[go: up one dir, main page]

HK1140039B - Communication device, communication method, reader/writer, and communication system - Google Patents

Communication device, communication method, reader/writer, and communication system Download PDF

Info

Publication number
HK1140039B
HK1140039B HK10103961.7A HK10103961A HK1140039B HK 1140039 B HK1140039 B HK 1140039B HK 10103961 A HK10103961 A HK 10103961A HK 1140039 B HK1140039 B HK 1140039B
Authority
HK
Hong Kong
Prior art keywords
key
write
reader
recording unit
writer
Prior art date
Application number
HK10103961.7A
Other languages
Chinese (zh)
Other versions
HK1140039A1 (en
Inventor
金本俊范
志贺贞一
Original Assignee
Sony Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from JP2008126151A external-priority patent/JP2009276916A/en
Application filed by Sony Corporation filed Critical Sony Corporation
Publication of HK1140039A1 publication Critical patent/HK1140039A1/en
Publication of HK1140039B publication Critical patent/HK1140039B/en

Links

Description

Communication device, communication method, reader/writer, and communication system
CROSS-REFERENCE TO RELATED APPLICATIONS
The present invention comprises the subject matter disclosed in japanese priority patent application JP 2008-126151 filed on 13.5.2008 to the present patent office, the entire contents of which are incorporated herein by reference.
Technical Field
The present invention relates to a communication apparatus, a communication method, a reader/writer and a communication system. More particularly, the present invention relates to a technique of reading or writing data on a communication device from a reader/writer.
Background
In a communication system of the related art, such as an IC card system or the like, in order for a reader/writer to be able to perform cryptographic communication and securely perform read/write of data of a communication apparatus, mutual authentication is performed for each communication session to generate a cryptographic key (see, for example, japanese patent application laid-open No. 2005-27338 and japanese patent application laid-open No. 10-20780). According to this method, authentication is performed by generating a random number with the random number generation device of each of the first information processing device and the second information processing device, replacing the encrypted random number with a preset key, and determining whether it can be decrypted correctly.
[ patent document 1] Japanese patent application laid-open No. 2005-27338
[ patent document 2] Japanese patent application laid-open No. 10-20780
Disclosure of Invention
However, the method based on such mutual authentication is for preventing eavesdropping and spoofing by the third information processing apparatus, but is based on random number generation, encryption of random numbers, and application-independent transmission of each of the first information processing apparatus and the second information processing apparatus. Therefore, the effect is not satisfactory and the treatment time is long.
The present invention addresses the above-identified, and other problems associated with methods and apparatuses in the related art, and it is desirable to provide a novel and improved technique that enables a reader/writer to perform reading or writing at high speed while maintaining security of data with respect to a communication device.
According to an embodiment of the present invention, there is provided a communication apparatus including: a communication unit for transmitting and receiving signals with a reader/writer; a recording unit that records data and also records a public key that is a key used in common by the reader/writer; and a control unit configured to, when receiving, from the reader/writer via the communication unit, a cipher key update request signal containing a cipher key encrypted by the reader/writer with a key identical to a common key recorded in the recording unit, decrypt the encrypted cipher key contained in the cipher key update request signal with the common key recorded in the recording unit, and record the cipher key obtained by the decryption in the recording unit, and when receiving, from the reader/writer via the communication unit, a read request signal containing a read target address of an area in the recording unit of a specified data read source encrypted by the reader/writer with the cipher key identical to the cipher key, decrypt the encrypted read target address contained in the read request signal with the cipher key recorded in the recording unit, and transmit, to the read unit via the communication unit, data recorded in the area of the recording unit only in an area specified by the read target address obtained by the decryption And a writer.
According to another embodiment of the present invention, there is provided a communication apparatus including: a communication unit for transmitting and receiving signals with a reader/writer; a recording unit that records data and also records a public key that is a key used in common by the reader/writer; and a control unit for, when receiving a cipher key generation request signal requesting generation of a cipher key from the reader/writer via the communication unit, generating a cryptographic key through a predetermined process, encrypting the generated cryptographic key with a public key recorded in the recording unit, and transmits a cipher key generation response signal containing the encrypted cipher key to the reader/writer via the communication unit, and when receiving a write request signal containing write target data encrypted by a reader/writer and a write target address specifying an area of a write destination of the encrypted write target data in the recording unit encrypted by the reader/writer via the communication unit, the encrypted write target data and the encrypted write target address are decrypted with the encryption key recorded in the recording unit, and records the write target data obtained by the decryption in an area specified by the write target address obtained by the decryption among the areas of the recording unit.
According to the above-described embodiments of the present invention, there is provided a technique that enables a reader/writer to perform reading/writing of data in a communication device at high speed while maintaining security
Drawings
Fig. 1 is a sequence diagram showing an authentication procedure at the time of data read in a general communication system;
fig. 2 is a sequence diagram showing an authentication process of writing data in a general communication system;
fig. 3 is a diagram showing the structure of a communication system according to an embodiment of the present invention;
fig. 4 is a block diagram showing a functional structure of a reader/writer according to an embodiment of the present invention;
fig. 5 is a block diagram showing a functional structure of a communication apparatus according to the present embodiment;
fig. 6 is a block diagram showing a structure of data used in data readout by the communication system according to the embodiment of the present invention;
fig. 7 is a sequence diagram showing a flow of processing at the time of data readout by the communication system according to the embodiment of the present invention;
fig. 8 is a block diagram showing a structure of data used at the time of data writing by the communication system according to the embodiment of the present invention; and
fig. 9 is a sequence diagram showing a flow of processing when data is written by the communication system according to the embodiment of the present invention.
Detailed Description
Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings. It should be noted that in the present specification and the drawings, structural elements having substantially the same function and structure are denoted by the same reference numerals, and repeated explanation of these structural elements is omitted.
Fig. 1 is a sequence diagram showing an authentication procedure at the time of data reading in a general communication system. An authentication process at the time of data readout in a general communication system will be described with reference to fig. 1.
The certification process is generally performed by a method using a symmetric cryptographic algorithm defined in ISO/IEC (international organization for standardization/international electrotechnical commission) 9798-2 and JIS (japanese industrial standard) X5056-2.
First, in step S11, the reader/writer 11A generates a first random number a, encrypts the random number a by a predetermined procedure using a public key B as an authentication key, and obtains encrypted data M1. M1 is sent to communication device 12A as a parameter of Auth1_ Req. In step S21, the communication device 12A receiving the Auth1_ Req decrypts the parameter M1 of the Auth1_ Req through a predetermined procedure using the public key B and obtains the random number a. Subsequently, the communication apparatus 12A encrypts the random number a by a predetermined process using the public key a to obtain encrypted data M2.
