JP4724107B2 - User authentication method using removable device and computer - Google Patents

Description

  The present invention relates to a technique for ensuring the security of a computer using a removable device, and more particularly, to a technique for reducing the burden of password input by a user while ensuring security.

  A personal computer (hereinafter referred to as a PC) can authenticate the user by requesting a password from the user for use in order to allow use only by a legitimate user. In some cases, the number of passwords required by the user may be plural. For example, when starting up a PC, it is requested to input a power-on password (hereinafter referred to as POP) set in BIOS (Basic Input / Output System) and a password (hereinafter referred to as HDP) set in the magnetic disk device. There is a case. If either POP or HDP is entered incorrectly, the PC will not start. After the PC is started and the operating system (hereinafter referred to as OS) is started, the user may be required to input a user ID and password (hereinafter referred to as logon password) for logging on to the OS. If the logon password is entered incorrectly, the user cannot use the OS, and cannot perform work using an application program that runs on the OS. Furthermore, when using shared resources on the network (shared drive, shared folder, shared printer, etc.), the user may be required to input a network password. Unless the correct network password is entered, the user cannot use the corresponding shared resource.

  In addition, every time you connect to the Internet, use e-mail, use a specific website, use a specific online service, etc., you will be required to enter a user ID and password set for each. There is a case. In either case, if the user ID and password for the service that the user wants to use are entered incorrectly, the user cannot use that service.

  In recent years, in particular, an increasing number of websites and online services are used by inputting a user ID and password, such as web logs, SNS, online shops, and internet banking. On the other hand, information that is stored in a magnetic disk device mounted on a PC or exchanged via a network is highly confidential. Highly confidential information includes, for example, information related to personal privacy, information related to business confidentiality, or authentication information for accessing a network or online service that requires user authentication. If such information is leaked to a malicious third party and misused or tampered with, the damage becomes serious. That is, the number of passwords that the user has to remember increases under the situation where improvement of security related to user authentication is required, which is a burden on the user.

Note that there are the following documents as techniques using a password or an encryption key. Patent Document 1 discloses a method of storing an encryption key using a detachable storage means as a token and safely processing it. Patent Document 2 discloses a technique in which a serial number of a recording medium is encrypted with an encryption key possessed by the system body, recorded on the recording medium, and decrypted to determine whether or not it is an unauthorized use. Japanese Patent Application Laid-Open No. 2004-228561 discloses a technique for deleting a secret key used for encryption when the transfer is completed when the encrypted digital content is transferred to another recording medium. Non-Patent Document 1 describes software that stores a plurality of passwords, and that allows a plurality of stored passwords to be input by performing only one authentication using a password or the like.
JP 2000-516373 A JP 2005-301339 A JP 2005-346401 A WoodenSoldier, “Password Manager ID Manager”, [online], [searched September 5, 2006], Internet <URL: http://www.woodensoldier.info/soft/idm.htm>

  The password set in the PC needs to be managed so that it cannot be stolen by an attacker. For this purpose, it is desirable to keep the password only in the user's memory and not leave a memo. However, there is a limit to the number of digits of passwords that humans can memorize for a long time. Also, the burden on the user increases as the number of passwords that must be stored increases. In this case, the user sets the password to a character string or number string with a small number of digits or a combination thereof, sets the password to a meaningful word, sets multiple passwords to the same value, or sets the set password. The recorded memo is left in the vicinity of the PC.

  Decreasing the number of digits narrows the average attack space for trial and error attacks, and setting it to a meaningful word makes it easier to decipher with a dictionary attack, and storing it outside the user's memory can be a burden to store. Security tolerance is reduced. In addition, when it is necessary to set a plurality of passwords, if all are set to the same password, the significance of setting them individually is lost.

  However, it can be said that it is generally difficult for a user to memorize a plurality of passwords composed of random letters / numerical strings having a large number of digits and to update them periodically. In order to solve this problem, there is a technique in which a password is stored and managed in a special authentication device called a token. There is virtually no restriction on the number of digits of the password stored in the token, and random characters and numbers can be stored as a password using a PC, so the user can manage security only by managing the token. Can be strengthened. Since the token is normally used together with a PIN (Private Identification Number), even if the token is stolen, it is safe if the PIN is not stolen. In addition, since the user can easily recognize that the token has been stolen compared to the password as information, it is easy to deal with the token after it has been stolen.

