摘要 |
A system for operating end-to-end security channel between server and IC card is provided to prevent possible hacking by storing certificate on an IC card. A server(500) transmits random number(Rs) to the IC(Integrated Circuit) card(545) through an end-to-end communication path(605). The IC card decodes E(Rs) through a user private key and the IC card produces E(Rc) through the encryption of the random number(Rc)(610). The IC card produces the session key(K') through the random number(Rs) and random number(Rc). The IC card produces the card verifier(MAC') through the encoding of the random number(Rs). The IC card transmits the E(Rc) and the card verifier(MAC') through an end-to-end communication path to the server(630). |