要

Devices between which packets are transmitted and received include mutually corresponding packet counters. The same random number value is given to the packet counters as their initial values and the packet counters are updated with packet transmission/reception. The transmission-side device generates a MAC value, draws out part thereof on the basis of a counted value of its own packet counter, sets it as a divided MAC value, generates a packet by adding the value to a message and transmits the packet onto a network. The reception-side device generates a MAC value on the basis of the message in the received packet, draws out part thereof on the basis of a counted value of its own packet counter, compares the part with the divided MAC value in the received packet and thereby performs message authentication.

主权项

1. A communication system, comprising:
a first device and a second device which are mutually coupled via a network so as to transmit and receive packets over the network, wherein the first device and the second device respectively include a first packet counter and a second packet counter, wherein the same random number value is given to the first and second packet counters as their initial values and the first and second packet counters are respectively updated in association with transmission and reception of packets, wherein, when a message is to be transmitted to the second device, the first device generates one message authentication code on the basis of the message, draws out part of the message authentication code on the basis of a counted value of the first packet counter, sets the part as a divided message authentication code, generates a packet which includes the message and the divided message authentication code and transmits the packet to the second device over the network, and wherein, when the packet has been received from the first device, the second device generates another message authentication code on the basis of the message included in the received packet, draws out part of the message authentication code on the basis of a counted value of the second packet counter, compares the drawn-out part with the divided message authentication code included in the received packet and thereby performs message authentication.