  However, tokens are generally expensive, and PINs are usually on the order of 4 digits, so they may be stolen. The token is constituted by an inexpensive and detachable storage device (hereinafter referred to as a removable device) such as a USB flash memory, an SD memory card, a compact flash (registered trademark), a memory stick (registered trademark), and the like. It is conceivable to store authentication information generated by encrypting a password in the device.

  However, in such an authentication device using a removable device, there is a risk that a fake authentication device is produced by generating authentication information using the same algorithm. Furthermore, there is a risk that many authentication devices storing the same authentication information are duplicated by copying the authentication information stored in the genuine removable device to another removable device. If there are many authentication devices that store the same authentication information, the risk of unauthorized acquisition of those authentication devices by a malicious third party increases, which is not desirable.

  In order to eliminate such danger that occurs when using an authentication device, there is also a method of using a user authentication (biometric authentication) method based on biometric information such as fingerprints, veins, and irises instead of passwords. . However, in order to perform authentication using biometric information, the authentication device needs to have expensive hardware dedicated to user authentication.

  Accordingly, an object of the present invention is to provide a method for storing a non-reproducible password in a removable device and a method for manufacturing a removable device in which such a password is stored. A further object of the present invention is to provide a user authentication method with enhanced security while reducing the burden of user password management. A further object of the present invention is to provide a computer with enhanced security while reducing the burden of user password management. A further object of the present invention is to provide a computer program for realizing such a computer.

  A first aspect of the present invention provides a method for a computer to store authentication information on a removable device. When the computer receives a password used for user authentication from the user, the computer internally generates a pair of public key and secret key, and encrypts the received password using the public key to generate authentication information. Here, the public key used for encryption is erased and discarded from the computer without being transferred or stored internally, and thereafter the same authentication information is generated even if the computer receives the same password. You can't do that. By storing the generated authentication information in a removable device, it can be used for authentication work by connecting to a user computer. The user does not need to memorize the password included in the authentication information stored in the removable device. The password included in the authentication information is not limited by the number of digits as in the case where the user memorizes it, and a plurality of passwords may be used. The password may include any one or more passwords selected from the group including POP, HDP, logon password, network password.

  Normally, unique information such as a serial number is given to the removable device from the outside at the time of manufacture, and the serial number is stored in an area that cannot be written by the user. Different removable devices do not have the same unique information. Furthermore, it is impossible to rewrite the unique information from the outside. If this unique information is encrypted with a public key and included in the authentication information, it can be prohibited to copy the authentication information to a removable device other than the genuine removable device.

  Also, if you receive the user's personal information from the outside, and the private key is encrypted by decrypting the password encrypted with the destroyed public key, the personal information Since passwords cannot be decrypted by users other than those who have passwords, the risk of a removable device storing authentication information being stolen and used by a third party can be reduced. . The encryption here may be a method such as XOR operation of the secret key and personal information. Further, there is a method in which the private key is double-encrypted with the personal information of the user and the unique information of the removable device so that the unique information is not stored in the removable device. In order to perform user authentication using a removable device, when a user authentication module executed on the user computer is also generated in the computer that generated the authentication information, it is sent to the user computer simultaneously with the encrypted secret key, and the user -An authentication environment using a removable device can be easily constructed on a computer.

  The second aspect of the present invention provides a method in which a user computer performs user authentication using authentication information stored in a removable device. User authentication is performed using authentication information generated by an administrator computer. The authentication information is generated by the administrator computer encrypting the password using the public key paired with the private key and then destroying the public key from the administrator computer, and is stored in the removable device. The administrator computer may be the same as or different from the user computer that performs user authentication. When the user computer acquires the password by decrypting the authentication information read from the removable device using the secret key, the user computer compares the acquired password with the password stored in advance in the computer, thereby Authentication can be performed.

  Configures the private key stored in the user computer that performs user authentication as encrypted using the user's personal information, receives the user's personal information from the user during authentication, and decrypts the encrypted private key If this is done, the authentication information cannot be decrypted by anyone other than the user who has the personal information, so there is a risk that the removable device storing the authentication information will be stolen and used. Can be reduced. In addition, the unique information obtained by decrypting the authentication information using the private key and the unique information obtained by decrypting the authentication information using the private key and the unique information obtained by encrypting the unique information of the removable device using the public key are included in the authentication information. By comparing the information, it is possible to eliminate the risk that only the authentication information is copied to another removable device and used.

  The third aspect of the present invention is a process in an administrator computer that generates authentication information and a secret key, and a process in a user computer that authenticates a user by using the authentication information and secret key generated in the administrator computer. And a user authentication method. The administrator computer generates authentication information and a secret key in the same manner as described in the first aspect of the present invention. The generated authentication information is stored in the removable device. The generated private key and the password included in the authentication information by the user are stored in the user computer. The user computer authenticates the user in the same manner as described as the second aspect of the present invention.

