JP2002281028A - Authentication system and method, recording medium, and program - Google Patents

Abstract

(57) [Summary] [Problem] While preventing unauthorized use of services,
Make it possible to identify users. A password 12A and a token ID 12B stored in a storage circuit 12 of the authentication token 1 are transmitted only when the result of the personal verification of the authentication token 1 by the personal verification device 11 indicates that the verification is successful. The providing device 2 collates the password 12A from the authentication token 1 using the password 22A registered in the database 22 corresponding to the token ID 12B, and provides a service based on the collation result 23A.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an authentication system and method, a recording medium, and a program, and more particularly, to a recognition system and method, a recording medium, and a program for authenticating the identity of a user using human biometric information with an authentication token. It is about.

[0002]

2. Description of the Related Art In a highly information-oriented society, there is a high demand for strictly authenticating a user himself with an affinity for information processing. In particular, such demands are extremely high in an entry management system that allows only a user who has been approved in advance to enter a room, an information management system that handles important information such as personal information, or a payment system that performs electronic payment. In response to such demands, research on an authentication system using an authentication token that authenticates a user himself based on electronically detected unique biometric information based on semiconductor device manufacturing technology and information processing technology has been actively conducted. ing.

As such an authentication system, for example, a configuration as shown in FIG. 6 is conceivable. In this authentication system, an authentication token 8 that authenticates a user using biometric information such as a user's fingerprint, and a service providing device 9 that provides a service to the user based on a result of identity verification from the authentication token 8 are used. It is configured. In this system, the identity verification device 81 in the authentication token 8 performs identity verification based on the biometric information, and the identity verification result 81
A is transmitted to the service providing apparatus 9 via the communication circuit 82. The service providing device 9 receives the identity verification result via the communication circuit 91, and when the identity verification result 91A indicates a successful verification, performs processing by the processing device 92 to provide a service to the user. I have.

[0004]

However, in such an authentication system, the service providing device 9 determines whether or not to provide a service based on the collation result transmitted from the authentication token 8. There has been a problem that the use of a forged authentication token that outputs the result of the successful verification makes it possible to use the service illegally. In addition, it is impossible to restrict the availability of a service to an arbitrary user, and it is also impossible to restrict a user to an arbitrary service.
The present invention is to solve such a problem,
It is an object of the present invention to provide an authentication system and method, a recording medium, and a program that can prevent unauthorized use of a service and specify a user to use.

[0005]

In order to achieve the above object, an authentication system according to the present invention performs a user authentication required when a user uses a service providing apparatus for providing a predetermined service. An authentication system that uses the biometric information of the user, and is usually carried by the user, and when the user uses the service providing device, is connected to the service providing device and performs user authentication based on the biometric information of the user. An authentication token for performing authentication, a personal verification device for verifying the identity of the user based on biometric information detected from the user, and a token identification for identifying the password of the authentication token and the authentication token. A storage circuit for storing information and
A first communication device for transmitting the password of the storage circuit and the token identification information as communication data to the service providing device when the result of the verification by the personal verification device indicates a successful verification; A communication device that receives the communication data of the authentication token, a first database that stores the token identification information of the authentication token and the password in advance, and a first database that uses the password and the token identification information included in the communication data as keys. A collation circuit for collating a password retrieved from a database and a processing device for providing a service to a user based on the collation result in the collation circuit are provided.

For registration of an authentication token to a service providing apparatus, a registration apparatus connected to the service providing apparatus via a communication network is provided, and the token identification information and the password are registered in a database in association with each other. Good. For the password managed by the authentication token, a password generating circuit is provided in the service providing device, a new password is generated and transmitted to the authentication token via the second communication device, and the password stored in the first database is stored. May be updated, and the first communication device of the authentication token may update the password stored in the storage circuit with the new password received from the service providing device.

[0007] In order to properly use the password of the authentication token for each service providing apparatus, the service providing apparatus includes:
A storage circuit for storing device identification information for identifying the service providing device is provided. The second communication device reads the device identification information from the storage circuit in accordance with the connection of the authentication token, transmits the device identification information to the authentication token, and performs authentication. The token is provided with a second database in which device identification information for identifying the service providing device and a password are stored in association with each other.
In the communication device, the password transmitted from the second database may be used as the password transmitted to the service providing device, using the device identification information received from the service providing device as a key.

The authentication token storage circuit stores the user's personal information, service information relating to the service provided by the service providing device, and registration information used for identity verification, and stores the personal information, service information and registration information. Each of them may be stored in a separate storage area.

When the encryption method is applied to the authentication performed between the authentication token and the service providing apparatus, the first communication apparatus includes:
An encryption circuit is provided for encrypting data generated from the dynamic information transmitted from the service providing device and the result of verification by the personal verification device with a key registered in advance, and the encryption circuit generated by the encryption circuit is provided. The encrypted data transmitted from the authentication token using a key paired with a key, a dynamic information generation circuit that generates dynamic information to be transmitted to the authentication token, And a matching result included in the data decoded by the decoding circuit indicates that the matching was successful, and the dynamic information included in the data was generated by the dynamic information generating circuit and transmitted to the authentication token. A result determination circuit that determines that the verification is OK only when the dynamic information matches is provided, and only when the verification is obtained by both the verification determination using the password and the verification determination using the result determination circuit, May output the verification result indicating if successful.

[0010] As another encryption method, when the result of verification by the personal verification device indicates successful authentication, the first communication device outputs the authentication data to the encryption circuit, and the result of verification indicates authentication failure. In this case, a first result determination circuit that outputs the result of the comparison to the first communication circuit, and dynamic information transmitted from the service providing apparatus are registered in advance in accordance with the result of the comparison from the first result determination circuit. And an encryption circuit for adding the obtained encrypted data to the verification result and outputting the encrypted data, and providing the verification result or the encrypted data to which the encrypted data from the encryption circuit is added. A dynamic information generating circuit for generating dynamic information to be transmitted to the authentication token, and a key for encrypting data transmitted from the authentication token. Key to pair with And a decryption circuit that decrypts the encrypted data added to the verification result only when the verification result from the authentication token received by the second communication circuit indicates successful verification. And a second result determination circuit that determines that the verification is OK only when the obtained dynamic information matches the dynamic information generated by the dynamic information generation circuit and transmitted to the authentication token, and performs verification using a password. The matching result indicating successful matching may be output only when the matching is obtained by both the judgment and the matching judgment by the result judgment circuit.

In addition, the first communication device encrypts the dynamic information transmitted from the service providing device using a key registered in advance, and uses the obtained encrypted data as data in the first communication circuit. If the verification result in the personal verification device indicates that the authentication is successful, the encryption circuit instructs the encryption circuit to generate encrypted data. A first result determination circuit that outputs data of the number of digits to the first communication circuit, and transmits data from the encryption circuit or data from the first result determination circuit to the service providing apparatus; A dynamic information generation circuit for generating dynamic information to be transmitted to the authentication token, a decryption circuit for decrypting the encrypted data transmitted from the authentication token using a key paired with a key, and a second communication Authentication received on the circuit Only when the number of digits of the data from the token indicates the number of digits at the time of successful authentication, the encrypted data added to the data is decrypted by the decryption circuit, and the obtained dynamic information is converted to the dynamic information generation circuit. And a second result determination circuit that determines that the verification is OK only when the dynamic information matches the dynamic information generated and transmitted to the authentication token. Only when this is done, a matching result indicating successful matching may be output.

For the keys used in these encryption systems, an ID storage circuit for storing identification information of the authentication token registered in advance is provided in the authentication token, and the ID communication circuit uses the ID communication circuit in the first communication circuit. The stored identification information may be transmitted to the service providing apparatus, and the decryption circuit may use the key corresponding to the identification information transmitted from the authentication token to decrypt the encrypted data from the authentication token. .

[0013] The authentication method according to the present invention includes a user authentication required when a user uses a service providing apparatus for providing a predetermined service, an authentication token for performing user authentication using biometric information of the user. An authentication method performed between a service providing device and an authentication token in which a password of the authentication token and token identification information for identifying the authentication token are stored in advance, and based on biometric information detected by a user. When the verification result indicates that the verification is successful, the password and the token identification information are transmitted to the service providing apparatus as communication data, and the service providing apparatus transmits the token identification information and the password of the authentication token to the service providing apparatus. Are stored in advance in the first database in association with each other, and are included in the communication data received from the authentication token. It collates the password retrieved from the first database password and token identification information as a key, is obtained so as to provide a service to the user based on the comparison result.

The registration of the authentication token with respect to the service providing apparatus is performed by associating the token identification information with the password in the first database from the registration apparatus connected to the service providing apparatus via the communication network. You may. Regarding the password managed by the authentication token, the service providing device generates a new password in the password generation circuit, transmits the new password to the authentication token via the second communication device, and transmits the password stored in the first database. The password stored in advance may be updated with the new password received from the service providing device using the authentication token.

In order to properly use the password of the authentication token for each service providing device, the service providing device
The device identification information for identifying the service providing device is stored in advance, and the device identification information is transmitted to the authentication token in accordance with the connection of the authentication token, and the authentication token includes the device identification information for identifying the service providing device. The password may be stored in advance in the second database in association with the password, and a password retrieved from the second database may be used as the password to be transmitted to the service providing device, using the device identification information received from the service providing device as a key. .

In addition, the authentication token stores in the storage circuit personal information of the user, service information relating to the service provided by the service providing device, and registration information used for identity verification, and stores these personal information, service information and registration information. The data may be stored in separate storage areas in the storage circuit.

When an encryption method is applied to the authentication performed between the authentication token and the service providing apparatus, data generated from the dynamic information transmitted from the service providing apparatus and the verification result of the principal user is registered in advance with the authentication token. The encrypted data generated by the encryption is transmitted to the service providing apparatus, the service providing apparatus generates dynamic information, transmits the generated dynamic information to the authentication token, and transmits the dynamic information to the authentication token. The encrypted data is decrypted using the key paired with the key, the verification result included in the data obtained by the decryption indicates successful verification, and the dynamic information included in the data is transmitted to the authentication token. It is determined that the collation is OK only when it matches the information, and the collation is successful only when the collation is obtained by both the password collation and the data collation. It may be output if the result.

As another encryption method, an authentication token is used.
If the verification result of the user indicates successful authentication, the dynamic information transmitted from the service providing device is encrypted using a previously registered key, and the obtained encrypted data is added to the verification result to provide the service. If the verification result of the user indicates authentication failure, the verification result is transmitted to the service providing device, and the service providing device generates dynamic information and transmits it to the authentication token. Only when the collation result indicates successful authentication, the encrypted data added to the collation result is decrypted using the key paired with the key, and the obtained dynamic information is transmitted to the authentication token. It is determined that the collation is OK only when the information matches the information, and the collation result indicating successful collation is output only when the collation is obtained by both the collation determination using the password and the collation determination using the encrypted data. It may be.

In addition, when the authentication token indicates that the user is successfully authenticated with the authentication token, the dynamic information transmitted from the service providing apparatus is encrypted using a key registered in advance, and the obtained encryption is obtained. The encrypted data is transmitted to the service providing apparatus as data, and if the result of the user's verification indicates authentication failure, data having a different number of digits from the encrypted data is transmitted to the service providing apparatus. Is generated and sent to the authentication token, and only when the number of digits of the data from the authentication token indicates the number of digits at the time of successful authentication, the data is regarded as encrypted data and decrypted using the key paired with the key Only when the obtained dynamic information matches the dynamic information transmitted to the authentication token, it is determined that the collation is OK, and the collation is obtained by both the collation determination by the password and the collation determination by the result determination circuit. Only when, it is also possible to output a verification result indicating the matching success.

