摘要 |
PROBLEM TO BE SOLVED: To provide a secure authentication method that can be realized with a small program size and is highly resistant to tapping on a communication path and illegal operations of information on the communication path. SOLUTION: A person to be authenticated calculates authentication data this time and authentication data at the next time by using a unidirectional function on the basis of a random number, a user ID and a password, uses exclusive OR for them so as to encrypt the data that cannot be decrypted by parties other than the person to be authenticated in a form of relating both parameters this time and at the next time, and transmits them to an authentication party together with a user ID of the person to be authenticated, the authentication party receives the three information items as above from the person to be authenticated, compares a correctness confirmation parameter calculated by using a unidirectional function with an authentication parameter registered in a previous authentication phase on the basis of the authentication data this time, discriminates that the authentication this time is established when they are coincident and registers the authentication data at the next time as an authentication parameter at the next time. |