  The fourth aspect of the present invention provides a computer that can be used as an administrator computer for generating authentication information and a secret key and that can store the authentication information in a removable device. The computer includes a processor, an interface to which a removable device can be connected, and a storage device that stores a computer program. The computer program has a function of receiving a password of the user computer from the outside, a function of generating a pair of public key and private key, and a function of generating authentication information by encrypting the password using the public key. The function of destroying the public key used for encryption from the computer and the function of storing the authentication information in the removable device are realized.

  According to a fifth aspect of the present invention, there is provided a computer used as a user computer for authenticating a user by using authentication information and a secret key generated by an administrator computer. This computer stores authentication information generated by encrypting a password using a processor, a storage unit for storing a password and a secret key, and a public key paired with the secret key, and then discarding the public key from the administrator computer. An interface that can connect the stored removable device, a reading unit that reads authentication information from the removable device, and an authentication unit that decrypts the read authentication information with a secret key and compares it with a password stored in the storage unit. If the authentication unit includes BIOS and SMRAM, authentication by POP and HDP used in the process before the OS is started and authentication after the OS is started can be safely performed. Further, if the storage unit is composed of a memory capable of read / write protection, the safety is further increased.

  The present invention can also provide a method for manufacturing a removable device storing authentication information by the same method as described in the first aspect of the present invention. Furthermore, it is possible to provide a computer program that causes a computer to implement the same method as described in the first and second aspects of the present invention.

  According to the present invention, it is possible to provide a method for storing an unreproducible password in a removable device and a method for manufacturing a removable device in which such a password is stored. Furthermore, according to the present invention, it is possible to provide a user authentication method with enhanced security while reducing the burden of user password management. Furthermore, according to the present invention, it is possible to provide a computer with enhanced security while reducing the burden of user password management. Furthermore, according to the present invention, a computer program for realizing such a computer could be provided.

  FIG. 1 is a diagram showing an overall configuration of an authentication system according to an embodiment of the present invention. In the authentication system of this embodiment, it is assumed that the administrator PC 10 and the user PCs 11, 12, and 13 are connected via a network having a secure channel. However, the present invention includes a case where the administrator PC 10 and the user PCs 11, 12, and 13 are not connected via a network. In the administrator PC 10, an authentication data creation tool 51, which is new software that operates on the OS, operates. The authentication data creation tool 51 is necessary when performing authentication work on the user PCs 11, 12, and 13 using the encrypted data 31, 32, and 33 used as user authentication information and the encrypted data 31, 32, and 33. Key registration tools 21, 22, and 23 for registering the secret key data are created. The secret key data is information generated by encrypting the secret key, and is included in the key registration tools 21, 22, and 23.

  The key registration tools 21, 22, and 23 are created as computer programs that can be executed only once by the user PCs 11, 12, and 13. When executed once, all the storage areas of the user PCs 11, 12, and 13 are stored. Is erased from When the key registration tools 21, 22, and 23 are executed by the user PCs 11, 12, and 13, the secret key data is stored in a secure storage area (details will be described later) of each user PC, and the removable device 41, User authentication using 42 and 43 becomes possible. Removable devices 41, 42, 43 are connected to the administrator PC 10, and encrypted data 31, 32, 33 corresponding to the respective user PCs 11, 12, 13 are stored. When each removable device 41, 42, 43 is connected to the user PC 11, 12, 13, a later-described user authentication process is performed. The administrator PC 10 and the user PC 11 may be the same. That is, the secret key data and encrypted data used by the administrator PC 10 can be created by the administrator PC 10. The key registration tools 21, 22, and 23 are transferred to the user PCs 11, 12, and 13 through a secure channel of the network.

  FIG. 2 is a schematic block diagram showing a system configuration of the PC 100 applied to the embodiment of the present invention. In the present embodiment, both the administrator PC 10 and the user PCs 11, 12, and 13 can have the same configuration of devices mounted inside the casing, and both will be described as the PC 100. The CPU 111 is an arithmetic processing unit having a central function of the PC, and executes an OS, a BIOS, a device driver, an application program, or the like. The CPU 111 executes the authentication data creation support tool 51 described with reference to FIG. 1 when the PC 100 is the administrator PC 10, and the key registration tools 21, 22, and 23 with the user authentication shown in FIG. 4 when the user PCs 11, 12, and 13 are used. Module 157 is executed. The CPU 111 can operate in an SMM (System Management Mode), which is an operation mode for system management, by asserting an SMI (System Management Interrupt) input pin (SMI #). In the SMM, an SMI handler that is an interrupt control handler existing in a CPU manufactured by Intel Corporation is executed in a specially allocated memory space. The SMM is a privileged execution mode mainly used for suspend, resume, power management and security related operations.