For the keys used in these encryption methods, the identification information of the authentication token registered in advance is transmitted to the service providing device with the authentication token, and the identification information transmitted from the authentication token is transmitted to the service providing device. May be used to decrypt the encrypted data from the authentication token.

[0021] The recording medium according to the present invention includes a user authentication required when a user uses a service providing apparatus for providing a predetermined service, and an authentication token for performing user authentication using the biometric information of the user. A recording medium on which a program for causing a computer to execute an authentication procedure to be performed with a service providing device is recorded. The service providing device associates a token identification information of an authentication token with a password in a first database. After the step of storing in advance and the verification of the user himself / herself based on the biometric information detected from the user with the authentication token, if the verification result indicates a successful verification, the password of the authentication token transmitted from the authentication token and Step for receiving communication data including token identification information for identifying the authentication token. When the steps of collating the password retrieved from the first database password and token identification information included in the communication data as a key,
And a step of providing a service to a user based on a result of the comparison.

The registration of the authentication token to the service providing device is performed by associating the token identification information and the password with the first database from the registration device connected to the service providing device via the communication network. A program for causing a computer to execute the step of registering the information may be described in a recording medium. For the password managed by the authentication token, the service providing device generates a new password in the password generation circuit, and transmits the new password to the authentication token via the second communication device to store the password in advance in the authentication token. A program for causing a computer to execute the step of updating the password and the step of updating the password stored in the first database with the new password may be described on a recording medium.

In order to properly use the password of the authentication token for each service providing apparatus, the service providing apparatus
A step of storing device identification information for identifying the service providing device in advance, and transmitting the device identification information to the authentication token in accordance with the connection of the authentication token, whereby the device used for identifying the service providing device by the authentication token is used. The identification information and the password are associated with each other and stored in the second database of the authentication token, and as the password to be transmitted to the service providing apparatus, the password is searched from the second database using the apparatus identification information received from the service providing apparatus as a key. A program for causing a computer to execute the steps may be described in a recording medium.

[0024] The authentication token stores the user's personal information, service information relating to the service provided by the service providing device, and registration information used for identity verification in a storage circuit. And a step of storing information in separate storage areas in a storage circuit.

When the encryption method is applied to the authentication performed by the authentication token and the service providing apparatus, data generated from the dynamic information transmitted from the service providing apparatus and the result of the verification of the principal user is registered in advance with the authentication token. And encrypting the encrypted data generated by the encryption to the service providing apparatus, and the service providing apparatus generates dynamic information and transmits the dynamic information to the authentication token. And decrypting the encrypted data transmitted from the authentication token using the key paired with the key.The collation result included in the data obtained by the decryption indicates successful collation, and is included in the data. Determining that the verification is OK only when the dynamic information to be received matches the dynamic information transmitted to the authentication token, and verification determination using a password Only when the verification for both the match determination by the data obtained, a program for executing a step of outputting a verification result indicating verification success may also be included in a recording medium.

As another encryption method, an authentication token is used.
If the verification result of the user indicates successful authentication, the dynamic information transmitted from the service providing device is encrypted using a previously registered key, and the obtained encrypted data is added to the verification result to provide the service. Transmitting to the service providing apparatus, and transmitting the verification result to the service providing apparatus when the verification result of the user indicates authentication failure. And decrypting the encrypted data added to the verification result using the key paired with the key only when the verification result from the authentication token indicates successful authentication. A step of determining that the collation is OK only when the dynamic information matches the dynamic information transmitted to the authentication token, a collation determination using a password, and a collation determination using encrypted data Only if both the collation is obtained, a program for executing a step of outputting a verification result indicating verification success may also be included in a recording medium.

In addition, when the authentication token indicates that the user is successfully authenticated with the authentication token, the dynamic information transmitted from the service providing apparatus is encrypted using a key registered in advance, and the obtained encryption is obtained. Transmitting the encrypted data to the service providing apparatus as data, and transmitting the data having a different number of digits from the encrypted data to the service providing apparatus when the result of the user's verification indicates authentication failure. The providing device generates dynamic information and sends it to the authentication token. Only when the number of digits of data from the authentication token indicates the number of digits at the time of successful authentication, the data is regarded as encrypted data and the key is determined. Decrypting using the key paired with the above, and determining that the verification is OK only when the obtained dynamic information matches the dynamic information transmitted to the authentication token. Only when the verification for both the match determination by matching determination and result judgment circuit Password obtained, the program for executing the steps of outputting a verification result indicating verification success

For the keys used in these encryption methods, a step of transmitting the identification information of the authentication token registered in advance to the service providing apparatus with the authentication token is executed, and the service providing apparatus transmits the identification information from the authentication token. A program for executing the step of decrypting the encrypted data from the authentication token using the key corresponding to the identified identification information may be described on a recording medium.

Further, the program according to the present invention provides a user authentication required when a user uses a service providing apparatus for providing a predetermined service, an authentication token for performing user authentication using biometric information of the user and a service token. A program for causing a computer to execute an authentication procedure performed with a providing device, wherein the service providing device stores in advance a token identification information of an authentication token and a password in a first database in association with each other; In order to identify the password of the authentication token and the authentication token sent from the authentication token when the result of the verification of the user himself / herself based on the biometric information detected from the user with the token indicates that the verification is successful. Receiving communication data including the token identification information of the A step of collating the password searched password and token identification information from the first database as a key included in a program for executing the steps of providing a service to the user based on the comparison result.

[0030] Regarding registration of the authentication token with respect to the service providing device, the service providing device associates the token identification information and the password with the first database from the registration device connected to the service providing device via the communication network. The step of registering the password may be further executed by a program. For the password managed by the authentication token, a step of generating a new password by a password generating circuit in the service providing apparatus; Updating the password stored in advance with the authentication token by transmitting the password to the authentication token via the authentication token, and updating the password stored in the first database with the new password. even if Good.

In order to properly use the password of the authentication token for each service providing apparatus, the service providing apparatus
A step of storing device identification information for identifying the service providing device in advance, and transmitting the device identification information to the authentication token in accordance with the connection of the authentication token, whereby the device used for identifying the service providing device by the authentication token is used. The identification information and the password are associated with each other and stored in the second database of the authentication token, and as the password to be transmitted to the service providing apparatus, the password is searched from the second database using the apparatus identification information received from the service providing apparatus as a key. The steps may be further executed by a program.

In addition, a step of storing, in the storage circuit, the user's personal information, service information relating to the service provided by the service providing device, and registration information used for identity verification using an authentication token; And a step of storing the information in separate storage areas in the storage circuit.

When the encryption method is applied to the authentication performed between the authentication token and the service providing apparatus, data generated from the dynamic information transmitted from the service providing apparatus and the verification result of the principal user is registered in advance with the authentication token. And encrypting the encrypted data generated by the encryption to the service providing apparatus, and the service providing apparatus generates dynamic information and transmits the dynamic information to the authentication token. And decrypting the encrypted data transmitted from the authentication token using the key paired with the key.The collation result included in the data obtained by the decryption indicates successful collation, and is included in the data. Determining that the verification is OK only when the dynamic information to be received matches the dynamic information transmitted to the authentication token, and verification determination using a password Only when the verification for both the match determination by the data obtained, may be further and a step of outputting a verification result indicating verification success in the program.

As another encryption method, an authentication token is used.
If the verification result of the user indicates successful authentication, the dynamic information transmitted from the service providing device is encrypted using a previously registered key, and the obtained encrypted data is added to the verification result to provide the service. Transmitting to the service providing apparatus, and transmitting the verification result to the service providing apparatus when the verification result of the user indicates authentication failure. And decrypting the encrypted data added to the verification result using the key paired with the key only when the verification result from the authentication token indicates successful authentication. A step of determining that the collation is OK only when the dynamic information matches the dynamic information transmitted to the authentication token, a collation determination using a password, and a collation determination using encrypted data Only if both the collation is obtained, it may be further and a step of outputting a verification result indicating verification success in the program.

In addition, when the authentication token indicates that the user is successfully authenticated with the authentication token, the dynamic information transmitted from the service providing apparatus is encrypted using a key registered in advance, and the obtained encryption is obtained. Transmitting the encrypted data to the service providing apparatus as data, and transmitting the data having a different number of digits from the encrypted data to the service providing apparatus when the result of the user's verification indicates authentication failure. The providing device generates dynamic information and sends it to the authentication token. Only when the number of digits of data from the authentication token indicates the number of digits at the time of successful authentication, the data is regarded as encrypted data and the key is determined. Decrypting using the key paired with the above, and determining that the verification is OK only when the obtained dynamic information matches the dynamic information transmitted to the authentication token. Only when the verification for both the match determination by matching determination and result judgment circuit Password obtained, may be further and a step of outputting a verification result indicating verification success in the program.

For the keys used in these encryption methods, a step of transmitting the identification information of the authentication token registered in advance to the service providing apparatus using the authentication token is executed, and the service providing apparatus transmits the identification information from the authentication token. The step of decrypting the encrypted data from the authentication token using the key corresponding to the identified identification information may be further executed by a program.

[0037]

Next, embodiments of the present invention will be described with reference to the drawings. FIG. 1 is a block diagram of an authentication system according to an embodiment of the present invention. The authentication system includes a service providing device 2 that provides a service to a user, and an authentication token 1 that is owned by the user and connected to the service providing device 2 at the time of providing a service to authenticate the user. In the present invention, a token refers to a small and lightweight device that can be carried and carried by a user, and an authentication token refers to a token having a function of authenticating a user. In the following, a case where a fingerprint is used as the biometric information will be described as an example. It is possible.

The authentication token 1 includes information such as an identity verification device 11 for performing identity verification based on the biometric information of the user, a token ID (token identification information) 12B for identifying the authentication token 1, and the like. The storage circuit 12 for storing the password 12A, and the token ID 12B and the password 12A stored in the storage circuit 12 are transmitted as communication data 1A to the outside of the token only when the personal verification result 11A in the personal verification device 11 indicates successful verification. A communication device (first communication device) 13 is provided. The identity verification device 11 includes a sensor that acquires a fingerprint image, a storage unit that stores a user's fingerprint image or registration data indicating its characteristics in advance, and a fingerprint image from the sensor using the registration data in the storage unit. A collation unit that outputs a collation result is provided.

The service providing device 2 has an authentication token 1
A communication device (second communication device) 21 for receiving communication data 1A from the Internet; a database (first database) for searching for a password 22A registered in advance using the token ID 12B included in the received communication data 1A as a key; Password 1 included in received communication data 1A
A collating circuit 23 for collating 2A with the retrieved password 22A, and a processing device 24 for determining a service to be provided to the user based on the collation result 23A of the collating circuit 23 and performing processing for the service are provided.