In step S22, the communication apparatus 12A generates the second random number B, and encrypts the second random number B by a predetermined procedure using the public key a to obtain encrypted data M3. The communication device 12A returns M2 and M3 to the reader/writer 11A as parameters of Auth1_ Res.
In step S12, the reader/writer 11A that receives Auth1_ Res decrypts the parameter M2 of Auth1_ Res by a predetermined procedure using the public key a, and compares and checks whether the obtained value is the same value as the random number a generated in step S11. If a check is made, the reader/writer 11A will know that the communication device 12A holds the same public keys a and B as itself.
Thereafter, in step S13, the reader/writer 11A decrypts the parameter M3 of Auth1_ Res by a predetermined procedure using the public key a, and obtains the random number B. Thereafter, the reader/writer 11A encrypts the random number B by a predetermined process using the public key B, and obtains encrypted data M4. The reader/writer 11A transmits M4 as a parameter of Auth2_ Req to the communication apparatus 12A.
In step S23, the communication device 12A that received the Auth2_ Req decrypts the parameter M4 of the Auth2_ Req through a predetermined procedure using the common password B, and compares and checks whether the obtained value is the same value as the random number B generated in step S22. If a check is made, the communication device 12A will know that the reader/writer 11A holds the same public keys a and B as itself.
Thereafter, the communication apparatus 12A generates a cipher key (SK) for encrypting and decrypting the communication path and a session id (sid) for identifying the mutual authentication process by a predetermined process from the obtained random number A, B. The code indicating the session ID and the mutual authentication success is encrypted by a predetermined process using the cryptographic key SK to obtain encrypted data M5. The communication device 12A returns M5 to the reader/writer 11A as a parameter of Auth2_ Res.
In step S14, the reader/writer 11A that receives the Auth2_ Req generates a cipher key (SK) for encrypting and decrypting the communication path and a session id (sid) for identifying the mutual authentication process by a predetermined process based on the random number A, B obtained so far. The parameter M5 of Auth2_ Res is decrypted by a predetermined procedure using the cryptographic key SK, and a check is made to obtain a code indicating that the session ID and the mutual authentication are successful, thereby completing the authentication procedure.
After the authentication process is ended, a cryptographic communication process may be performed. In fig. 1, after the authentication process, the data Read request Read _ Req from the communication device 12A is encrypted and transmitted. Read _ Req is defined as a structure containing a request identifier and a Read target address (see fig. 6A). In step S15, the reader/writer 11A encrypts all fields except the request identifier of Read _ Req by a predetermined process using the cryptographic key SK shared in the mutual authentication process, and transmits the encrypted fields to the communication apparatus 12A.
Similarly to S15, in step S24, the communication device 12A that receives the Read _ Req decrypts all fields except for the request identifier of the Read _ Req through a predetermined process using the cryptographic key SK shared in the mutual authentication process, and obtains the Read _ Req in plain text. The communication device 12A reads out data from the designated address in accordance with the Read _ Req of the plain text, and sets it as a parameter of Read _ Res. Read _ Res is defined as a structure containing a response identifier, a result code, and Read target data (see fig. 6B). Similarly to Read _ Req, with respect to Read _ Res, the communication device 12A encrypts all fields except for the response identifier by a predetermined procedure using the cipher key SK shared in the mutual authentication procedure, and returns the encrypted fields to the reader/writer 11A.
Fig. 2 is a sequence diagram showing an authentication process of writing data in a general communication system. An authentication process of writing data in a general communication system will be described with reference to fig. 2.
In fig. 2, similarly to fig. 1, after the authentication process, the data Write request Write _ Req to the communication apparatus 12A is encrypted and transmitted. Write _ Req is defined as a structure containing a request identifier, a Write object address, and Write object data (see fig. 8A).
In step S35, the reader/writer 11A encrypts all fields except the request identifier of Write _ Req by a predetermined process using the cipher key SK shared in the mutual authentication process, and transmits the encrypted fields to the communication apparatus 12A.
Similarly to S35, in step S44, the communication device 12A that received the Write _ Req decrypts all fields except for the request identifier of the Write _ Req by a predetermined process using the cryptographic key SK shared in the mutual authentication process, and obtains the Write _ Req in plain text. The communication device 12A writes specified data to a specified address according to the plain text Write _ Req, and sets the result code as a parameter of Write _ Res. Write _ Res is defined as a structure containing a response identifier and a result code (see fig. 8B). Similarly to Write _ Req, with Write _ Res, the communication device 12A encrypts all fields except the response identifier by a predetermined process using the cipher key SK shared in the mutual authentication process, and returns the encrypted fields to the reader/writer 11A.
Fig. 3 is a diagram showing the structure of a communication system according to an embodiment of the present invention. A communication system according to an embodiment of the present invention will be described with reference to fig. 3.
As shown in fig. 3, the communication system 10 is constituted by a reader/writer 11 and a communication device 12 that communicate wirelessly, wherein data is transmitted and received between the reader/writer 11 and the communication device 12 in a non-contact manner using electromagnetic waves. The general wireless communication system assumed here performs cryptographic communication by the following procedure.
The reader/writer 11 emits an electric wave (electromagnetic wave) and performs processing such as polling (polling) to detect the communication apparatus 12. When the communication device 12 approaches the reader/writer 11 and the reader/writer 11 detects the communication device 12, the reader/writer 11 and the communication device 12 transmit and receive predetermined data to perform an authentication process. The reader/writer 11 encrypts a request signal to the communication apparatus 12 using a cryptographic key and a session ID generated and shared in the authentication process, and transmits the encrypted request signal. The request signal includes a request signal requesting rewriting of predetermined data, a request signal requesting transmission of predetermined data, and the like.
When receiving the request signal transmitted from the reader/writer 11, the communication device 12 decrypts the request signal using the shared cryptographic key, checks the consistency with the shared session ID, then performs the requested process and returns a code indicating success or failure.
In the present embodiment, each authentication process is separately and independently done for securely reading/writing data to the communication device 12 as a secure device, so that the command sequence is optimized for the method of use. When a readout process is performed from the secure device, the side that makes the readout request generates a cryptographic key (session key), and transmits the cryptographic key to the readout side. Then, the read-out side encrypts the read-out data using a cryptographic key (session key) and transmits the encrypted data. When the write process is performed by the secure device, the side to be written generates a cryptographic key (session key), and transmits the cryptographic key to the side that made the write request. Then, the write book encrypts the written data using the generated encryption key (session key) and transmits the encrypted data. Then, the session key is updated on the communication device 12 as a secure device at a higher speed.