  The CPU bridge 113 includes a memory controller function for controlling an access operation to the main memory 115 and a data buffer function for absorbing a difference in data transfer speed between connected devices. Yes. The main memory 115 is a writable memory used as an area for reading a program executed by the CPU 111 and a work area for writing processing data. At the same time, the main memory 115 includes an area as SMRAM (System Management RAM), which will be described later. The video card 117 includes a video chip (not shown) and a VRAM (not shown), generates an image to be drawn in response to a drawing command from the CPU 111, writes the image to the VRAM, and reads it from the VRAM. The image is sent to the display 119 as drawing data.

  The I / O bridge 121 is a device controller that constitutes a chip set in the same manner as the CPU bridge 113. The I / O bridge 121 has an IDE (Integrated Device Electronics) interface function, and is connected to a magnetic disk device (HDD) 123 and an optical drive (not shown) such as a CD drive or a DVD drive. In the HDD 123, an OS, a device driver, an application program, and the like are installed. When the PC 100 is the administrator PC 10, the authentication data creation tool 51 is stored in the HDD 123. Handling of HDP necessary for enabling the HDD 123 is included in the specifications of the IDE interface, and the set HDP is stored in the management area of the magnetic disk device. Further, the I / O bridge 121 can connect various peripheral devices compliant with the USB standard via the USB interface 125. In both the administrator PC 10 and the user PCs 11, 12, and 13, a USB flash memory 127 that is a kind of the removable device 41 is connected here.

  Further, the I / O bridge 121 is connected to a device that does not require high-speed data transfer via the LPC bus 129. A BIOS flash ROM 131, a secure NVRAM (Non-Volatile RAM) 133, and an I / O controller 135 are connected to the LPC bus 129. The BIOS flash ROM 131 and the secure NVRAM 133 will be described later. Input / output devices (not shown) such as a keyboard 137 are connected to the I / O controller 135.

  Note that FIG. 2 is merely a simplified description of the hardware configuration and connection relationships necessary to explain the present embodiment. In addition to those mentioned in the above description, for example, an interface such as CardBus and miniPCI and peripheral devices connected via these interfaces, a wired LAN adapter, a wireless LAN module, a power supply device, an embedded system for controlling the operating environment such as temperature Many devices such as a controller are used to configure the PC 100. However, they are well known to those skilled in the art and need not be described in detail here because they do not require a specific explanation for understanding the present invention. Of course, a person skilled in the art can arbitrarily select a plurality of blocks shown in the figure as one integrated circuit or device, or conversely, one block can be divided into a plurality of integrated circuits or devices. It is included in the scope of the present invention as long as it can be performed.

  FIG. 3 is a diagram showing an internal configuration of the BIOS flash ROM 131, the secure NVRAM 133, and the main memory 115 that constitute the PC 100. The BIOS flash ROM 131 shown in FIG. 3A is a non-volatile memory in which stored contents can be electrically rewritten. The system BIOS 151, which is a basic program used for system activation and management, power supply, temperature, etc. Various utilities 153 that are software for managing the operating environment, POST (Power-On Self Test) 155 that is hardware testing software when the PC is started, and a user authentication module 157 that is software according to the embodiment of the present invention , A password service routine 158 which is a service routine for obtaining a password stored in the SMRAM 171 (details will be described later), an SMI handler 159 which starts the SMI service routine when the CPU 111 operates in SMM, and an HDD 123. Such INT13H handler 160 is stored. The user authentication module 157 is stored in the BIOS flash ROM 131 when the PC 100 is the user PCs 11, 12, and 13.

  The secure NVRAM 133 shown in FIG. 3B is a RAM that is backed up by a battery so that it will not be lost even if the PC is turned off, and the stored contents can be set to read / write prohibited by the operation of the system BIOS 151. Once the secure NVRAM 133 is set to read / write prohibition by the operation of the system BIOS 151, the read / write prohibition is not released until the power of the PC is reset. The BIOS prohibits reading and writing of the secure NVRAM 133 when the boot routine is finished and control is transferred to the OS. Therefore, it is difficult to read the content recorded in the secure NVRAM 133 that is prohibited from reading and writing from the outside, or to read the storage content of the secure NVRAM 133 under the operating environment of the OS. The secure NVRAM 133 stores setting information 161 and secret key data 163 of the device controller (CPU bridge 113 and I / O bridge 121) of the PC. The contents of the setting information 161 mainly include the startup sequence and drive number of the disk device, the connection method of each peripheral device, parameters related to data transfer, and POP. In the present embodiment, this secure NVRAM 133 is used as a secure storage area for storing the secret key data 163.