Before a user receives a service, an authentication token is registered in the service providing apparatus 2. First, the authentication token 1 possessed by the user is connected to the service providing apparatus 2, and the personal verification apparatus 11 performs personal verification. In response to this, if the principal verification result 11A indicates that the verification is successful, the token ID1 stored in the storage circuit 12 is stored.
2B and the password 12A are transmitted from the communication device 13 to the service providing device 2 as communication data 1A. In the communication device 21 of the service providing device 2, the password 12A included in the received communication data 1A is replaced with the token ID1.
2B and registered in the database 22.

At this time, if the password 12A corresponding to the token ID 12B is not registered in the database 22, the service providing apparatus 2 may automatically register the password 12A. (Not shown) by a predetermined operation from the service providing apparatus 2
May be set to the registration acceptance state. Also, from the authentication token 1 side, the password 12A and the token ID 1
Information indicating a registration request may be transmitted together with 2B.

Next, when the user uses the service providing apparatus 2, first, the authentication token 1 possessed by the user is used.
Is connected to the service providing apparatus 2, and the personal verification apparatus 11 performs personal verification. In response, the identity verification result 11A
Indicates a successful verification, the token ID 12B and the password 12A stored in the storage circuit 12 are transmitted from the communication device 13 to the service providing device 2 as communication data 1A in the same manner as at the time of registration. Service providing device 2
Then, the password 22A registered as described above is searched from the database 22 using the token ID 12B included in the communication data 1A received via the communication device 21 as a key, and the password 22A is included in the communication data 1A. The password 12A is collated with the collation circuit 23. Then, only when the collation result 23A indicates the collation success, the processing device 2
In step 4, predetermined processing is performed, and a service is provided to the user.

As described above, in the present embodiment, instead of transmitting the identification result of the authentication token 1, the authentication token 1 is transmitted only when the identification result of the authentication token 1 indicates successful verification. The password and token ID stored in advance are transmitted, and the service providing device 2 checks the password from the authentication token using the password registered corresponding to the token ID, and provides the service based on the check result. Since it is performed, it becomes more difficult to forge the authentication token as compared with the conventional case where the service is provided based on the result of the successful verification from the authentication token, and the unauthorized use of the service can be prevented. In addition, it is possible to specify the user to be used by using the authentication token information, and it is possible to provide a service tailored to the user.

In the present embodiment, if the verification result in the personal verification device 11 indicates a verification failure, the communication device 1
In step 3, only the collation result or the collation result and the token identification information are transmitted to the service providing apparatus 2. If the collation circuit 23 of the service providing apparatus 2 indicates that the collation failed, the service is provided. It may not be performed, or a process may be performed for a verification failure. Also,
In the present embodiment, when the verification result in the personal verification device 11 indicates verification failure, the communication device 13 transmits only the verification result or the verification result and token identification information to the service providing device 2 to provide the service. The matching operation in the matching circuit 23 of the device 2 may be omitted, and the service may not be provided, or a process for matching failure may be performed.

Next, a second embodiment according to the present invention will be described with reference to FIG. FIG. 2 is a block diagram illustrating an authentication system according to the second embodiment. This embodiment is different from the first embodiment described above in that
The difference is that a registration device 3 for transmitting registration information 3A to the database 22 of the service providing device 2 via the communication network 4 is added. This registration device 3 includes:
A processing device 31 is provided, and a communication network 4 is connected to the database 22 of one or more service providing devices 2.
, The registration information 3A, that is, the set of the token ID and the password, can be transmitted, and the database 22 can be updated.

As described above, by providing the registration device 3, the registration processing of the authentication token, which has been performed for each service providing device 2 as in the first embodiment, can be performed by a plurality of service providing devices. This can be performed centrally for the device 2. For example, in an authentication system such as an entrance management system, a plurality of service providing devices 2 are arranged at a door of a building, a door of each room, or the like, and entry control is performed. Therefore, if this embodiment is applied, the authentication token of each user can be easily registered in the plurality of service providing devices 2 by the registration device 3, and the work load required for the authentication token registration process can be reduced. It can be significantly reduced.

Next, a third embodiment according to the present invention will be described with reference to FIG. FIG. 3 is a block diagram showing an authentication system according to the third embodiment. This embodiment is different from the first embodiment described above in that
The difference is that a password generation circuit 25 is added to the service providing apparatus 2 and the password of the authentication token 1 is updated by the new password 25A from the password generation circuit 25. In the present system, as in the first embodiment, the authentication token 1 is registered in the service providing device 2 before using the service, and when the service is used, the token ID 12B And the password 12A are transmitted as the communication data 1A to the service providing apparatus 2, and when the service providing apparatus 2 confirms that the password is appropriate, the service is provided from the service providing apparatus 2.

Then, the matching circuit 2 of the service providing device 2
If the password is verified in step 3 and the verification result indicates a successful verification, the password generation circuit 25 generates a new password 25A, transmits it from the communication device 21 to the authentication token 1, and stores it in the database 22. The updated password 22A is also updated at the same time. In the authentication token 1, the communication device 13 receives the new password 25A, and updates the password 12A in the storage circuit 12.

As described above, the password generating circuit 25 is provided in the service providing apparatus 2 so that the password of the authentication token 1 is updated with the new password after the password verification is successful. The password in the authentication token 1 is updated. As a result, even if the password is leaked to a third party, the password is updated for the next use, so that it is more difficult to forge the authentication token and a secure system can be realized.

Next, a fourth embodiment according to the present invention will be described with reference to FIG. FIG. 4 is a block diagram showing an authentication system according to the fourth embodiment. This embodiment is different from the first embodiment described above in that
A database (second communication device) 14 for storing a password is added to the authentication token 1 and the service providing device 2
The difference is that the password is managed in association with the device ID. In this system, as in the first embodiment, the authentication token 1 is registered in the service providing apparatus 2 before using the service. At the time of this registration, an arbitrary password, for example, is registered in the database 14 in advance. The initial password 14A is used. In the service providing apparatus 2, the token ID 12B and its password 1
4A is registered in the database 22 as a set,
The device ID 26A stored in the storage circuit 26 in advance is transmitted to the authentication token 1. In the authentication token 1, the device ID 26A from the service providing device 2 and the password 14A
Are registered in the database 14 as a set.

When using the service, the authentication token 1 is connected to the service providing device 2 and then the service providing device 2
Transmits the device ID 26A to the authentication token 1. With the authentication token 1, the user verification is performed by the personal verification device 11, and when the personal verification result 11A indicates that the verification is successful, the device I from the service providing device 2 received by the communication device 13
The password 14A is searched from the database 14 using D26A as a key. Then, the password 14A and the authentication token 12B are transmitted as communication data 1A to the service providing apparatus 2 and, as described above, when the service providing apparatus 2 confirms that the password is appropriate, the service providing apparatus 2 Will provide the service.

As described above, since the database 14 is provided in the authentication token 1 to manage the password for each device ID of the service providing device 2, the authentication token 1
Can be individually set for each service providing apparatus, and a plurality of passwords can be properly used in each service providing apparatus. As a result, even if one password is leaked, services other than the service using the password can be prevented from being used illegally. Forgery of the authentication token becomes more difficult, and a more secure system is established. realizable.

Next, a fifth embodiment according to the present invention will be described with reference to FIG. FIG. 5 is a block diagram showing an authentication system according to the fifth embodiment. This embodiment is obtained by applying the fourth embodiment to the above-described third embodiment. This embodiment is different from the first embodiment in that a service providing apparatus is provided. 2, a password generation circuit 25 is added, and the database 14 stores the password in the authentication token 1.
Is added. The processing order is the fourth
As described in the embodiment, first, the password 14A and the token ID 12B of the authentication token 1 are registered in the database 22 of the service providing device 2, and then the device ID 26A from the service providing device 2 and the password 14A are associated with each other. 14 is stored.

When using the service, the authentication token 1 connects to the service providing device 2 and then performs user verification by the identity verification device 11.
A password 14A is retrieved from the database 14 using the device ID 26A from the server 14 as a key, and the password 14A and the token ID 12B are transmitted to the service providing device 2 as communication data 1A. Then, in response to the successful verification in the verification circuit 23 of the service providing apparatus 2, the service is provided, and the new password 25A from the password generation circuit 25 is transmitted to the authentication token 1, and the new password 25A is Device ID 26A
Are stored in the database 14 in association with each other.

As described above, since the password is managed in association with the device ID of the service providing device 2 by the authentication token 1, a different password is set for each service providing device as in the fourth embodiment. It is possible to Further, since the password is updated every time the user receives the service, it is possible to always set a new password for each service as in the third embodiment. Can be prevented from being used illegally,
Forgery of the authentication token becomes more difficult, and a more secure system can be realized.

The service providing device 2 and the authentication token 1 in each of the embodiments described above may be configured using a computer. In this case, for each device and circuit unit of the service providing device 2 and the authentication tone 1, each hardware resource and a program (software resource) executed by a microprocessor that controls the hardware resource cooperate with each other. Each function is realized. This program may be recorded in a recording medium such as a ROM, a hard disk, or a CD-ROM in advance, and read and executed by a microprocessor as necessary.

Next, a sixth embodiment according to the present invention will be described with reference to FIG. FIG. 7 shows a sixth embodiment of the present invention.
1 is a block diagram illustrating a configuration of an authentication system according to an embodiment. In the above embodiments, communication data (token ID + password) from authentication token 1 is used
Although the case where the collation determination is performed by the service providing apparatus 2 has been described, in addition to this, the identity verification result using the authentication token, that is, the authentication result is encrypted and transmitted to the service providing apparatus 2, and the collating circuit 23 of the service providing apparatus 2 is used. Then, only when both the collation judgment using the communication data and the collation judgment using the encrypted authentication result indicate that the collation is successful, that is, the service can be provided, the collation result 23A that permits the service to be provided to the user is generated. You may make it output to the processing apparatus 24.

In the following, when transmitting the encrypted data obtained from the personal authentication result obtained by the authentication token 1 (hereinafter referred to as the authentication result) to the service providing apparatus 2, the encryption method applied to the authentication result Will be described. This encrypted data is added to the communication data 1A, transmitted from the authentication token 1, and transmitted to the communication device 2 of the service providing device 2.
1 and is passed to the matching circuit 23 together with the password 12A. The encrypted data may be transmitted separately before and after the communication data 1A. Also, if the authentication result is
Is transmitted, the communication data 1A (token ID + password) and the encrypted data are transmitted, and the authentication result is authentication N
When G is indicated, only the encrypted data or the token ID and the encrypted data may be transmitted.

This authentication system includes an authentication token 1001 serving as an authentication device for performing user authentication, and a service providing device 1002 for providing a service to the user after the user authentication.
Consists of The authentication token 1001 includes a biometric information recognition circuit 1011, an encryption circuit 1012, a communication circuit 101
And 3. Among them, the biometric information recognition circuit 1011 is equivalent to the above-mentioned identity verification device 11, and the encryption circuit 1
012 and the communication circuit 1013 are included in the communication device 13. Therefore, the authentication token 1001 is different from the authentication token of FIG.
012 can be regarded as being added.

The service providing apparatus 1002 includes a decoding circuit 1021, a random number generation circuit 1022, a result determination circuit 1
023, a detection circuit 1024, and a communication circuit 1025. These decoding circuit 1021 and random number generation circuit 10
22, result determination circuit 1023, and detection circuit 1024
Are included in the matching circuit 23. The communication circuit 10
Reference numeral 25 is equivalent to the communication device 21. Therefore, the service providing apparatus 1002 is the service providing apparatus 2 shown in FIG.
In contrast, it can be considered that a decoding circuit 1021, a random number generation circuit 1022, a result determination circuit 1023, and a detection circuit 1024 are added in the matching circuit 23.