In this method, a cryptographic key (session key) is encrypted using a public key shared between the security devices (between the reader/writer 11 and the communication device 12) to transmit the cryptographic key (session key) in secrecy.
A system in which access rights are separated can be realized by using a session password or a public key different for a reading process and a writing process with respect to the data area of the communication apparatus 12.
Fig. 4 is a block diagram showing a functional structure of a reader/writer according to an embodiment of the present invention. A reader/writer according to an embodiment of the present invention will be described in detail with reference to fig. 4.
The reader/writer 11 is configured to include a control unit 31, a recording unit (second recording unit) 32, an SPU (signal processing) 33, a modulation unit 34, an oscillation circuit 35, an antenna 36 as one example of a communication unit, a demodulation unit 37, and a driver 38.
The control unit 31 generates a request signal requesting rewriting of data including predetermined data. The control unit 31 also generates a request signal requesting transmission of predetermined data.
The control unit 31 generates data to be stored in a request signal requesting rewriting of the data. When reading out data, the control unit 31 generates a cryptographic key by a predetermined process. The control unit 31 encrypts the generated cipher key with the read-out public key recorded in the recording unit 32, and supplies a cipher key update request signal (see fig. 6C) containing the encrypted cipher key to the SPU 33. The cryptographic key update request signal is transmitted to the communication apparatus 12 via the antenna 36. The control unit 31 encrypts a read target address in the area of the nonvolatile memory 106 (see fig. 5) that specifies the data read source using the generated cipher key, and supplies a read request signal (see fig. 6A) containing the encrypted read target address to the SPU 33. The read request signal is transmitted to the communication device 12 via the antenna 36.
When writing data, the control unit 31 supplies a cryptographic key generation request signal (see fig. 8C) requesting generation of a cryptographic key to the SPU 33. The cryptographic key generation request signal is transmitted to the communication apparatus 12 via the antenna 36. When a cipher key generation response signal containing a cipher key encrypted by the communication apparatus 12 with the same key as the write public key recorded in the recording unit 32 is received from the communication apparatus 12 via the antenna 36 and supplied from the SPU 33 (see fig. 8D), the control unit 31 decrypts the encrypted cipher key included in the cipher key generation response signal with the write public key recorded in the recording unit 32, records the cipher key obtained by the decryption in the recording unit 32, encrypts the write target data and the write target address (an area specifying the write destination of the write target data in the nonvolatile memory 106) with the cipher key recorded in the recording unit 32, and supplies a write request signal (see fig. 8A) containing the encrypted write target data and the encrypted write target address to the SPU 33. The write request signal is transmitted to the communication device 12 via the antenna 36.
The control unit 31 is configured by a CPU (central processing unit) or the like, and reads a program supplied from a driver 38 attached as desired, and executes the read program. If the program and data are supplied from the drive 38, the control unit 31 supplies the supplied program and data to the recording unit 32, reads the program recorded in the recording unit 32 as necessary, and executes the read program.
The recording unit 32 is a so-called nonvolatile storage medium or recording medium (which is rewritable and can hold recorded content even if power is turned off), and is constituted by, for example, a hard disk, a flash memory, or the like. The recording unit 32 records a variety of data. The recording unit 32 supplies the recorded data to the control unit 31 as necessary.
The recording unit 32 records at least one of the read-out public key or the write-in public key as a key used commonly by the communication apparatus 12. The recording unit 32 supplies the recorded public key to the control unit 31. The recording unit 32 also records data supplied from the control unit 31.
SPU 33 encodes the request signal supplied from control unit 31 by a predetermined method, and supplies the encoded request signal to modulation unit 34. SPU 33 decodes the response signal supplied from demodulation unit 37 by a method corresponding to the encoding method of the response signal, and supplies the decoded response signal to control unit 31.
For example, when a request signal to be transmitted to the communication device 12 is supplied from the control unit 31, the SPU 33 performs an encoding process (such as encoding into a manchester code) on the relevant request signal, and outputs the obtained signal to the modulation unit 34. When supplied with a response signal from communication apparatus 12 from demodulation unit 37, SPU 33 performs a decoding process on the correlation data (such as decoding into a manchester code), and supplies the obtained signal to control unit 31.
The modulation unit 34 generates a carrier wave based on a clock pulse signal of a predetermined frequency supplied from the oscillation circuit 35. The modulation unit 34 modulates the request signal supplied from the SPU 33 by a predetermined method based on a carrier wave to generate a request signal, and supplies the modulated request signal to the antenna 36. For example, based on the request signal supplied from the SPU 33, the modulation unit 34 generates a modulated request signal by changing the phase, amplitude, frequency, and the like of the carrier wave.
More specifically, the modulation unit 34 ASK (amplitude shift keying) modulates data supplied from the SPU 33 with a clock signal having a frequency of 13.56MHz supplied from the oscillation circuit 35 as a carrier wave, and outputs the generated modulated wave to the antenna 36 as an electromagnetic wave.
The oscillation circuit 35 generates a clock signal of a predetermined frequency that becomes a reference, and supplies the generated clock signal to the modulation unit 34.
The antenna 36 transmits the request signal supplied from the modulation unit 34 to the communication device 12 by wireless communication. In other words, the antenna 36 emits an electric wave for transmitting the request signal supplied from the modulation unit 34. The antenna 36 also receives a response signal transmitted from the communication device 12, and supplies the received response signal to the demodulation unit 37.
The demodulation unit 37 demodulates the response signal supplied from the antenna 36 by a demodulation method corresponding to the modulation method of the modulation unit 109 (see fig. 3), and supplies the demodulated response signal to the SPU 33. For example, the demodulation unit 37 demodulates a modulated wave (ASk modulated wave) obtained by the antenna 36, and outputs the demodulated response signal to the SPU 33.
When the magnetic disk 71, the optical disk 72, the magneto-optical disk 73, or the semiconductor memory 74 is attached, the drive 38 drives the magnetic disk 71, the optical disk 72, the magneto-optical disk 73, or the semiconductor memory 74 to obtain the recorded program, data, or the like. The obtained program and data are transferred to the control unit 31 or the communication device 12. The program transferred (transmitted) to the communication apparatus 12 is recorded or executed by the communication apparatus 12 if necessary.
Fig. 5 is a block diagram showing a functional structure of a communication apparatus according to an embodiment of the present invention. A communication apparatus according to an embodiment of the present invention will be described with reference to fig. 5.
The communication apparatus 12 is configured to include an antenna 101, a demodulation unit 102, an SPU103, a control unit 104, a recording unit (first recording unit) 106, a RAM (random access memory) 107, an oscillation circuit 108, a modulation unit 109, and a power generation unit 110 as one example of communication units.
The antenna 101 receives a request signal transmitted from the reader/writer 11 and supplies the received request signal to the demodulation unit 102. The antenna 101 transmits the response signal supplied from the modulation unit 109 to the reader/writer 11 by wireless communication. In other words, the antenna 101 emits an electric wave for transmitting the response signal supplied from the modulation unit 109. At the antenna 101, resonance occurs due to an electric wave of a predetermined frequency emitted from the reader/writer 11, thereby generating electromotive force.