  When starting the PC in which the POP is set, the system BIOS 151 requests the user to input the POP, and compares the input password with the POP stored in the setting information 161 in advance. If they are equal, the activation operation is continued, and if they are not equal, the activation sequence is terminated there. Further, when starting up a PC in which HDP is set, the system BIOS 151 requests the user to input HDP, and sends the input password to the HDD 123 via the IDE interface. The HDD 123 compares the password sent via the IDE interface with the HDP stored in advance in itself. If they are equal, the HDD 123 can be accessed and the OS can be started. However, if they are not equal, the HDD 123 cannot be accessed and therefore the OS cannot be started.

  In the main memory 115 shown in FIG. 3C, an area as a SMRAM (System Management RAM) 171 is secured in addition to the user area 173 used in the normal operation of the PC 100. When the system BIOS 151 requests a transition to SMM, or when SMI # is asserted by hardware, the CPU 111 enters the SMM, the SMI handler 159 is called, and the CPU 111 operates as a single task. In the CPU 111 operating in the SMM, the SMI handler 159 disables all interrupts, so that control is not passed to other tasks. Furthermore, the SMRAM 171 can be exclusively used only by the CPU 111 operating in the SMM. Therefore, while the CPU 111 is operating in SMM, a program other than a single task operating under the control of the SMI handler 159 does not operate, and a process other than the program accesses the SMRAM area 171. It never happens.

  FIG. 4 is a block diagram for explaining generation of the key registration tool 21 and the encrypted data 31 in the embodiment of the present invention. FIG. 5 is a flowchart describing the procedure for generating the key registration tool 21 and the encrypted data 31 executed by the authentication data creation tool 51 in the administrator PC 10 based on the block diagram of FIG. In this procedure, the authentication data creation tool 51, which is software running on the OS, is operated on the administrator PC 10 to create the key registration tool 21 including the secret key data 163 and the user authentication module 157. The authentication data creation tool 51 creates the encrypted data 31 and stores it in the removable device 41. Key registration tools and encrypted data for other user PCs can be generated in the same procedure. A USB flash memory 127 is used as the removable device 41. The removable device 41 may have not only a wired interface with respect to the administrator PC 10 and the user PC 11 but also a wireless interface. Although the authentication data creation tool 51 operates on the OS, the administrator PC 10 has sufficient security. For example, the possibility that the contents input by the user may be leaked by a key logger, spyware, or the like is here. Then, it is not necessary to think in particular.

  After connecting the USB flash memory 127 to the administrator PC 10 and starting the authentication data creation tool 51 (block 301), the administrator stores the POP 201, HDP 203, and other password 205 used for authentication on the user PC 11 as an administrator. Input to the PC 10 (block 303). The other password 205 includes a logon password and a password necessary for each scene such as connection to the Internet, use of e-mail, use of a shared drive and a shared printer, use of a specific online service, and the like. Other information registered as the password 205 includes the user ID of the user who uses the USB flash memory 127, the name of the software requesting input of the password and the user ID, the URL of the web page, or the name of the site. May be included. Further, the administrator inputs the PIN 207 that is input when the user PC 11 authenticates the user (block 305). In this embodiment, since all passwords necessary for user authentication are stored in the USB flash memory 127, the PIN 207 can be set to a relatively simple number string or character string that can be stored for a long period of time by the user.

  The authentication data creation tool 51 reads the serial number 219 of the USB flash memory 127 (block 307). The serial number 219 is a number uniquely assigned to almost all removable devices regardless of the manufacturer or model, and different removable devices do not have the same serial number. In the present embodiment, the removable device does not necessarily have unique information such as the serial number 219. Then, the authentication data creation tool 51 uses the asymmetric key generation unit 209 to generate a pair of public key 211 and secret key 213 used in the asymmetric key encryption (public key encryption) method (block 309). In the asymmetric key cryptosystem, algorithms such as RSA cryptography, elliptic curve cryptography, and El Gamal cryptography are employed. When a plurality of pairs of public key 211 and secret key 213 are successively generated by the asymmetric key generation unit 209, the probability that a plurality of identical key pairs are generated is substantially equal to zero.