The encryption circuit 1012 encrypts the authentication result (identification result) output from the biometric information recognition circuit 1011 and the random number transmitted from the service providing apparatus 1002 using a common key encryption algorithm and outputs the result. As a common encryption algorithm, for example, DES (Data Encryptio
n Standard). Since the encryption circuit 1012 encrypts the data obtained by adding the authentication result to the random number, the random number generation circuit 1022 generates an n-digit random number, and assumes that the authentication result is one-digit data indicating authentication OK or authentication NG. if,
At least n + 1 digit data will be encrypted.
The communication circuit 1013 is an interface unit that transmits and receives data to and from the service providing apparatus 1002 in a wired or wireless manner while synchronizing with the service providing apparatus 1002.

Detection circuit 1 in service providing apparatus 1002
024 detects a service provision request from the user to the own device. The random number generation circuit 1022 includes the detection circuit 10
When a service providing request from the user is detected by the H.24, a random number having a predetermined number of digits and having a different value each time it is generated is generated and output. The decryption circuit 1021 decrypts and outputs the encrypted data transmitted from the authentication token 1001.

The result judgment circuit 1023 is provided with the decoding circuit 10
If the authentication result transmitted from 21 is authentication NG, the service provision to the user is rejected. By comparing with a random number output from the generation circuit 1022, it is determined whether the numbers match or not.
The communication circuit 1025 is an interface unit that transmits and receives data to and from the authentication token 1001 in a wired or wireless manner while synchronizing with the authentication token 1001.

FIG. 8 shows the configuration of the encryption circuit 1012.
The encryption circuit 1012 includes a temporary storage circuit 1050, a storage circuit 1051, and a processing circuit 1052.
Temporary storage circuit 1050 temporarily stores the random number transmitted from service providing apparatus 1002. Storage circuit 105
Reference numeral 1 stores a pre-registered common key, and outputs setting data necessary for an encryption operation using the common key and the common key.

The processing circuit 1052 includes a temporary storage circuit 105
The data obtained by adding the authentication result output from the biometric information recognition circuit 1011 to the random number output from 0 is stored in the storage circuit 105.
The encryption is performed using the common key and the setting data output from 1. Note that the decryption circuit 1021 can also be implemented with the same configuration as the encryption circuit 1012.

The operation of managing access to the service providing apparatus 1002 by the user authentication system according to the present embodiment will be described below with reference to FIGS.
FIG. 9 is a flowchart illustrating the operation of the service providing apparatus 1002, and FIG. 10 is a flowchart illustrating the operation of the authentication token 1001.

The feature of this embodiment is that the authentication token 1001 encrypts the authentication result and
002, and the service providing apparatus 1002 generates a random number, transmits the generated random number to the authentication token 1001, decrypts the encrypted data transmitted from the authentication token 1001, and then determines the result. In the present embodiment, a description will be given assuming that a fingerprint is used as biometric information of a user.

First, a specific user who intends to use the service providing apparatus 1002
Request service provision for. Service providing device 1
The detection circuit 1024 in 002 detects a service provision request from the user (Step 1101 in FIG. 9). When the detection circuit 1024 detects a service provision request from the user, the random number generation circuit 1022 generates a random number R having a predetermined number of digits and a different value each time it is generated (step 1102). Is transmitted to the authentication token 1001 via the communication circuit 1025 to request user authentication (step 1103).

The encryption circuit 10 in the authentication token 1001
12 (temporary storage circuit 1050)
Upon receiving the random number R transmitted from 002 via the communication circuit 1013 (Step 1104 in FIG. 10: YES),
This random number R is stored (step 1105). When receiving the random number R, the biometric information recognition circuit 1011 determines that there has been a user authentication request from the service providing apparatus 1002, executes user authentication, and outputs an authentication result M indicating authentication OK or authentication NG to the encryption circuit 1012. (Step 1106).

That is, the biological information recognition circuit 1011
The authentication circuit compares the fingerprint image of the specific user collected by the fingerprint sensor unit with the fingerprint image of the regular user registered in advance in the internal storage circuit, and if the fingerprint image of the specific user matches the fingerprint image of the regular user, authentication is OK. The authentication result M indicating the authentication NG is output. Fingerprint matching methods include extracting feature points of a specific user's fingerprint image and comparing them with those of a regular user's fingerprint image, and directly matching a specific user's fingerprint image with a regular user's fingerprint image. There is.

Next, the processing circuit 1 in the encryption circuit 1012
052 is the random number R output from the temporary storage circuit 1050.
Authentication result M output from the biological information recognition circuit 1011
(Step 1107), and encrypts data M + R obtained by adding the authentication result M to the random number R using the common key and the setting data output from the storage circuit 1051 to generate encrypted data C (Step 1108). . Then, the processing circuit 1052 transmits the encrypted data C to the communication circuit 1013.
Is transmitted to the service providing apparatus 1002 via the server (step 1109).

Upon receiving the encrypted data C transmitted from the authentication token 1001 via the communication circuit 1025 (step 1110 in FIG. 9: YES), the decryption circuit 1021 in the service providing apparatus 1002
Is decrypted using a common key stored in an internal storage circuit in advance (step 1111). This common key is the same as that stored in the storage circuit 1051 in the encryption circuit 1012.

The result judgment circuit 1023 is provided for the decoding circuit 10
21 from the data M + R ′ decrypted by
(Step 1112), and the authentication result M is
If G is indicated, it is determined that the specific user who has issued the service provision request is not an authorized user, and the service provision to this specific user is rejected (step 1113).

If the authentication result M included in the decrypted data M + R 'indicates that the authentication is OK, the result determination circuit 1023 obtains a numerical value R' obtained by removing the authentication result M from the data M + R '(step 1114). ), And compares this numerical value R ′ with the random number R generated by the random number generation circuit 1022 (step 1115). Then, the result determination circuit 1023
If the numerical value R 'matches the random number R, the specific user who has issued the service provision request is determined to be an authorized user, and the service provision to this specific user is permitted (step 1116). And the random number R do not match,
Denying the service provision to the specific user (step 11
17).

As described above, in this embodiment, a common encryption key (common key) is registered in advance in the authentication token 1001 and the service providing apparatus 1002, and when the user requests service provision, the service providing apparatus 1002 transmits a random number R to the authentication token 1001,
The service providing apparatus 1 encrypts data obtained by adding the authentication result M to the random number R received in step 001 using a common key.
002, the service providing apparatus 1002 decrypts the received encrypted data using the common key, the authentication result M included in the decrypted data indicates the authentication OK, and the numerical value R ′ included in the decrypted data. Is the service providing device 10
Only when it matches the random number R generated in 02, the service provision to the user is permitted. In this embodiment, since the service providing apparatus 1002 transmits a different random number every time,
The encrypted data transmitted by the authentication token 1001 also has a different value each time.

Therefore, a third party other than the authorized user
Even if the signal of the encrypted data can be stolen, the signal cannot be reused to impersonate an authorized user. Furthermore, even if a third party other than the authorized user can steal the random number output by the service providing apparatus 1002, the encryption key possessed only by the authorized user is confidential, and the forged encrypted data signal may not be obtained. Can not. For the above reasons, it is possible to prevent a third party other than the authorized user from impersonating the authorized user, and to prevent unauthorized use.

Next, a seventh embodiment according to the present invention will be described with reference to FIG. FIG. 11 is a block diagram illustrating a configuration of an authentication system according to a seventh embodiment of the present invention, and FIG. 12 is a block diagram illustrating a configuration of an encryption circuit in the biometric information recognition integrated circuit according to the present embodiment.
The difference from the sixth embodiment is that the authentication token 100
1 has a storage circuit 1014 and the encryption circuit 101
2 is provided with an arithmetic operation circuit 1053.

The storage circuit 1014 stores the authentication token 100
1 is stored. The storage circuit 1051 in the encryption circuit 1012 stores a secret key registered in advance. Arithmetic operation circuit 105
Numeral 3 performs an arithmetic operation such as division in order to perform an operation of the public key encryption. Note that the arithmetic operation circuit 1053 is the processing circuit 1
052. The configuration of the decryption circuit 1021 is similar to that of the encryption circuit 1012. Decoding circuit 102
1, the ID of the authentication token 1001 and a public key corresponding to the ID are registered in advance for each authentication token 1001. The public key encryption algorithm includes, for example, a discrete logarithmic method.

Hereinafter, an operation of managing access to the service providing apparatus 1002 by the user authentication system according to the present embodiment will be described with reference to FIGS. FIG. 13 is a flowchart showing the operation of the service providing apparatus 1002, and FIG. 14 is a flowchart showing the operation of the authentication token 1001. The difference from the sixth embodiment is that the authentication token 1001 is
02 and the service providing apparatus 1002
Authentication token 100 as an encryption key for decryption
1 in that the public key corresponding to ID 1 is stored in advance.

First, a specific user who intends to use the service providing apparatus 1002
Request service provision for. Service providing device 1
When the detection circuit 1024 in 002 detects a service provision request from the user (step 1201 in FIG. 13),
The user requests the authentication token 1001 for user authentication via the communication circuit 1025 (step 1202).

The biometric information recognition circuit 1011 in the authentication token 1001 receives a user authentication request from the service providing apparatus 1002 via the communication circuit 1013 (FIG. 1).
4 (step 1203: YES), execute user authentication, and output an authentication result M indicating authentication OK or authentication NG to the encryption circuit 1012 (step 1204). The method of user authentication at this time is the same as that of Step 1 of the sixth embodiment.
As described in 106.

Subsequently, the storage circuit 1014 in the authentication token 1001 outputs the ID stored in advance in response to the reception of the user authentication request, and transmits the ID to the service providing apparatus 1002 via the communication circuit 1013 (step). 120
5). Decoding circuit 102 in service providing apparatus 1002
1 receives the ID transmitted from the authentication token 1001 via the communication circuit 1025 (step 1 in FIG. 13).
206: YES), the internal storage circuit is searched based on the received ID, and a public key corresponding to the ID is obtained from the storage circuit (step 1207).

After obtaining the public key, the random number generation circuit 1022
Generates a random number R having a predetermined number of digits and a different value each time it is generated (step 1208), and transmits this random number R to the authentication token 1001 via the communication circuit 1025 (step 1209). The encryption circuit 1012 (temporary storage circuit 1050) in the authentication token 1001 transmits the random number R transmitted from the service providing apparatus 1002 to the communication circuit 1012.
13 (step 1210 in FIG. 14: Y
ES), this random number R is stored (step 1211).

Subsequently, the processing circuit 1052 in the encryption circuit 1012 adds the authentication result M output from the biological information recognition circuit 1011 to the random number R output from the temporary storage circuit 1050 (step 1212). The data M + R obtained by adding the authentication result M to R is encrypted using a secret key stored in the storage circuit 1051 in advance to generate encrypted data C (step 1213), and the encrypted data C is transmitted via the communication circuit 1013. To the service providing apparatus 1002 (step 1214).

