| 摘要 |
<p><P>PROBLEM TO BE SOLVED: To provide an application authentication system and an application authentication method capable of verifying whether an application operating on an information terminal is a valid application installed on an appropriate information terminal. <P>SOLUTION: An authentication server transmits a message to an information terminal. The information terminal encrypts the transmitted message using key information and inputs the encrypted message to a tamper-resistant device. The tamper-resistant device of the information terminal decrypts the encrypted message, and generates and outputs a first authenticator on the basis of the decrypted message and a signature key. The information terminal generates a second authenticator on the basis of the first authenticator output by the tamper-resistant device according to the message input to the tamper-resistance device and the key information, and transmits the generated authenticator to the authentication server. The authentication server receives the second authenticator transmitted from the information terminal according to the message transmitted to the information terminal, verifies the received second authenticator using the key information, and then verifies the first authenticator included in the second authenticator using the verification key corresponding to the signature key. <P>COPYRIGHT: (C)2013,JPO&INPIT</p> |