  The authentication data creation tool 51 encrypts the POP 201, HDP 203, and other passwords 205 using the public key 211 to generate encrypted data 31 (block 311), and stores it in the USB flash memory 127 (block). 313). The encrypted data 31 includes an encrypted POP 201 ′ obtained by encrypting the POP 201, an encrypted HDP 203 ′ obtained by encrypting the HDP 203, an encrypted other password 205 ′ obtained by encrypting the other password 205, and a serial number. And an encrypted serial number 219 ′ encrypted with 219. When using a removable device that does not have the serial number 219, the authentication data creation tool 51 sets predetermined information as the encrypted serial number 219 ′ and includes it in the encrypted data 31. Then, after storing the encrypted data 31 on the USB flash memory 127, the authentication data creation tool 51 destroys the public key 211 used for encryption so that it does not remain anywhere in the administrator PC 10 ( Block 315). As a result, even if it is attempted to generate encrypted data from the same POP 201, HDP 203, other password 205, and serial number 219, the public key 211 generated by the asymmetric key generation unit 209 is different every time. The same encrypted data as the encrypted data 31 stored on 127 cannot be generated later. The encrypted data 31 can be decrypted only by the public key 211 and the secret key 213 generated as a pair of asymmetric keys.

  Then, the authentication data creation tool 51 generates the key registration tool 21 for storing the secret key data 163 in the secure NVRAM 133 of the user PC 11 (block 317). The key registration tool 21 includes secret key data 163, a user authentication module 157, and a password service routine 158. The user authentication module 157 is software according to the embodiment of the present invention that operates by being stored in the BIOS flash ROM 131 of the user PC 11. The secret key data 163 is information obtained by encrypting the secret key 213 and the PIN 207 input by the user by performing an XOR operation. The reason for generating the secret key data 163 by encrypting the secret key 213 with the PIN 207 is to prevent the secret key data 163 from being decrypted if the PIN 207 is not input when the user PC 11 performs the authentication operation. is there. Therefore, the authentication data creation tool 51 may generate the secret key data 163 by encrypting the secret key 213 by another encryption method using the PIN 207 as a key. Once the key registration tool 21 is generated, the secret key 213 can be deleted from the administrator PC 10 so that the same secret key data 163 is not created multiple times (block 319). The key registration tool 21 is stored in the user PC 11 and used for user authentication together with the USB flash memory 127. Therefore, the number of key registration tools 21 corresponding to the number of user PCs to be authenticated by the USB flash memory 127 is created. In this embodiment, only the user PC 11 is authenticated by using the USB flash memory 127. It explains as being. This completes the process of generating the key registration tool 21 and the encrypted data 31 (block 321).

  FIG. 6 is a flowchart describing the registration procedure of the private key data 163 executed by the key registration tool 21 in the user PC 11. The key registration tool 21 is an executable computer program, such as a floppy disk (registered trademark), a network, or a removable device (which may or may not be the same as the one on which the encrypted data 31 is recorded). Is transferred from the administrator PC 10 to the user PC 11 in a secure environment and executed on the user PC 11 (block 401). It is assumed that the authentic POP 201, HDP 203, and other passwords 205 are stored in a predetermined location in the user PC 11 in advance. The key registration tool 21 installs the user authentication module 157 and the password service routine 158 in the BIOS flash ROM 131 of the user PC 11 (block 403), and stores the secret key data 163 in the secure NVRAM 133 (block 405). Thereafter, the key registration tool 21 disables itself (block 407) and ends the processing (block 409). This prevents the same secret key data from being registered in a plurality of user PCs when the key registration tool 21 is executed in another unintended user PC other than the user PC 11. Alternatively, a method for limiting the time from when the key registration tool 21 is generated until it is executed, or a method for requesting input of a password (which may be the same as or different from the PIN 207) at the time of execution, etc. A measure may be included to prevent the key registration tool 21 from being executed by anyone other than a legitimate user. A password management utility 251 (details will be described later) is installed in the user PC 11 separately from the key registration tool 21.

  FIG. 7 is a block diagram illustrating user authentication in the user PC 11 that has executed the key registration tool 21. FIG. 8 is a flowchart describing the user authentication procedure executed by the user authentication module 157 in the user PC 11. When the user authentication module 157 is installed by the procedure shown in FIG. 6 and the USB flash memory 127 is connected to the user PC 11 storing the secret key data 163 and the power is turned on, the system BIOS 151 initializes the hardware. After that, the user authentication module 157 is activated (block 501). At this time, the prohibition of reading and writing of the secure NVRAM 133 is canceled by the BIOS 151. The user authentication module 157 reads the serial number 219 from the USB flash memory 127 itself, and further reads the encrypted data 31 stored therein (block 503). The user then enters the same PIN 207 that the administrator entered in FIG. 4 (block 505).