When the decryption circuit 1021 in the service providing apparatus 1002 receives the encrypted data C transmitted from the authentication token 1001 via the communication circuit 1025 (Step 1215 in FIG. 13: YES), the decryption data C
Is decrypted using the public key obtained in step 1207 (step 1216). The result determination circuit 1023 extracts the authentication result M from the data M + R ′ decrypted by the decryption circuit 1021 (step 1217). The service provision is rejected (step 1218).

If the authentication result M included in the decrypted data M + R ′ indicates that the authentication is OK, the result determination circuit 1023 obtains a numerical value R ′ obtained by removing the authentication result M from the data M + R ′ (step 1219). ), And compares the numerical value R ′ with the random number R generated by the random number generation circuit 1022 (step 1220). Then, the result determination circuit 1023
Allows the service provision to the specific user who has issued the service provision request when the numerical value R 'matches the random number R (step 1221), and when the numerical value R' does not match the random number R, The service provision is rejected (step 1222).

As described above, in the present embodiment, the private key is registered in the authentication token 1001 in advance, and the public key corresponding to the authentication token 1001 is made public.
, And encrypts the data obtained by adding the authentication result M to the random number R received from the server using the secret key, and transmits the encrypted data to the service providing apparatus 1002. Decryption using the public key, and the authentication result M included in the decrypted data
Indicates that the authentication is OK, and only when the numerical value R ′ included in the decrypted data matches the random number R generated by the service providing apparatus 1002, the service provision to the user is permitted. In the present embodiment, since the service providing apparatus 1002 transmits a different random number each time, the encrypted data transmitted by the authentication token 1001 also has a different value each time.

Therefore, a third party other than the authorized user
Even if the signal of the encrypted data can be stolen, the signal cannot be reused to impersonate an authorized user. Furthermore, even if a third party other than the authorized user can steal the random number output by the service providing apparatus 1002, the encryption key possessed only by the authorized user is confidential, and the forged encrypted data signal may not be obtained. Can not. For the above reasons, it is possible to prevent a third party other than the authorized user from impersonating the authorized user, and to prevent unauthorized use.

In the present embodiment, the authentication token 1
Since only one secret key needs to be registered in 001, the capacity of the storage circuit 1051 can be reduced, and it is possible to easily cope with a plurality of unspecified service providing apparatuses 1002. That is, in the sixth embodiment, since the authentication token 1001 and the service providing apparatus 1002 use the same common key, when the authentication token 1001 performs user authentication for a plurality of service providing apparatuses 1002, the common token is used. The key is assigned to the authentication token 10 for each service providing apparatus.
01 must be registered. On the other hand, the authentication token 1001 according to the present embodiment allows the service providing apparatus 1002 to use the public key corresponding to the own device by publishing the ID and the public key of the own device. Only one secret key needs to be stored.

Next, an eighth embodiment according to the present invention will be described with reference to FIG. FIG. 15 is a block diagram showing the configuration of the authentication system according to the eighth embodiment of the present invention. The difference from the sixth embodiment is that the authentication token 1001 includes a result determination circuit 1015. If the authentication result is OK, the result determination circuit 1015 outputs the authentication result to the encryption circuit 1012 to prompt the start of encryption. Further, when the authentication result is NG, the authentication result is directly output to the communication circuit 1013. Also in the present embodiment, since the configuration of the encryption circuit 1012 is the same as that of the encryption circuit 1012 of the sixth embodiment, the description will be given using the reference numerals in FIG.

Hereinafter, an operation of managing access to the service providing apparatus 1002 by the user authentication system according to the present embodiment will be described with reference to FIGS.
FIG. 16 is a flowchart illustrating the operation of the service providing apparatus 1002, and FIG. 17 is a flowchart illustrating the operation of the authentication token 1001. The difference from the sixth embodiment is that when the authentication result is NG, the authentication token 1001 does not perform data encryption, and the service providing apparatus 1002 also
If the authentication result is NG, decryption is not performed.

First, a specific user who intends to use the service providing apparatus 1002
Request service provision for. Service providing device 1
The detection circuit 1024 in 002 detects a service provision request from the user (step 1301 in FIG. 16). When the detection circuit 1024 detects a service provision request from the user, the random number generation circuit 1022 generates a random number R having a predetermined number of digits and a different value each time it is generated (step 1302). To the communication circuit 1025
Is transmitted to the authentication token 1001 via the server to request user authentication (step 1303).

The encryption circuit 10 in the authentication token 1001
Receiving the random number R transmitted from the service providing apparatus 1002 via the communication circuit 1013 (Step 1304 in FIG. 17: YES), the 12 stores the random number R (Step 1305). The biometric information recognition circuit 1011 executes user authentication in response to the reception of the random number R, and outputs an authentication result M indicating authentication OK or authentication NG to the result determination circuit 1015 (step 1306). The method of user authentication at this time is as described in step 1106 of the sixth embodiment.

The result determination circuit 1015 determines whether the authentication result M is authentication OK or NG (step 1307).
G, the authentication result M is transmitted to the communication circuit 101.
3 to the service providing apparatus 1002 (step 1308). If the authentication result M indicates that the authentication is OK, the result determination circuit 1015 outputs a signal instructing encryption of the random number R to the encryption circuit 1012,
The authentication result M is output to the encryption circuit 1012.

In response to the instruction from the result determination circuit 1015, the encryption circuit 1012 encrypts the random number R stored in step 1305 by using the common key and setting data stored in the internal storage circuit in advance. Data C is generated (step 1309). Then, the processing circuit 1052
Is the data M + obtained by adding the authentication result M to the encrypted data C.
C is generated (step 1310), and the data M + C
Via the communication circuit 1013 to the service providing apparatus 1002
(Step 1311).

The result determination circuit 1023 in the service providing apparatus 1002 receives the authentication result M (step 1312 in FIG. 16: YES) or receives data M + C in which the authentication result M is added to the encrypted data C ( Step 1313: YES), the received authentication result M is
(Step 1314), and if the authentication result M indicates authentication NG, the service provision to the specific user who issued the service provision request is rejected (step 1314).
15).

If the received authentication result M indicates that the authentication is OK, the result determination circuit 1023 obtains the encrypted data C by removing the authentication result M from the received data M + C (step 1316). Decoding circuit 1021
Pass to. The decoding circuit 1021 includes a result determination circuit 1023
Is decrypted using the common key stored in the internal storage circuit in advance (step 131).
7).

The result judgment circuit 1023 is provided with the decoding circuit 10
The random number generation circuit 102 converts the value R ′ decoded by the
2 is compared with the random number R generated in step 2 (step 131).
8). If the numerical value R ′ matches the random number R, the result determination circuit 1023 permits the service to be provided to the specific user who has issued the service provision request (step 131).
9) If the numerical value R 'does not match the random number R, the service provision to the specific user is rejected (step 1320).

In the present embodiment, the authentication token 1001
If the result of the user authentication is NG, the encryption processing in the authentication token 1001 and the service providing apparatus 100
2, the communication processing between the authentication token 1001 and the service providing apparatus 1002 can be speeded up. Note that the configuration of this embodiment may be applied to the public key cryptosystem described in the seventh embodiment.

Next, a ninth embodiment according to the present invention will be described. In the eighth embodiment, when the result of the user authentication is NG, the authentication result M is transmitted from the authentication token 1001 to the service providing apparatus 1002, and when the result of the user authentication is OK, the authentication is performed on the encrypted data C. The data M + C to which the result M is added is provided to the service providing apparatus 1002.
And the service providing apparatus 1002 determines the authentication result M. However, the authentication token 1001 does not have to transmit the authentication result M, and the service providing apparatus 1002 transmits the digit of the sentence transmitted from the authentication token 1001. The determination may be made by a number.

That is, if the authentication result M indicates that the authentication is OK in step 1307 in FIG. 17, the result determination circuit 1015 in the authentication token 1001 instructs the encryption circuit 1012 to encrypt the random number R, and Circuit 101
When the result determination circuit 1015 instructs the random number R to be encrypted, the second transmits only the encrypted data C obtained by encrypting the random number R to the service providing apparatus 1002 (step 130).
9, 1311). When the authentication result M indicates authentication NG in step 1307, the result determination circuit 1015 transmits data having a different number of digits from the encrypted data C to the service providing apparatus 1002 (step 1308).

The result determination circuit 1023 in the service providing apparatus 1002 determines whether the authentication result M is authentication OK or NG in step 1314 in FIG. NG
Is determined. Other operations are the same as those of the eighth embodiment. As described above, in the present embodiment, by setting the number of digits of the data indicating the authentication NG to be different from that of the encrypted data C, in the case of the authentication OK, only the encrypted data C is transmitted. Therefore, the amount of data to be transmitted can be reduced. Note that the configuration of this embodiment may be applied to the public key cryptosystem described in the seventh embodiment.

As an example of the service providing apparatus 1002 described in the sixth to ninth embodiments, there is a computer, for example. The authentication token 1001 serving as an authentication device may be integrated with the service providing device 1002, or may be separate (for example, a terminal device possessed by a user). Data may be transmitted and received between the authentication token 1001 and the service providing apparatus 1002 by wire or wirelessly.

In the sixth to ninth embodiments, the case where a fingerprint is used as biometric information has been described as an example. However, other biometric information includes, for example, a user's voiceprint, iris, handwriting,
There are bills, finger lengths, human faces, etc. When using the length of a user's bill or finger as biometric information, the authentication token 10
In step 01, an image of the palm or finger of the user is captured, and the captured image is collated with a previously registered image of the palm or finger of the authorized user to perform user authentication.

When the user's voiceprint, that is, a sound spectrogram, is used as the biometric information, the authentication token 1001 collects the user's voice to extract the voiceprint, and stores the extracted voiceprint data of the registered normal user. User authentication is performed by collating with voiceprint data. When the user's handwriting is used as the biometric information, the authentication token 1001
Performs user authentication by capturing a user's pen track with a digitizer or the like, or capturing and capturing a signature written on paper, and comparing the captured handwriting image data with handwritten data of a registered regular user. .

When the iris of the user is used as the biometric information, the authentication token 1001 captures the iris of the user, compares the image data of the captured iris with the image data of the iris of a regular user registered in advance, and checks the user's iris. Perform authentication.
When the user's human phase is used as the biometric information, the authentication token 1001 captures the user's face, extracts facial features, and compares the extracted feature data with that of a registered regular user to perform user authentication. I do.

In the sixth and seventh embodiments, data obtained by adding the authentication result M to the random number R is encrypted.
This data may be generated from the exclusive OR of the random number R and the authentication result M. That is, the encryption circuit 1012 calculates the exclusive OR of the random number R and the authentication result M, ie, the data M∀R
(∀ is an exclusive OR operator) to generate encrypted data C (steps 1107 and 110 in FIG. 10)
8). Similarly, the encryption circuit 1012 encrypts data M∀R obtained by taking the exclusive OR of the random number R and the authentication result M to generate encrypted data C (step 121 in FIG. 14).
2, 1213).

The exclusive OR has the property of A∀B∀A = B. Decrypt the encrypted data C using this property,
Extract random numbers. To this end, the result determination circuit 1023
Calculates the exclusive OR R2 = M∀R′∀M ′ of the data M∀R ′ decrypted by the decryption circuit 1021 in step 1111 of FIG. 9 and the authentication result M ′ indicating authentication OK in step 1115. . When M = M ′, R2 = R ′. Furthermore, if the encryption circuit 1012 has correctly encrypted the random number R, then R2 = R.

