Cryptographic device for secure authentication

摘要

According to one embodiment, a memory being used to store a host identification key, a host constant (HC), and a first key, the first key being generated based on the host constant (HC); a first generator configured to decrypt a family key block read from an external device with the host identification key to generate a family key; a second generator configured to decrypt encrypted secret identification information read from the external device with the family key to generate a secret identification information; a third generator configured to generate a random number; a fourth generator configured to generate a session key by using the first key and the random number; a fifth generator configured to generate a first authentication information by processing the secret identification information with the session key in one-way function operation.

主权项

1. A device comprising:
a memory being used to store a host identification key (IDKey), a host constant (HC), and a first key (HKey), the first key (HKey) being generated based on the host constant (HC); a first generator configured to decrypt a family key block read from an external device with the host identification key (IDKey) to generate a family key (FKey); a second generator configured to decrypt encrypted secret identification information (E-SecretID) read from the external device with the family key (FKey) to generate secret identification information (SecretID); a third generator configured to generate a random number (RN); a fourth generator configured to generate a session key (SKey) by using the first key (HKey) and the random number (RN); a fifth generator configured to generate first authentication information (Oneway-ID) by processing the secret identification information (SecretID) with the session key (SKey) in one-way function operation; and a verification unit configured to determine whether the first authentication information (Oneway-ID) and second authentication information (Oneway-ID′) match, the second authentication information (Oneway-ID′) being generated by the external device with the host constant (HC) transmitted to the external device, wherein in a case of generating cryptographically the first authentication information (Oneway-ID), an AES (Advanced Encryption Standard)-based one-way function is used, and a notation of the one-way function is as follows: Oneway-ID=AES_E(SKey, SecretID)(+)SecretID.