  Then, the user authentication module 157 reads the secret key data 163 stored in the secure NVRAM 133 (block 507), and performs an XOR operation between the read secret key data 163 and the PIN 207 input in the block 505 (block 509). As described above, the secret key data 163 is data obtained by XORing the secret key 213 and the PIN 207. If the PIN 207 input by the user when creating the secret key data 163 and the PIN 207 input by the user in block 505 match, the secret key 213 can be obtained by XORing the secret key data 163 and the PIN 207. .

  Then, the user authentication module 157 decrypts the encrypted data 31 read from the USB flash memory 127 with the secret key 213 (block 511), and converts the serial number 219 included in the decrypted encrypted data 31 to the USB It is compared with the serial number 219 read from the flash memory 127 (block 513). If the secret key 213 is decrypted by the PIN 207, the encrypted data 31 is correctly decrypted, so that the decrypted serial number 219 is equal to the serial number 219 read from the USB flash memory 127. . That is, in block 513, if the decrypted serial number 219 is equal to the serial number 219 read from the USB flash memory 127 itself, the encrypted data 31, the secret key data 163, the serial number 219, and the PIN 207 Since it can be determined that everything is valid, the user PC 11 authenticates the user who connected the USB flash memory 127 and entered the PIN 207 as a valid user.

  If the user is correctly authenticated, the user authentication module 157 continues the process related to the activation of the user PC 11. The user authentication module 157 inputs the POP 201 obtained by decrypting the encrypted data 31 to the system BIOS 151 (block 515), inputs the HDP 203 to the HDD 123 (block 517), and stores the other password 205 in the SMRAM 171 (block). 519). If the system BIOS 151 and the HDD 123 confirm that the POP 201 and the HDP 203 are correct, the system BIOS 151 activates the POST 155 stored in the BIOS flash ROM 131, performs a hardware test, disables the reading and writing of the secure NVRAM 133, and sets the INT 13H handler 160. By calling, the HDD 123 is activated to start the OS (block 521). This completes the user authentication process at the BIOS stage (block 523). If the decrypted serial number 219 is not equal to the serial number 219 read from the USB flash memory 127 at block 513, the user authentication module 157 aborts the user authentication process without starting the OS and ends. (Block 525). The password management utility 251 is well-known software that operates on the OS after the user authentication is normally completed and the OS boots up, and receives other passwords 205 stored in the SMRAM 171 to perform authentication work. Details will be described later.

  In the authentication processing shown in FIGS. 7 and 8, for example, when the user makes a mistake in inputting the PIN 207, the key obtained by the processing in block 509 is not the correct secret key 213. Accordingly, since the serial number 219 decrypted using the wrong key in the process of block 511 is not equal to the serial number 219 read from the USB flash memory 127, the user is authenticated in the process of block 513. Not. Therefore, even if a malicious third party steals the USB flash memory 127, it cannot authenticate using the information included in the encrypted data 31 unless the PIN 207 is obtained. Since the PIN 207 can be set to numbers / character strings in a range that can be stored by the user, it is relatively easy for the user to keep the secret of the PIN 207. Here, the encrypted data 31 may be invalidated if the authentication is not correctly performed continuously for a certain number of times to reduce the possibility that the PIN 207 is determined by a trial and error method or a dictionary attack. .

  When attempting to copy the encrypted data 31 stored in the USB flash memory 127 to another USB flash memory, only the stored data can be copied, and the serial number cannot be copied. Therefore, the serial number read from the copied USB flash memory is not equal to the serial number 219 attached to the genuine USB flash memory 127. In other words, even if the PIN 207 is stolen to obtain the correct secret key 213 and the serial number 219 is decrypted from the copied USB flash memory, the decrypted serial number 219 is still stored in the authentic USB flash memory 127. The user is not authenticated in the process of block 513 because it is not equal to the serial number read from. Therefore, even if a malicious third party can copy the encrypted data 31 stored in the USB flash memory 127 to another USB flash memory and determine the PIN 207, it can impersonate a legitimate user. The user PC 11 cannot be accessed.