Therefore, if the numerical value R2 obtained in step 1115 matches the random number R generated by the random number generation circuit 1022, the result determination circuit 1023 of the sixth embodiment determines that the specific user who issued the service provision request Is determined to be an authorized user, the service provision to this specific user is permitted (step 1116). If the numerical value R2 and the random number R do not match, the service provision to the specific user is rejected (step 1117).

By performing the above-described determination processing,
The authentication result M included in the decrypted data M デ ー タ R ′ indicates that the user is an authorized user, and the decrypted data M∀
It can be confirmed at a time that the random number R 'included in R' matches the random number R generated by the random number generation circuit 1022. When exclusive OR is used to generate data in step 1107, the processing in steps 1112 to 1114 is not performed.

Similarly, the result determination circuit 1023 of the seventh embodiment determines whether the decoding circuit 1
021, and an exclusive OR R2 = M {R ′} of the data M @ R 'decrypted by O.21 and the authentication result M' indicating the authentication OK.
M ′ is obtained in step 1220. Then, the result determination circuit 1023 calculates the calculated value R2 and the random number generation circuit 1022.
If the random number R generated in the step (c) matches, the service provision to the specific user is permitted (step 1221), and the value R2
If the number does not match the random number R, the service provision to the specific user is rejected (step 1222). Note that when exclusive OR is used to generate data in step 1212 in FIG. 14, the processing in steps 1217 to 1219 is not performed.

In the sixth to ninth embodiments,
The case where encryption is performed using random numbers has been described as an example, but the present invention is not limited to random numbers. For example, the random number generation circuit 1022 is one of dynamic information generation circuits that generate dynamic information.
It can be regarded as one. The dynamic information referred to here refers to information in which the content of the information changes every time the information generating process is performed, and specific examples include random numbers, date and time information, and counters.

Next, with reference to FIG.
1 will be described. FIG. 18 shows the personal identification device 1
1 is a block diagram. The identity verification device 11 includes a sensor 111 that reads a fingerprint (biological information) and outputs it as sensing data 112, and a memory 1 that stores registered fingerprint data 114 generated in advance from the fingerprint data of the user.
13 and sensing data 11 from the sensor 111
2 and the registered fingerprint data 11 stored in the memory 113
4 and the personal verification result 11 indicating success / failure of authentication of the user himself / herself according to the degree of matching / mismatching.
A matching circuit 115 for outputting A is provided.

The sensor 1 constituting the identity verification device 11
11, the memory 113 and the matching circuit 115
They are formed integrally on the same semiconductor substrate. By using a technology for forming each of these circuits as a one-chip LSI semiconductor device (for example, see Japanese Patent Application Laid-Open No. 2000-242771), a very small personal identification device 11
Can also be realized. Note that the identity verification device 11
It is assumed that the collation data used for the authentication in is generated from the fingerprint data of the user in advance by a predetermined registration operation and registered in the memory 113.

Next, referring to FIG. 19, personal identification device 1
A specific configuration example of the sensor 111 that configures the sensor 1 will be described. FIG. 19 shows a sensor 11 constituting the personal identification device 11.
1 is a diagram showing a schematic cross section of FIG. The sensor 111 includes, for example, a plurality of 80 μm square sensor electrodes 315 and a grid-like ground electrode 316 on an interlayer insulating film 314 formed on a lower insulating film 312 on a semiconductor substrate 311 made of silicon, for example. The plurality of sensor electrodes 315 and the ground electrode 316 are arranged on the same plane defined by the surface of the interlayer insulating film 314.

The sensor electrode 315 is covered with a passivation film 317 formed on the interlayer insulating film 314 and has a thickness of 150 μm.
A plurality of them are provided at m intervals, are made of Au, and have a thickness of about 1 μm. Since the thickness of the passivation film 317 was about 3 μm,
On top of the passivation film 317, about 2 (= 3-
1) It exists in μm. This passivation film 317
Is made of an insulator such as polyimide having a relative dielectric constant of about 4.0.

A wiring 313 connected to the sensor electrode 315 via a through hole is formed on the lower insulating film 312, while a sensor electrode 3 is formed on the semiconductor substrate 311.
A capacitance detection circuit 318 for detecting the capacitance formed in the reference numeral 15 is formed. This capacitance detection circuit 318 is connected to the sensor electrode 315 by the wiring 313 described above.
The capacitance detection circuit 318 is provided for each sensor electrode 315, and detects a capacitance formed between the sensor electrode 315 and a part of a recognition target (finger).

The output side of each capacitance detection circuit 318 is connected to the matching circuit 115, and the fingerprint data obtained by converting the capacitance formed on each sensor electrode 315 into light and shade is output to the matching circuit 115. Each capacitance detection circuit 318, matching circuit 115, and memory 113 are formed on the semiconductor substrate 311 below the sensor electrode 315, for example. Thereby, the identity verification device 1
1 can be made into one chip. In addition, as another example of such a single chip, for example, Japanese Patent Application Laid-Open No. 2000-2427
There is one disclosed in Japanese Patent Publication No. 71-71.

FIG. 20 shows the capacitance detection circuit 3 shown in FIG.
18 is a circuit diagram showing a specific configuration of No. 18. Cf is FIG.
Are formed between the sensor electrode 315 and the finger skin 331 shown in FIG. The sensor electrode 315 forming the capacitance Cf is connected to the drain terminal of the NchMOS transistor Q3a, and the source terminal of the transistor Q3a is connected to the input side of the current source 332A for the current I. The source terminal of an NchMOS transistor (first element) Q2a is connected to a node N1a between the sensor electrode 315 and the transistor Q3a. At a node N2a between the drain terminal of the transistor Q2a and the drain terminal of the PchMOS transistor (first switch means) Q1a, a power supply voltage VDD is applied to the drain terminal and the source terminal is connected to the ground via the resistor Ra.
The gate terminal of the S transistor Q4a is connected.
The inverter gate 333A is connected to the source terminal of the transistor Q4a.

Signals PRE (bar) and RE are applied to the gate terminals of the transistors Q1a and Q3a, respectively. A bias voltage VG is applied to the gate terminal of the transistor Q2a from a constant voltage source. Here, assuming that the threshold voltage between the gate and the source at which the transistor Q2a is turned off is Vth, the voltages VDD and VG are set so that VDD> VG-Vth. Also, the nodes N1a,
N2a has parasitic capacitances Cp1a and Cp2a, respectively. A signal generating circuit 332 is constituted by the current source 332A and the transistor Q3a, and the output circuit 3 is constituted by the transistor Q4a, the resistor Ra, and the inverter gate 333A.
33 are configured.

FIGS. 21A and 21B are timing charts for explaining the operation of the capacitance detection circuit 318. FIG. 21A shows a potential change of the signal PRE (bar) for controlling the transistor Q1a, and FIG. A potential change of the control signal RE is shown, and (c) shows a potential change of each of the nodes N1a and N2a. First, transistor Q
A gate terminal 1a has a high-level (VDD) signal P
RE (bar) is applied, and a low-level (GND) signal RE is applied to the gate terminal of the transistor Q3a. Therefore, at this time, the transistors Q1a, Q1
3a are not conducting.

In this state, the signal PRE (bar) becomes High.
When the level changes from the low level to the low level, the transistor Q
1a becomes conductive. At this time, the transistor Q3a remains non-conductive and the signal generation circuit 332 is in the stopped state, so that the potential of the node N2a is precharged to VDD. The node N1a is charged until the gate-source voltage of the transistor Q2a reaches the threshold voltage Vth and the transistor Q2a is turned off. As a result, the potential of the node N1a is precharged to VG-Vth.

After the precharge is completed, the signal PRE
When (bar) changes to the high level, the transistor Q1a is turned off. At the same time, the signal RE goes high.
When the signal changes to the high level, the transistor Q3a is turned on, and the signal generation circuit 332 changes to the operating state. Then, the electric charge charged at the node N1a by the current source 332A is extracted, and when the potential at the node N1a slightly decreases, the gate-source voltage of the transistor Q2a becomes larger than the threshold voltage Vth, and the transistor Q2
a changes to a conductive state. Thereby, the electric charge of the node N2a is also extracted, and the potential of the node N2a starts to decrease.

The period during which the signal RE is kept at High level is Δ
t, the potential decrease amount ΔV of the node N1a after the lapse of Δt
Is VDD− (VG−Vth) + IΔt / (Cf + Cp1a)
become. Here, the parasitic capacitance Cp2a is equal to the parasitic capacitance Cp1a.
And small enough.

Since the current I of the current source 332A, the period Δt, and the parasitic capacitances Cp1a and Cp2a are each constant, the amount of potential decrease ΔV occurs between the sensor electrode 315 and the surface 331 of the finger to be recognized. It is determined by the capacitance value Cf. Since the capacitance value Cf is determined by the distance between the sensor electrode 315 and the surface 331 of the finger, the capacitance value Cf differs depending on the unevenness of the fingerprint. From this, the magnitude of the potential decrease amount ΔV changes reflecting the unevenness of the fingerprint. This potential decrease amount Δ
Since V is supplied to the output circuit 333 as an input signal, ΔV is input to the output circuit 333, and a signal reflecting the unevenness of the fingerprint is output.

The output signal of each of the capacitance detecting circuits 318 is output to the matching circuit 115 as the fingerprint image data. Then, the matching circuit 115 authenticates the user by comparing and matching the fingerprint image data with registered fingerprint image data stored in the memory 113 in advance.

FIG. 18 illustrates an example in which the sensor 111, the matching circuit 115, and the memory 113 in the personal identification device 11 are configured as one chip. A matching circuit 115 is connected via a bus,
May be connected to the memory 113 via a bus. Alternatively, the sensor 111 and the matching circuit 115 may be integrated into one chip, and the memory 113 may be connected to the integrated one via a bus.

Next, referring to FIG. 22, authentication token 1
Will be described. FIG. 22 is an explanatory diagram showing the configuration inside the storage circuit 12. In each of the embodiments described above, as shown in FIG. 22, three different storage areas 12X, 12Y, and 12Z may be provided in the storage circuit 12 to store various types of information. Hereinafter, the storage circuit 12 will be described as an example, but the following contents may be applied to the storage circuit provided in the personal authentication device 11.

In this example, the storage area 12X stores registered fingerprint data 12A used for fingerprint authentication, and the storage area 12Y stores user (individual) information (for example, name, address, date of birth, credit, etc.) of the token holder. 12B is stored. Furthermore, the storage area 12Z
Then, the service information related to the service (for example, password, identification information of authentication token, date and time of use, coin locker door number, gate opening and closing, name of concert, ATM account number, e-commerce password, telephone directory, e-mail address, etc.) Remember.

In general, the authentication token 1 may have a configuration in which only the registered fingerprint data is stored in the token and only the result of the personal authentication is output outside the token. Applicable systems are limited. On the other hand, as shown in FIG.
The various types of information as described above are stored, and if necessary, these information, and the processing information obtained by processing these information,
Can exchange with the service providing device 2,
Various services can be provided using the authentication token.