The demodulation unit 102 demodulates the request signal supplied from the antenna 101 by a demodulation method corresponding to the modulation method of the modulation unit 34 (see fig. 2), and supplies the demodulated request signal to the SPU 103. For example, the demodulation unit 102 envelopes and demodulates a detection request signal (ASK modulated wave received via the antenna 101), and outputs the demodulated request signal to the SPU 103.
The SPU103 decodes the request signal supplied from the demodulation unit 102 by a predetermined method, and supplies the decoded request signal to the control unit 104. The SPU103 encodes the response signal supplied from the control unit 104 by a predetermined encoding method, and supplies the encoded response signal to the modulation unit 109. For example, if the data demodulated in the demodulation unit 102 is encoded by the manchester method, the SPU103 decodes the data (decodes manchester codes) based on a clock signal supplied from a PLL (phase locked loop) circuit (not shown), and supplies the decoded data to the control unit 104. For example, the SPU103 encodes the response signal supplied from the control unit 104 by the manchester method, and supplies the encoded response signal to the modulation unit 109.
The control unit 104 is constituted by a CPU (central processing unit) or the like, and the functions are realized by executing programs stored in the RAM 107. A cipher key update request signal (see fig. 6C) containing a cipher key encrypted by the reader/writer 11 with the same key as the read-out public key recorded in the nonvolatile memory 106 is received from the reader/writer 11 via the antenna 101 and supplied from the SPU 103. When the cipher key renewal request signal is supplied, the control unit 104 decrypts the encrypted cipher key contained in the cipher key renewal request signal with the read-out public key recorded in the nonvolatile memory 106, and records the cipher key obtained by the decryption in the RAM 107. The cryptographic key obtained by the decryption is recorded in the RAM 107, but may be recorded in the nonvolatile memory 106.
When the write request signal is supplied, the control unit 104 may determine a cipher key update request flag included in the write request signal. Such a write request signal is considered as a cipher key update request signal when it is determined that the value requesting cipher key update is set at the cipher key update request flag. Then, the existing write request signal can be used as a cipher key update request signal, and thus, development efficiency is improved.
A read request signal containing a read target address (an area in the nonvolatile memory 106 specifying a data read source) encrypted with the same encryption key as the above encryption key by the reader/writer 11 is received from the reader/writer 11 via the antenna 101, and is supplied from the SPU103 to the control unit 104. When the read request signal is supplied, the control unit 104 decrypts the encrypted read target address contained in the read request signal with the encryption key recorded in the RAM 107, and supplies data recorded in the area specified by the read target address obtained by decrypting the area of the nonvolatile memory 106 to the SPU 103. This data is transmitted to the reader/writer 11 via the antenna 101.
A cryptographic key generation request signal (see fig. 8C) requesting generation of a cryptographic key is received from the reader/writer 11 via the antenna 101, and is supplied from the SPU103 to the control unit 104. When the cipher key generation request signal is supplied, the control unit 104 generates a cipher key by a predetermined process, and encrypts the generated cipher key with the write public key recorded in the nonvolatile memory 106. The control unit 104 supplies a cryptographic key generation response signal (see fig. 8D) containing the encrypted cryptographic key to the SPU 103. This signal is transmitted to the reader/writer 11 via the antenna 101.
When the read request signal is supplied, the control unit 104 may determine the cryptographic key generation request flag contained in the read request signal. Such a read request signal is considered as a cryptographic key generation request signal when it is determined that the value requesting cryptographic key update is set in the cryptographic key generation request flag. Then, the existing read request signal can be used as a cipher key generation request signal, and therefore, development efficiency is improved.
A write request signal (see fig. 8A) containing write target data encrypted by the reader/writer 11 and a write target address specifying an area of a write destination of the write target data in the nonvolatile memory 106 is received via the antenna 101 and is supplied to the control unit 104 by the SPU 103. When the write request signal is supplied, the control unit 104 decrypts the encrypted write target data and the encrypted write target address with the cryptographic key recorded in the RAM 107. Here, it is assumed that the cryptographic key is recorded in the RAM 107, but may be recorded in the nonvolatile memory 106. The control unit 104 records the write target data obtained by the decryption in an area specified by the write target address obtained by the decryption in the area of the nonvolatile memory 106.
The recording unit 105 is configured to include a nonvolatile memory 106, a RAM 107, and the like. The nonvolatile memory 106 is configured by a nonvolatile memory such as a flash memory, an EEPROM, an MRAM, an FeRAM, or the like. The nonvolatile memory 106 records various data such as secret data to be transmitted to the reader/writer 11 and data for executing a program. The nonvolatile memory 106 also records at least one of the read-out public key or the write-in public key as a key used commonly by the reader/writer 11.
The RAM 107 appropriately stores data for executing programs and the like. The RAM 107 supplies the stored data to the control unit 104.
The oscillation circuit 108 generates a clock signal having the same frequency as that of the request signal received by the antenna 101, and supplies the generated clock signal to the modulation unit 109. The oscillation circuit 108 incorporates a PLL circuit and generates a clock signal having the same frequency as that of the request signal.
The modulation unit 109 generates a carrier wave based on a clock signal of a predetermined frequency supplied from the oscillation circuit 108. The modulation unit 109 modulates the response signal supplied from the SPU103 by a predetermined method based on a carrier wave to generate a response signal, and supplies the modulated response signal to the antenna 101. For example, the modulation unit 109 further ASK-modulates the response signal supplied from the SPU103 and encoded by the manchester method, and transmits the modulated response signal to the reader/writer 11 via the antenna 101.
The modulation unit 109 turns on/off a predetermined switching element (not shown) with respect to a response signal supplied from the SPU103, and connects a predetermined load in parallel to the antenna 101 only when the switching element is in an on state to vary the load of the antenna 101. By varying the load of the antenna 101 (varying the terminal voltage of the antenna 36 of the reader/writer 11), the ASK-modulated response signal is transmitted to the reader/writer 11 via the antenna 101.
The power generation unit 110 generates Direct Current (DC) power based on Alternating Current (AC) electromotive force generated at the antenna 101, and supplies the generated DC energy to each unit in the communication device 12.
The aim of the invention is to simplify the authentication process of such systems depending on the application and to increase the speed of the process with the strength of encryption as it is. In other words, the application is widely divided into an encrypted read request and an encrypted write request using a cipher generated with a certain public key.
When executing a Read request with encryption (Read _ Req), a random number generated by the reader/writer 11 is used as a cipher key. Before transmitting the Read _ Req, the reader/writer 11 transmits the Write _ SK _ Req requesting updating of the cryptographic key to the communication device 12 as an authentication process.
Fig. 6 is a block diagram showing a data structure used in data readout by the communication system according to the embodiment of the present invention. A data structure used in data readout by the communication system according to the embodiment of the present invention will be described with reference to fig. 6.
