发明名称 |
Cryptographic device for secure authentication |
摘要 |
According to one embodiment, a memory being used to store a host identification key, a host constant (HC), and a first key, the first key being generated based on the host constant (HC); a first generator configured to decrypt a family key block read from an external device with the host identification key to generate a family key; a second generator configured to decrypt encrypted secret identification information read from the external device with the family key to generate a secret identification information; a third generator configured to generate a random number; a fourth generator configured to generate a session key by using the first key and the random number; a fifth generator configured to generate a first authentication information by processing the secret identification information with the session key in one-way function operation. |
申请公布号 |
US8989374(B2) |
申请公布日期 |
2015.03.24 |
申请号 |
US201213524497 |
申请日期 |
2012.06.15 |
申请人 |
Kabushiki Kaisha Toshiba |
发明人 |
Nagai Yuji;Kato Taku;Matsushita Tatsuyuki |
分类号 |
H04L9/00;H04L29/06;H04L9/32 |
主分类号 |
H04L9/00 |
代理机构 |
Oblon, McClelland, Maier & Neustadt, L.L.P. |
代理人 |
Oblon, McClelland, Maier & Neustadt, L.L.P. |
主权项 |
1. A device comprising:
a memory being used to store a host identification key (IDKey), a host constant (HC), and a first key (HKey), the first key (HKey) being generated based on the host constant (HC); a first generator configured to decrypt a family key block read from an external device with the host identification key (IDKey) to generate a family key (FKey); a second generator configured to decrypt encrypted secret identification information (E-SecretID) read from the external device with the family key (FKey) to generate secret identification information (SecretID); a third generator configured to generate a random number (RN); a fourth generator configured to generate a session key (SKey) by using the first key (HKey) and the random number (RN); a fifth generator configured to generate first authentication information (Oneway-ID) by processing the secret identification information (SecretID) with the session key (SKey) in one-way function operation; and a verification unit configured to determine whether the first authentication information (Oneway-ID) and second authentication information (Oneway-ID′) match, the second authentication information (Oneway-ID′) being generated by the external device with the host constant (HC) transmitted to the external device, wherein in a case of generating cryptographically the first authentication information (Oneway-ID), an AES (Advanced Encryption Standard)-based one-way function is used, and a notation of the one-way function is as follows: Oneway-ID=AES_E(SKey, SecretID)(+)SecretID. |
地址 |
Tokyo JP |