[0131]

As described above, the present invention is normally carried by a user, and when a user uses a service providing apparatus, the user is connected to the service providing apparatus and receives the user's biological information based on the user's biological information. An authentication token for performing authentication is provided, the authentication token stores a password of the authentication token and token identification information for identifying the authentication token in advance, and is the user himself / herself based on biometric information detected from the user. And when the collation result indicates successful collation, the password and token identification information are transmitted to the service providing device as communication data, and the service providing device compares the token identification information and the password of the authentication token with the first database. The password included in the communication data stored in advance in association with the authentication token and received from the authentication token The token identification information as a key 1
Is compared with the password retrieved from the database of the above, and a service is provided to the user based on the result of the comparison.

Therefore, it becomes more difficult to forge an authentication token as compared with a conventional service providing service based on the result of successful verification from an authentication token.
It is possible to prevent unauthorized use of the service. In addition, it is possible to specify the user to be used by using the authentication token information, and it is possible to provide a service tailored to the user.

[Brief description of the drawings]

FIG. 1 is a block diagram showing an authentication system according to a first embodiment.

FIG. 2 is a block diagram illustrating an authentication system according to a second embodiment;

FIG. 3 is a block diagram illustrating an authentication system according to a third embodiment.

FIG. 4 is a block diagram showing an authentication system according to a fourth embodiment.

FIG. 5 is a block diagram showing an authentication system according to a fifth embodiment.

FIG. 6 is a block diagram illustrating an example of an authentication system.

FIG. 7 is a block diagram illustrating a configuration of an authentication system according to a sixth embodiment.

FIG. 8 is a block diagram illustrating a configuration of an encryption circuit in a biological information recognition integrated circuit according to a sixth embodiment.

FIG. 9 is a flowchart illustrating an operation of a service providing apparatus according to a sixth embodiment.

FIG. 10 is a flowchart illustrating an operation of the biological information recognition integrated circuit according to the sixth embodiment.

FIG. 11 is a block diagram illustrating a configuration of an authentication system according to a seventh embodiment.

FIG. 12 is a block diagram illustrating a configuration of an encryption circuit in a biometric information recognition integrated circuit according to a seventh embodiment.

FIG. 13 is a flowchart illustrating an operation of the service providing apparatus according to the seventh embodiment.

FIG. 14 is a flowchart illustrating an operation of the biological information recognition integrated circuit according to the seventh embodiment.

FIG. 15 is a block diagram illustrating a configuration of an authentication system according to an eighth embodiment.

FIG. 16 is a flowchart illustrating an operation of the service providing apparatus according to the eighth embodiment.

FIG. 17 is a flowchart illustrating an operation of the biological information recognition integrated circuit according to the eighth embodiment.

FIG. 18 is a block diagram illustrating a personal identification device.

FIG. 19 is a cross-sectional view illustrating a configuration example of a sensor.

FIG. 20 is a circuit diagram illustrating a configuration example of a capacitance detection circuit of a sensor.

FIG. 21 is a timing chart showing the operation of the capacitance detection circuit.

FIG. 22 is a diagram illustrating a storage circuit of an authentication token.

[Explanation of symbols]

DESCRIPTION OF SYMBOLS 1 ... Authentication token, 11 ... Identity verification apparatus, 11A ... Identity verification result, 12 ... Storage circuit, 12A ... Password, 12
B: token ID, 13: communication device, 14: database, 14A: password, 1A: communication data, 2: service providing device, 21: communication device, 22: database,
22A: password, 23: verification circuit, 23A: verification result, 24: processing device, 25: password generation circuit, 25
A: new password, 26: storage circuit, 26A: device I
D, 3 ... registration device, 31 ... processing device, 3A ... registration information,
4 ... communication network, 1001 ... authentication token, 10
02: service providing device, 1011: biological information recognition circuit, 1012: encryption circuit, 1013: communication circuit, 10
14: storage circuit, 1015: result determination circuit, 1021 ...
Decoding circuit, 1022 random number generation circuit, 1023 result determination circuit, 1024 detection circuit, 1025 communication circuit,
1051 ... memory circuit, 1052 ... processing circuit, 1053 ...
Temporary storage circuit.

 ──────────────────────────────────────────────────の Continuing on the front page (72) Inventor Fumi Kuraki 2-3-1, Otemachi, Chiyoda-ku, Tokyo F-term in Nippon Telegraph and Telephone Corporation (reference) 5B085 AE03 AE23 AE25 5J104 AA07 KA01 KA16 NA05

Claims (36)