As shown in fig. 6A, the Read request (Read _ Req) includes a request identifier for identifying the request, a session id (sid) for identifying the session, and a Read target Address (ADDR) for specifying an area of the data Read source in the nonvolatile memory 106 (see fig. 5). As shown in fig. 6A, the session id (sid) and the read-out object DATA (DATA) are objects of encryption.
As shown in fig. 6B, the Read response (Read _ Res) includes a response identifier for identifying the response, a session id (sid) for identifying the session, a result code (SF) indicating a processing result regarding the request, and Read-target DATA (DATA) Read from the nonvolatile memory 106 (see fig. 5). As shown in fig. 6B, the session id (sid), the result code (SF), and the read target DATA (DATA) are objects to be encrypted.
As shown in fig. 6C, the cryptographic key update request (Write _ SK _ Req) includes a request identifier for identifying the request, a device identifier (IDm) for identifying the communication device 12 (see fig. 2), a Public Key Identifier (PKID) for identifying the public key, and the cryptographic key (SK). As shown in fig. 6C, the cryptographic key (SK) is an encrypted object.
As shown in fig. 6D, the cryptographic key update response (Write _ SK _ Res) includes a response identifier for identifying the response, a device identifier (IDm) for identifying the communication device 12 (see fig. 2), and a result code (SF) indicating a processing result with respect to the request.
Fig. 7 is a sequence diagram showing a flow of processing at the time of data readout by the communication system according to the embodiment of the present invention. Processing at the time of data readout by the communication system according to the embodiment of the present invention will be described with reference to fig. 7.
In step S111, the reader/writer 11 generates a cryptographic key (SK). That is, the reader/writer 11 generates a random number and stores it as a cryptographic key (SK). Then, the reader/writer 11 encrypts the random number by a predetermined process using a Public Key (PK) as an authentication key to obtain encrypted data Enc (PK, SK). The reader/writer 11 transmits Enc (PK, SK) as a parameter of Write _ SK _ Req to the communication device 12.
In step S221, the communication device 12 that receives the Write _ SK _ Req decrypts the parameter Enc (PK, SK) of the Write _ SK _ Req by a predetermined procedure using the Public Key (PK) corresponding to the Public Key Identifier (PKID) to obtain the cipher key (SK). Accordingly, the cryptographic key (SK) can be shared between the reader/writer 11 and the communication device 12. In one embodiment, Write _ SK _ Res includes a success/failure determination code (SF) as a parameter, which is returned to the reader/writer 11. The subsequent cryptographic communication process is the same as the example shown in fig. 1 and will therefore be omitted.
High-speed cryptographic communication that shares a session password (cryptographic key) can be realized in a system that performs secure read-out only from a secure device (communication device 12) by performing the above-described processing at the time of data read-out.
Specifically, since data can be read out by performing communication between the reader/writer 11 and the communication device 12 twice, cryptographic communication can be realized at high speed. Since the communication device 12 may not perform the process of generating a random number (the process of generating a key), cryptographic communication can be realized at high speed. Since data transmitted and received between the reader/writer 11 and the communication device 12 is encrypted, security is also ensured.
Fig. 8 is a block diagram showing a data structure at the time of data writing by the communication system according to the embodiment of the present invention. A data structure used when data writing is performed by the communication system according to the embodiment of the present invention will be described with reference to fig. 8.
As shown in fig. 8A, the Write request (Write _ Req) includes a request identifier for identifying the request, a session id (sid) for identifying the session, a Write object Address (ADDR) for specifying an area of the DATA Write destination in the nonvolatile memory 106 (see fig. 5), and Write object DATA (DATA). As shown in fig. 8A, the session id (sid), the write target Address (ADDR), and the write target DATA (DATA) written to the nonvolatile memory 106 (see fig. 5) are objects of encryption.
As shown in fig. 8B, the Write response (Write _ Res) includes a response identifier for identifying the response, a session id (sid) for identifying the session, and a result code (SF) indicating a processing result with respect to the request. As shown in fig. 8B, the session id (sid) and the result code (SF) are objects of encryption.
As shown in fig. 8C, the cryptographic key generation request (Read _ SK _ Req) includes a request identifier for identifying the request, a device identifier (IDm) for identifying the communication device 12 (see fig. 2), and a Public Key Identifier (PKID) for identifying the public key.
As shown in fig. 8D, the cryptographic key generation response (Read _ SK _ Res) includes a response identifier for identifying the response, a device identifier (IDm) for identifying the communication device 12 (see fig. 2), a result code (SF) indicating a processing result regarding the response, and the cryptographic key (SK). As shown in fig. 8D, the cryptographic key (SK) is an encrypted object.
Fig. 9 is a sequence diagram showing a flow of processing at the time of data writing by the communication system according to the embodiment of the present invention. Processing at the time of data writing by the communication system according to the embodiment of the present invention will be described with reference to fig. 9.
The reader/writer 11 first transmits Read _ SK _ Req to the communication device 12. In this case, the identifier (PKID) of the Public Key (PK) is sent simultaneously as a parameter. In step S231, the communication device 12 that receives the Read _ SK _ Req generates a cryptographic key (SK). In other words, the communication device 12 generates a random number and saves it as a cryptographic key (SK). Then, the communication device 12 encrypts the cipher key (SK) by a predetermined process using the Public Key (PK) corresponding to the Public Key Identifier (PKID) to obtain encrypted data Enc (PK, SK). The communication device 12 transmits Enc (PK, SK) to the reader/writer 11 as a parameter of Read _ SK _ Res.
In step S131, the reader/writer 11 that receives Read _ SK _ Res decrypts the parameter Enc (PK, SK) of Read _ SK _ Res by a predetermined procedure using the Public Key (PK) to obtain the cipher key (SK). Accordingly, the cryptographic key (SK) can be shared between the reader/writer 11 and the communication device 12. The subsequent cryptographic communication process is the same as the example shown in fig. 2 and is therefore omitted.
High-speed cryptographic communication that shares a session key (cryptographic key) can be realized in a system that performs only secure writing to a secure device (communication device 12) by the processing at the time of data writing described above. Specifically, since data can be written by performing communication between the reader/writer 11 and the communication device 12 twice, cryptographic communication can be realized at high speed. Since the reader/writer 11 can perform no process of generating a random number (process of generating a password), password communication can be realized at high speed. Since data transmitted and received between the reader/writer 11 and the communication device 12 is encrypted, security can also be ensured.
The communication system 10 can perform the above-described processing at the time of data reading and processing at the time of data writing. In this case, authentication or cryptographic communication using different key values for the read processing and the write processing can be realized for the data area of the secure device (the communication device 12). In this case, since the key value used when data reading is performed and the key value used when data writing is performed are different, security against attacks on data reading and data writing is improved.
The present invention is also applicable to an information processing system for transmitting and receiving data through a wired or wireless communication network, an electronic money system using an IC card, a security system, and the like.
It will be appreciated by those skilled in the art that various modifications, combinations, subcombinations, and variations may be made in accordance with design requirements and other factors and are intended to be included within the scope of the claims of the present invention or their equivalents.

