摘要 |
PURPOSE: A database encryption method of a mobile device is provided to protect recorded information even when a database file of the mobile device is leaked to the outside. CONSTITUTION: A mobile device (10) extracts a session key on the basis of a first random value and a second random value (S350). The mobile device verifies terminal identification information by decoding a second encryption sentence by the session key (S360). The mobile device acquires security server identification information. The mobile device transmits a third encryption sentence, which is made by encoding the second random value and the security server identification information with the session key, to a security server (20) (S370). The security server verifies the second random value and the security server identification information, by decoding the third encryption sentence with the session key (S380). [Reference numerals] (10) Mobile device; (20) Security server; (S310) Ckey extracting=HMAC(Mkey, Cinfo); (S320) Skey generating=Rc XOR Rs; (S340) Rc verification , Rs acquisition; (S350) Skey extracting =Rc XOR Rs; (S360) Cinfo verification , Sinfo acquisition; (S380) Rs,Sinfo verification |