[Claims] 1. An authentication system for performing user authentication required when a user uses a service providing apparatus for providing a predetermined service by using biometric information of the user. If the user uses the service providing apparatus, the apparatus includes an authentication token connected to the service providing apparatus and performing user authentication based on the biometric information of the user. The authentication token is based on biometric information detected from the user. An identity verification device that verifies the identity of the user
A storage circuit for storing the password of the authentication token and token identification information for identifying the authentication token, and a password and token identification information for the storage circuit when the result of verification by the personal verification device indicates a successful verification. A communication device that transmits communication data from the authentication token to the service providing device, the service providing device receiving communication data from the authentication token, and a token identification of the authentication token. A first database that stores information and a password in advance in association with each other; a matching circuit that matches a password included in the communication data with a password retrieved from the first database using the token identification information as a key; A processing device for providing a service to the user based on a result of the comparison in the circuit. An authentication system comprising: 2. The authentication system according to claim 1, further comprising a registration device connected to the service providing device via a communication network, and for registering the token identification information and a password in the database in association with each other. An authentication system characterized by the following. 3. The authentication system according to claim 1, wherein the service providing device generates a new password, transmits the new password to the authentication token via the second communication device, and the first database. A password generating circuit that updates the password stored in the storage device, wherein the first communication device of the authentication token updates the password stored in the storage circuit with a new password received from the service providing device. An authentication system characterized by the following. 4. The authentication system according to claim 1, wherein the service providing device has a storage circuit for storing device identification information for identifying the service providing device, and wherein the second communication device is Reading the device identification information from the storage circuit in response to the connection of the authentication token and transmitting the device identification information to the authentication token, wherein the authentication token stores the device identification information for identifying the service providing device in association with a password. A second database, wherein the first communication device comprises:
An authentication system, wherein a password retrieved from the second database is used as a password to be transmitted to the service providing device, using the device identification information received from the service providing device as a key. 5. A user authentication required when a user uses a service providing apparatus for providing a predetermined service is performed between an authentication token for performing user authentication using biometric information of the user and the service providing device. An authentication method to be performed, wherein the authentication token stores in advance a password of the authentication token and token identification information for identifying the authentication token, and is the user himself / herself based on biometric information detected from the user. The password and token identification information are transmitted as communication data to the service providing apparatus when the collation result indicates successful collation, and the service providing apparatus compares the token identification information and the password of the authentication token with each other. 1 and stored in advance in association with each other and included in the communication data received from the authentication token. Authentication method characterized by collating the password retrieved from the first database password and the token identification information as a key, provides services to the user based on the comparison result. 6. The authentication method according to claim 5, wherein the registration device connected to the service providing device via a communication network registers the token identification information and a password in the first database in association with each other. Authentication method characterized by performing. 7. The authentication method according to claim 5, wherein the service providing device generates a new password in a password generation circuit, transmits the new password to the authentication token via the second communication device, and An authentication method, wherein the password stored in a first database is updated, and the authentication token updates a previously stored password with a new password received from the service providing apparatus. 8. The authentication method according to claim 5, wherein the service providing device stores in advance device identification information for identifying the service providing device, and the device identification information according to the connection of the authentication token. Transmitting information to the authentication token, the authentication token is stored in advance in a second database in association with device identification information for identifying the service providing device and a password, and is used as a password to be transmitted to the service providing device. And using a password retrieved from the second database using the device identification information received from the service providing device as a key. 9. A user authentication required when a user uses a service providing apparatus for providing a predetermined service is performed between an authentication token for performing user authentication using biometric information of the user and the service providing device. A recording medium on which a program for causing a computer to execute an authentication procedure to be performed is described, wherein the service providing apparatus stores in advance a token identification information and a password of the authentication token in a first database in association with each other; After collation of the user himself / herself based on the biometric information detected from the user with the authentication token, when the collation result indicates successful collation, the password of the authentication token and the authentication token transmitted from the authentication token are used. Receiving communication data including token identification information for identification, and the communication Collating the password included in the data with the password retrieved from the first database using the token identification information as a key, and providing a service to the user based on the collation result. Recording medium on which a program for recording is recorded. 10. The recording medium according to claim 9, wherein the service providing device transmits the token identification information to the first database from a registration device connected to the service providing device via a communication network. A recording medium further describing a program for executing a step of registering in association with a password. 11. The recording medium according to claim 9, wherein the service providing device generates a new password in a password generation circuit, and the authentication token is transmitted to the authentication token via the second communication device. And updating the password stored in the first database with the new password by transmitting the authentication token to the password stored in the first database. The described recording medium. 12. The recording medium according to claim 9, wherein the service providing device stores in advance device identification information for identifying the service providing device, and the storage device stores the device identification information according to the connection of the authentication token. By transmitting device identification information to the authentication token, device identification information used to identify the service providing device with the authentication token is associated with a password, stored in a second database of the authentication token, and the service provision is performed. Causing the device identification information received from the service providing device to be used as a key to search for the password from the second database, as the password to be transmitted to the device. 13. A user authentication required when a user uses a service providing apparatus for providing a predetermined service,
A program for causing a computer to execute an authentication procedure performed between an authentication token for performing user authentication using the biometric information of the user and the service providing device, wherein the service providing device includes a token identification of the authentication token. Storing the information and the password in a first database in association with each other in advance, and collating the user based on biometric information detected from the user with the authentication token. Receiving communication data including a password of the authentication token transmitted from the authentication token and token identification information for identifying the authentication token, and using the password and the token identification information included in the communication data as a key. Check with the password retrieved from the first database And a step of providing a service to the user based on the matching result. 14. The program according to claim 13, wherein the service providing device sends the token identification information and a password to the first database from a registration device connected to the service providing device via a communication network. A program for executing a step of associating with and registering. 15. The program according to claim 13, wherein the service providing device generates a new password in a password generation circuit, and the new password is transmitted to the authentication token via the second communication device. A program for executing a step of transmitting a password to update a password stored in advance with the authentication token, and a step of updating the password stored in the first database with the new password. 16. The program according to claim 13, wherein the service providing device stores in advance device identification information for identifying the service providing device, and the device according to the connection of the authentication token. Transmitting the identification information to the authentication token, associating the device identification information used for identifying the service providing device with the authentication token with a password and storing the password in a second database of the authentication token; Causing the device identification information received from the service providing device to be used as a key to search for the password from the second database. 17. The authentication system according to claim 1, wherein the storage circuit stores personal information of the user, service information relating to a service provided by the service providing apparatus,
And an authentication system for storing registration information used for personal verification and storing the personal information, the service information and the registration information in separate storage areas. 18. The authentication system according to claim 1, wherein the first communication device pre-registers data generated from dynamic information transmitted from the service providing device and a result of verification performed by the personal verification device. The encrypted data generated by the encryption circuit is transmitted to the service providing apparatus, and the verification circuit transmits dynamic information to be transmitted to the authentication token. A dynamic information generation circuit that generates the data; a decryption circuit that decrypts the encrypted data transmitted from the authentication token using a key that is paired with the key; and a collation included in the data decrypted by the decryption circuit. Only when the result indicates successful collation and the dynamic information included in the data matches the dynamic information generated by the dynamic information generation circuit and transmitted to the authentication token, it is determined that the collation is OK. And a result judgment circuit, the authentication system characterized in that matching in both the verification determination by matching determination and the result judgment circuit according to the password only if obtained, and outputs the verification result indicating verification success. 19. The authentication system according to claim 1, wherein the first communication device outputs the authentication data to the encryption circuit when a result of the verification by the personal verification device indicates that the authentication is successful. When the collation result indicates authentication failure, a first result determination circuit that outputs the collation result to the first communication circuit, and the service providing device responds according to the collation result from the first result determination circuit. And an encryption circuit for encrypting the transmitted dynamic information using a key registered in advance, adding the obtained encrypted data to the collation result, and outputting the result. Transmitting the verification result to which the encrypted data is added or the verification result from the first result determination circuit to the service providing apparatus, wherein the verification circuit generates dynamic information to be transmitted to the authentication token. Circuit and A decryption circuit that decrypts the encrypted data transmitted from the authentication token using a key that is paired with the key, and a verification result from the authentication token received by the second communication circuit indicates a successful verification Only in this case, the encrypted data added to the matching result is decrypted by the decryption circuit, and the obtained dynamic information is generated by the dynamic information generation circuit and transmitted to the authentication token. The second to judge collation OK only when they match
An authentication system that outputs a collation result indicating successful collation only when collation is obtained by both collation determination by the password and collation determination by the result determination circuit. . 20. The authentication system according to claim 1, wherein the first communication device encrypts the dynamic information transmitted from the service providing device using a key registered in advance, and obtains the obtained encryption. An encryption circuit that outputs the encrypted data as data to the first communication circuit, and instructs the encryption circuit to generate encrypted data when the result of the verification by the identity verification device indicates that the authentication is successful. A first result determination circuit that outputs data having a different number of digits from the encrypted data to the first communication circuit when the result indicates that the authentication has failed, and the data from the encryption circuit or the first 1, the data from the result determination circuit is transmitted to the service providing apparatus, the collation circuit generates a dynamic information to be transmitted to the authentication token, and a cryptographic information transmitted from the authentication token. A decryption circuit that decrypts the encrypted data using the key that is paired with the key, and when the number of digits of the data from the authentication token received by the second communication circuit indicates the number of digits at the time of successful authentication. Only when the encrypted data added to the data is decrypted by the decryption circuit and the obtained dynamic information matches the dynamic information generated by the dynamic information generation circuit and transmitted to the authentication token. And a second result determination circuit that determines that the verification is OK only when the verification is successful in both the verification determination by the password and the verification determination by the result determination circuit. An authentication system characterized by outputting. 21. The authentication system according to claim 18, wherein the authentication token further includes an ID storage circuit that stores identification information of the authentication token registered in advance, and wherein the first communication circuit includes: The identification information stored in the ID storage circuit is transmitted to the service providing apparatus, and the decryption circuit encrypts the information from the authentication token using a key corresponding to the identification information transmitted from the authentication token. An authentication system characterized by decrypting data. 22. The authentication method according to claim 5, wherein the authentication token stores, in a storage circuit, personal information of the user, service information relating to a service provided by the service providing apparatus, and registration information used for identity verification. And an authentication method, wherein the personal information, the service information, and the registration information are stored in separate storage areas in the storage circuit. 23. The authentication method according to claim 5, wherein the authentication token encrypts data generated from dynamic information transmitted from the service providing apparatus and a result of collation of the principal user with a key registered in advance. And transmits the encrypted data generated by the encryption to the service providing device. The service providing device generates the dynamic information and transmits the dynamic information to the authentication token, and the encryption transmitted from the authentication token. Decrypted data using a key that is paired with the key,
Only when the collation result included in the data obtained by the decryption indicates successful collation and the dynamic information included in the data matches the dynamic information transmitted to the authentication token, it is determined that the collation is OK. An authentication method comprising: outputting a collation result indicating successful collation only when a collation is obtained by both a collation determination using a password and a collation determination using the data. 24. The authentication method according to claim 5, wherein the authentication token is a key in which the dynamic information transmitted from the service providing apparatus is registered in advance when the verification result of the user indicates successful authentication. The encrypted data is transmitted to the service providing device by adding the obtained encrypted data to the collation result, and when the collation result of the user indicates authentication failure, the collation result is transmitted to the service providing device. The service providing apparatus generates the dynamic information and transmits the dynamic information to the authentication token, and only when the verification result from the authentication token indicates successful authentication, the encrypted data added to the verification result Decryption is performed using the key that is paired with the key. Only when the obtained dynamic information matches the dynamic information transmitted to the authentication token, it is determined that the verification is OK. Authentication method, wherein a match in both the verification determination by collation determines that the encrypted data only when it is obtained, and outputs the verification result indicating verification success. 25. The authentication method according to claim 5, wherein the authentication token is a key in which the dynamic information transmitted from the service providing apparatus is registered in advance when the verification result of the user indicates successful authentication. And transmits the obtained encrypted data as data to the service providing apparatus. If the result of the user's verification indicates authentication failure, the service providing apparatus provides data having a different number of digits from the encrypted data. Transmitting to the device, the service providing device generates the dynamic information and transmits it to the authentication token, and only when the number of digits of data from the authentication token indicates the number of digits at the time of successful authentication, the data Is regarded as encrypted data, decrypted using the key paired with the key, and the collation OK is determined only when the obtained dynamic information matches the dynamic information transmitted to the authentication token. ,
An authentication method comprising: outputting a collation result indicating successful collation only when collation is obtained by both the collation determination using the password and the collation determination by the result determination circuit. 26. The authentication method according to claim 23, wherein the authentication token transmits identification information of the authentication token registered in advance to the service providing apparatus, and the service providing apparatus transmits the identification information from the authentication token. An authentication method, characterized in that encrypted data from the authentication token is decrypted using a key corresponding to the transmitted identification information. 27. The recording medium according to claim 9, wherein the authentication token stores personal information of the user, service information relating to a service provided by the service providing device, and registration information used for identity verification in a storage circuit. And storing the personal information, the service information, and the registration information in separate storage areas in the storage circuit. 28. The recording medium according to claim 9, wherein the authentication token encrypts data generated from the dynamic information transmitted from the service providing apparatus and the result of the verification of the principal user with a key registered in advance. The steps of
Transmitting the encrypted information generated by the encryption to the service providing apparatus; generating the dynamic information in the service providing apparatus and transmitting the generated dynamic information to the authentication token; and Decrypting the encrypted data transmitted from the key using the key paired with the key, and a verification result included in the data obtained by the decryption indicates a verification success, and dynamic information included in the data. Determines that the verification is OK only when the verification information matches the dynamic information transmitted to the authentication token, and determines that the verification has succeeded only when the verification is obtained by both the verification based on the password and the verification based on the data. And a step of outputting a matching result. 29. The recording medium according to claim 9, wherein, if the authentication token indicates that the authentication of the user is successful, the dynamic information transmitted from the service providing apparatus is replaced with a key registered in advance. Using the encrypted data, adding the obtained encrypted data to the collation result, and transmitting the collated data to the service providing device. If the collation result of the user indicates authentication failure, the collation result is transmitted to the service providing device. Transmitting the dynamic information in the service providing device to the authentication token, and only when the verification result from the authentication token indicates successful authentication, Decrypting the encrypted data added to the authentication token using the key paired with the key, and Determining that the verification is OK only when the password matches the password, and outputting a verification result indicating the verification success only when the verification is obtained by both the verification using the password and the verification using the encrypted data. Recording medium on which a program for executing the program is written. 30. The recording medium according to claim 9, wherein, if the authentication token indicates that the authentication of the user is successful with the authentication token, the dynamic information transmitted from the service providing apparatus is registered in advance by a key. Transmitting the obtained encrypted data as data to the service providing apparatus, and when the verification result of the user indicates authentication failure, the data having a different number of digits from the encrypted data is transmitted. Transmitting the dynamic information to the authentication token in the service providing device, and determining the number of digits of data from the authentication token when the authentication is successful. Only when the number indicates a number, the data is regarded as encrypted data and decrypted using a key that is paired with the key. A step of determining that the verification is OK only when the dynamic information transmitted to the client matches the verification information, and indicating that the verification was successful only when the verification was obtained by both the verification determination using the password and the verification determination using the result determination circuit. And a step of outputting a verification result. 31. The recording medium according to claim 28, wherein a step of transmitting, with the authentication token, identification information of the authentication token registered in advance to the service providing apparatus, is executed. A recording medium in which a program for executing a step of decrypting encrypted data from the authentication token using a key corresponding to the identification information transmitted from the authentication token is described. 32. The program according to claim 13, wherein the authentication token stores, in a storage circuit, personal information of the user, service information on a service provided by the service providing apparatus, and registration information used for personal verification. A program for executing a step and a step of storing the personal information, the service information, and the registration information in separate storage areas in the storage circuit. 33. The program according to claim 13, wherein the authentication token encrypts data generated from the dynamic information transmitted from the service providing apparatus and the result of the verification of the principal user with a key registered in advance. Steps to
Transmitting the encrypted information generated by the encryption to the service providing apparatus; generating the dynamic information in the service providing apparatus and transmitting the dynamic information to the authentication token; and Decrypting the encrypted data transmitted from the key using the key paired with the key, and a verification result included in the data obtained by the decryption indicates a verification success, and dynamic information included in the data. Determines that the verification is OK only when the verification information matches the dynamic information transmitted to the authentication token, and determines that the verification has succeeded only when the verification is obtained by both the verification based on the password and the verification based on the data. And a step of outputting the matching result shown. 34. The program according to claim 13, wherein, if the authentication token indicates that the authentication of the user is successful, the dynamic information transmitted from the service providing apparatus is used with a key registered in advance. Transmitting the encrypted data to the service providing apparatus by adding the obtained encrypted data to the verification result, and transmitting the verification result to the service providing apparatus if the verification result of the user indicates authentication failure. The service providing device generates the dynamic information and transmits the dynamic information to the authentication token, and only when the verification result from the authentication token indicates successful authentication, Decrypting the added encrypted data using a key that is paired with the key, and transmitting the obtained dynamic information to the authentication token. A step of judging that the collation is OK only when the information matches the information, and a step of outputting a collation result indicating a successful collation only when the collation is obtained by both the collation determination using the password and the collation determination using the encrypted data. And a program to make it run. 35. The program according to claim 13, wherein in the case where the authentication token indicates that the authentication of the user is successful, the dynamic information transmitted from the service providing apparatus is stored in a key. Transmitting the obtained encrypted data as data to the service providing apparatus, and when the result of the user's verification indicates an authentication failure, the data having a different number of digits from the encrypted data is transmitted to the service providing apparatus. Transmitting the dynamic information to the authentication token in the service providing device; and the number of digits of data from the authentication token when the authentication is successful. And decrypting the data with a key that is paired with the key, considering the data as encrypted data. A step of judging that the collation is OK only when the dynamic information transmitted to the token matches, and indicating a collation success only when the collation is obtained by both the collation determination by the password and the collation determination by the result determination circuit. And outputting a collation result. 36. The program according to claim 33, further comprising the step of: transmitting, with the authentication token, identification information of the authentication token registered in advance to the service providing apparatus; A program for executing a step of decrypting encrypted data from the authentication token using a key corresponding to the identification information transmitted from the authentication token.