Claims (10)

1. A communication device, comprising:
a communication unit for transmitting and receiving signals with a reader/writer;
a recording unit that records data, and also records a read-out common key and a write-in common key that are keys used commonly by the reader/writer; and
a control unit operable, when receiving, from the reader/writer via the communication unit, a cipher key update request signal containing a first cipher key encrypted by the reader/writer with a key identical to the read-out public key recorded in the recording unit, to decrypt the encrypted first cipher key contained in the cipher key update request signal with the read-out public key recorded in the recording unit and record the first cipher key obtained by the decryption in the recording unit, and when receiving, from the reader/writer via the communication unit, a read-out request signal containing a read-out object address specifying an area of a data read-out source in the recording unit encrypted by the reader/writer with a cipher key identical to the first cipher key, to use the first cipher key recorded in the recording unit to encrypt the encrypted read-out object address contained in the read-out request signal Decrypting and transmitting data recorded in an area specified by a read-out object address obtained by the decryption among the areas of the recording unit to the reader/writer via the communication unit;
wherein the control unit determines a second cipher key update request flag contained in the write request signal when receiving the write request signal from the reader/writer via the communication unit, and determines the write request signal as the cipher key update request signal when determining that a value requesting the second cipher key update is set to the second cipher key update request flag.
2. A communication device, comprising:
a communication unit for transmitting and receiving signals with a reader/writer;
a recording unit that records data, and also records a read-out public key and a write-in public key, which are keys used commonly by the reader/writer; and
a control unit configured to generate a first cryptographic key by a predetermined process when receiving a cryptographic key generation request signal requesting generation of the first cryptographic key from the reader/writer via the communication unit, encrypt the generated first cryptographic key with a previously generated cryptographic key, and transmit a cryptographic key generation response signal containing the encrypted first cryptographic key to the reader/writer via the communication unit, and decrypt the encrypted write-object data and the encrypted write-object address with the first cryptographic key recorded in the recording unit when receiving a write request signal containing write-object data encrypted with the first cryptographic key by the reader/writer and a write-object address specifying an area of a write destination of the encrypted write-object data in the recording unit via the communication unit, and recording the write target data obtained by the decryption in an area specified by a write target address obtained by the decryption among areas of the recording unit;
wherein the control unit determines a second cipher key update request flag contained in the write request signal when receiving the write request signal from the reader/writer via the communication unit, and determines the write request signal as the second cipher key update request signal when determining that a value requesting the second cipher key update is set to the second cipher key update request flag.
3. A communication device, comprising:
a communication unit for transmitting and receiving signals with a reader/writer;
a recording unit that records data, and also records a read-out common key and a write-in common key that are keys used commonly by the reader/writer; and
a control unit operable to decrypt the encrypted first cryptographic key included in the cryptographic key update request signal with the read public key recorded in the recording unit and record the first cryptographic key obtained by the decryption in the recording unit when receiving a cryptographic key update request signal including the first cryptographic key encrypted by the reader/writer with a key identical to the read public key recorded in the recording unit from the reader/writer via the communication unit, and to enter the encrypted read target address included in the read request signal with the first cryptographic key recorded in the recording unit when receiving a read request signal including a read target address specifying an area in the recording unit by the reader/writer encrypted with a cryptographic key identical to the first cryptographic key and specifying a data read source from the recording unit from the reader/writer via the communication unit Line-decrypting and transmitting data recorded in an area specified by the read object address obtained by the decrypting among the areas of the recording unit to the reader/writer via the communication unit, generating a second cryptographic key by a predetermined process when receiving a cryptographic key generation request signal requesting generation of the second cryptographic key from the reader/writer via the communication unit, encrypting the generated second cryptographic key with the write common key recorded in the recording unit, and transmitting a cryptographic key generation response signal containing the encrypted second cryptographic key to the reader/writer via the communication unit, and receiving a write object address containing write object data encrypted by the reader/writer using the second cryptographic key generated by the control unit and specifying an area of a write destination of the encrypted write object data in the recording unit via the communication unit The encrypted write-target data and the encrypted write-target address are decrypted with the second encryption key in the second encryption key generation response signal upon request signal, and the write-target data obtained by the decryption is recorded in an area specified by the write-target address obtained by the decryption among the areas of the recording unit.
4. A communication method performed by a control unit of a communication apparatus including a communication unit for transmitting and receiving a signal with a reader/writer and a recording unit recorded with data and also recorded with a read common key and a write common key that are keys used commonly by the reader/writer, the method comprising the steps of:
when a cipher key update request signal containing a first cipher key encrypted by the reader/writer with the same key as the read-out public key recorded in the recording unit is received from the reader/writer via the communication unit, decrypting the encrypted first cipher key contained in the cipher key update request signal with the read-out public key recorded in the recording unit;
recording the first cryptographic key obtained by the decryption in the recording unit;
when a read request signal containing a read target address that is encrypted by the reader/writer with the same encryption key as the first encryption key and that specifies an area of a data read source in the recording unit is received from the reader/writer via the communication unit, decrypting the encrypted read target address contained in the read request signal with the first encryption key recorded in the recording unit; and
transmitting data recorded in an area specified by a read-out object address obtained by decryption among the areas of the recording unit to the reader/writer via the communication unit;
wherein the control unit determines a second cipher key update request flag contained in the write request signal when receiving the write request signal from the reader/writer via the communication unit, and determines the write request signal as the second cipher key update request signal when determining that a value requesting the second cipher key update is set to the second cipher key update request flag.
5. A reader/writer, comprising:
a communication unit for transmitting and receiving a signal with a communication device including a first recording unit in which data is recorded;
a second recording unit that records a read-out common key and a write-in common key that are keys used commonly by the communication apparatus; and
a control unit configured to generate a cryptographic key by a predetermined process, encrypt the generated cryptographic key with the readout public key recorded in the second recording unit, transmit a cryptographic key update request signal containing the encrypted cryptographic key to the communication apparatus via the communication unit, encrypt a readout target address specifying an area of a data readout source in the first recording unit with the generated cryptographic key, and transmit a readout request signal containing the encrypted readout target address to the communication apparatus via the communication unit;
wherein the reader/writer and the communication device transmit and receive predetermined data to perform an authentication process, each authentication process being separately and independently performed from securely reading/writing data to the communication device, so that a command sequence is optimized for a usage method.
6. A reader/writer, comprising:
a communication unit for transmitting and receiving a signal with a communication device including a first recording unit in which data is recorded;
a second recording unit that records a read-out common key and a write-in common key that are keys used commonly by the communication apparatus; and
a control unit that transmits a cipher key generation request signal requesting generation of a cipher key to the communication apparatus via the communication unit, and when a cipher key generation response signal containing a cipher key encrypted by the communication apparatus with a same key as the write public key recorded in the second recording unit is received from the communication apparatus via the communication unit, decrypts the encrypted cipher key contained in the cipher key generation response signal with the write public key recorded in the second recording unit, records the cipher key obtained by the decryption in the second recording unit, encrypts write-target data and a write-target address specifying an area of a write destination of the write-target data in the first recording unit with the cipher key recorded in the second recording unit, and transmitting a write request signal containing the encrypted write target data and the encrypted write target address to the communication device via the communication unit;
wherein the reader/writer and the communication device transmit and receive predetermined data to perform an authentication process, each authentication process being separately and independently performed from securely reading/writing data to the communication device, so that a command sequence is optimized for a usage method.
7. A reader/writer, comprising:
a communication unit for transmitting and receiving a signal with a communication device including a first recording unit in which data is recorded;
a second recording unit that records a read-out public key and a write-in public key that are keys used commonly by the communication apparatus; and
a control unit configured to generate a first cryptographic key by a predetermined process when reading out data, encrypt the generated first cryptographic key with the readout public key recorded in the second recording unit, transmit a cryptographic key update request signal containing the encrypted first cryptographic key to the communication apparatus via the communication unit, encrypt a readout target address specifying an area of a data readout source in the first recording unit with the generated first cryptographic key, and transmit a readout request signal containing the encrypted readout target address to the communication apparatus via the communication unit, and when writing data, transmit a cryptographic key generation request signal requesting generation of a second cryptographic key to the communication apparatus via the communication unit, and when receiving from the communication apparatus via the communication unit a cryptographic key generation request signal containing the encrypted readout target address recorded in the second recording unit by the communication apparatus And a second recording unit that records the encrypted second encryption key in the second recording unit, encrypts write target data and a write target address specifying an area of a write destination of the write target data in the first recording unit with the second encryption key recorded in the second recording unit, and transmits a write request signal including the encrypted write target data and the encrypted write target address to the communication device via the communication unit.
8. A communication system comprising a reader/writer and a communication device, wherein
The communication apparatus includes:
a communication unit for transmitting and receiving signals with the reader/writer;
a first recording unit that records data, and also records a read-out common key and a write-in common key that are keys used commonly by the reader/writer; and
a control unit operable, when receiving, from the reader/writer via the communication unit, a cipher key update request signal containing a first cipher key encrypted by the reader/writer with a key identical to the readout common key recorded in the first recording unit, to decrypt the encrypted first cipher key contained in the cipher key update request signal with the readout common key recorded in the first recording unit and record the first cipher key obtained by the decryption in the first recording unit, and when receiving, from the reader/writer via the communication unit, a readout request signal containing a readout object address encrypted by the reader/writer with a cipher key identical to the first cipher key and specifying an area whose data readout source is in the first recording unit, to pair the readout object address contained in the readout request signal with the first cipher key recorded in the first recording unit The encrypted read-out object address is decrypted and data recorded in an area specified by the read-out object address obtained by the decryption among the areas of the first recording unit is transmitted to the reader/writer via the communication unit, and
the reader/writer includes:
a second communication unit for transmitting and receiving signals with the communication apparatus;
a second recording unit that records a read-out common key and a write-in common key that are keys used commonly by the communication apparatus; and
a second control unit configured to generate a second cryptographic key by a predetermined process, encrypt the generated second cryptographic key with the readout public key recorded in the second recording unit, transmit a cryptographic key update request signal containing the encrypted second cryptographic key to the communication apparatus via the second communication unit, encrypt a readout target address specifying an area of a data readout source in the first recording unit with the generated second cryptographic key, and transmit a readout request signal containing the encrypted readout target address to the communication apparatus via the second communication unit.
9. A communication system comprising a reader/writer and a communication device, wherein
The communication apparatus includes:
a communication unit for transmitting and receiving signals with the reader/writer;
a first recording unit that records data, and also records a read-out common key and a write-in common key that are keys used commonly by a reader/writer; and
a control unit that generates a cryptographic key by a predetermined process when receiving a cryptographic key generation request signal requesting generation of the cryptographic key from the reader/writer via the communication unit, encrypts the generated cryptographic key with the write public key recorded in the first recording unit, and transmits a cryptographic key generation response signal containing the encrypted cryptographic key to the reader/writer via the communication unit, and decrypts the encrypted write object data and the encrypted write object address with the previously generated cryptographic key and records the write object data obtained by decryption in an area of the first recording unit by the write object obtained by decryption among areas of the first recording unit when receiving a write request signal containing the write object data encrypted by the reader/writer and a write object address specifying an area of the write destination of the encrypted write object data in the first recording unit via the communication unit The address is in the designated area; and
the reader/writer includes:
a second communication unit for transmitting and receiving signals with the communication apparatus;
a second recording unit that records a read-out common key and a write-in common key that are keys used commonly by the communication apparatus; and
a second control unit that transmits a cipher key generation request signal requesting generation of a cipher key to the communication apparatus via the second communication unit, and when a cipher key generation response signal containing a cipher key encrypted by the communication apparatus with a same key as the write public key recorded in the second recording unit is received from the communication apparatus via the second communication unit, decrypts the encrypted cipher key contained in the cipher key generation response signal with the write public key recorded in the second recording unit, records the cipher key obtained by the decryption in the second recording unit, encrypts write-target data and a write-target address specifying an area of a write destination of the write-target data in the first recording unit with the cipher key recorded in the second recording unit, and transmits a write request signal containing the encrypted write target data and the encrypted write target address to the communication apparatus via the second communication unit.
10. A communication system comprising a reader/writer and a communication device, wherein
The communication apparatus includes:
a communication unit for transmitting and receiving signals with the reader/writer;
a first recording unit that records data and also records a read-out common key and a write-in common key that are keys used commonly by the reader/writer; and
a control unit operable, when receiving, from the reader/writer via the communication unit, a cipher key update request signal containing a first cipher key encrypted by the reader/writer with a key identical to the readout common key recorded in the first recording unit, to decrypt the encrypted first cipher key contained in the cipher key update request signal with the readout common key recorded in the first recording unit and record the first cipher key obtained by the decryption in the first recording unit, and when receiving, from the reader/writer via the communication unit, a readout request signal containing a readout object address of an area in the first recording unit of a specified data readout source encrypted by the reader/writer with a cipher key identical to the first cipher key, to pair the readout object address contained in the readout request signal with the first cipher key recorded in the first recording unit And transmits data recorded in the area specified by the read target address obtained by the decryption among the areas of the first recording unit to the reader/writer via the communication unit, generates a second cipher key by a predetermined process when receiving a cipher key generation request signal requesting generation of the second cipher key from the reader/writer via the communication unit, encrypts the generated second cipher key with the write common key recorded in the first recording unit, and transmits a cipher key generation response signal containing the encrypted second cipher key to the reader/writer via the communication unit, and when receiving write target data containing the second cipher key encrypted by the reader/writer using the control unit and specifying the encrypted write target data via the communication unit, at the first recording unit The encrypted write-target data and the encrypted write-target address are decrypted with the second encryption key in the encryption key generation response signal, and the write-target data obtained by the decryption is recorded in an area specified by the write-target address obtained by the decryption, among the areas of the first recording unit, upon a write request signal of the write-target address of the area in (1), and
the reader/writer includes:
a second communication unit for transmitting and receiving signals with the communication apparatus;
a second recording unit that records a read-out public key and a write-in public key that are keys used commonly by the communication apparatus; and
a second control unit configured to generate a first cryptographic key by a predetermined process when reading out data, encrypt the generated first cryptographic key with the readout public key recorded in the second recording unit, transmit a cryptographic key update request signal containing the encrypted first cryptographic key to the communication apparatus via the second communication unit, encrypt a readout target address specifying an area of a data readout source in the first recording unit with the generated first cryptographic key, and transmit a readout request signal containing the encrypted readout target address to the communication apparatus via the second communication unit, and when writing data, transmit a cryptographic key generation request signal requesting generation of a second cryptographic key to the communication apparatus via the second communication unit, and when receiving a request signal containing a data to be used by the communication apparatus and recorded in the communication apparatus via the second communication unit from the communication apparatus via the second communication unit In the case of a cipher key generation response signal of the second cipher key encrypted by a key identical to the write public key in the second recording unit, the encrypted second cipher key included in the cipher key generation response signal is decrypted with the write public key recorded in the second recording unit, the second cipher key obtained by the decryption is recorded in the second recording unit, write target data and a write target address specifying an area of a write destination of the write target data in the first recording unit are encrypted with the second cipher key recorded in the second recording unit, and a write request signal including the encrypted write target data and the encrypted write target address is transmitted to the communication apparatus via the second communication unit.
HK10103961.7A 2008-05-13 2010-04-22 Communication device, communication method, reader/writer, and communication system HK1140039B (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2008-126151 2008-05-13
JP2008126151A JP2009276916A (en) 2008-05-13 2008-05-13 Communication device, communication method, reader/writer, and communication system

Publications (2)

Publication Number Publication Date
HK1140039A1 HK1140039A1 (en) 2010-09-30
HK1140039B true HK1140039B (en) 2014-04-25

Family

ID=

Similar Documents

Publication Publication Date Title
CN101582125B (en) Communication device, communication method, reader/writer, and communication system
US7797537B2 (en) Mobile terminal, data communication method, and computer program
KR101325227B1 (en) System, device, and method for communication, apparatus and method for processing information
US20060050877A1 (en) Information processing apparatus and method, program, and recording medium
US7363448B2 (en) Data storage apparatus, data processing method, recording medium, and program
US10769284B2 (en) Information processing apparatus and method, recording medium, and program
CN101194274B (en) Method and device for increased rfid transmission security
US20100014673A1 (en) Radio frequency identification (rfid) authentication apparatus having authentication function and method thereof
JP2006108886A (en) Information processing apparatus and method, recording medium, and program
KR20080007984A (en) Data transmission method and device
JP5908869B2 (en) Communication device
HK1140039B (en) Communication device, communication method, reader/writer, and communication system
HK1086100B (en) Information processing apparatus and method
HK1139765A1 (en) Communication device, communication method, communication system and service issuing method
HK1139765B (en) Communication device, communication method, communication system and service issuing method