  FIG. 9 is a flowchart illustrating user authentication for logging in to the OS executed by the password management utility 251 after the user authentication is normally completed under the operating environment of the BIOS. The password management utility 251 is software that operates on the OS of the user PC 11 after the user authentication described with reference to FIGS. FIG. 9A shows processing executed when the OS starts up and accepts an input of a logon password. When the OS is started, execution of the password management utility 251 is started (block 601), and the password management utility 251 shifts the operation of the CPU 111 to SMM (block 603). Here, a password service routine 158 operating at the BIOS stage is called via the SMI handler 159. The password service routine 158 reads the other password 205 stored in the SMRAM 171 and passes the read other password 205 to the password management utility 251. (Block 605).

  Since the password management utility 251 receives the other password 205 decrypted from the encrypted data 31 via the SMRAM 171 and the password service routine 158, the password management utility 251 can perform processing under an OS environment that realizes multitasking. The possibility that another password 205 is read by a third party by a key logger or spyware is low. After reading the other password 205 at block 605, the password service routine 158 may erase the other password 205 stored in the SMRAM 171.

  The password management utility 251 exits SMM and returns to the state of accepting the input of the logon password of the OS (block 607), and whether or not the user ID and logon password used for logon exist in the other passwords 205. Is determined (block 609). If the user ID and logon password exist, the user ID and logon password are input to a known authentication module (not shown) that performs logon processing to the OS, and the process ends (blocks 611 to 613). If the user ID and logon password are not present in the other passwords 205, the process ends at that point (block 615). The logon password is encrypted and stored in the OS. For example, a user ID and a logon password entered through an authentication module that performs logon processing such as GINA (Graphical Identification and Authentication) in the Windows (registered trademark) series of Microsoft Corporation in the United States, and an OS registered in advance by the user The user authentication is performed by comparing the user ID and the logon password that are encrypted and stored in the password. Even after the logon / password authentication is completed, the password management utility 251 continues to operate as a resident program until the operation of the OS is completed.

  FIG. 9B shows processing executed in a state after the user logs on to the OS. Since the password management utility 251 is resident, the user can call the password input function of the password management utility 251 by an operation such as a right-click menu or a specific hot key. Alternatively, the password management utility 251 can detect a specific state that requires the input of a user ID and a password (or only a password) from the operating state of the OS, and call the password input function accordingly. The password management utility 251 detects, for example, a state in which specific software is being executed, a state in which a specific shared resource on the network is being accessed, and a state in which a specific URL is opened in a web browser. Applicable.

  When the password management utility 251 calls the password input function (block 651), the password management utility 251 corresponds to the input target in the other passwords 205 previously input by the user and stored in the OS. It is determined whether a user ID and password (or only a password) exist (block 659). If the corresponding user ID and password (or only the password) exist, they are input to the input target such as the corresponding software and the process is terminated (blocks 661 to 663). If the corresponding user ID and password (or only the password) do not exist in the other passwords 205, the processing is terminated as it is (block 665).

  FIG. 10 is a block diagram illustrating another example of the key registration tool and generation of encrypted data in the embodiment of the present invention. FIG. 11 is a flowchart describing the procedure for generating the key registration tool 721 and the encrypted data 731 executed by the authentication data creation tool 751 in the administrator PC 10 based on the block diagram of FIG.

  In the generation of the key registration tool 721 and the encrypted data 731 shown in FIG. 10, the difference from the method described in FIG. 4 is that first, the encrypted data 731 is obtained by encrypting the serial number 219 with the public key 211. This is not included. Second, the secret key data 763 included in the key registration tool 721 is data obtained by XORing the data obtained by XORing the secret key 213 and the serial number 219 and the PIN 207 input by the user. is there. Third, the user authentication module 757 included in the key registration tool 721 corresponds to authentication processing described later.

  Further, the flowchart of FIG. 11 differs from the flowchart described in FIG. 5 in that the encrypted data 731 created in block 811 and recorded in the USB flash memory 127 in block 813 is shown in FIG. It is a point that becomes the contents of the street. Second, the secret key data 763 included in the key registration tool 721 created in block 817 has the contents shown in FIG. Except for these differences, the configuration shown in FIGS. 10 and 11 is the same as the content described in FIGS. 4 and 5, and the same components have the same reference numerals and will not be described. Also, the processing on the user PC 11 of the key registration tool 721 is the same as that shown in FIG. 6 except that the secret key data 763 included in the key registration tool 721 and the user authentication module 757 are different. Omitted.

  FIG. 12 is a block diagram illustrating user authentication performed by the user PC 11 using the encrypted data 731 that has executed the key registration tool 721 created by the procedure shown in FIGS. 10 and 11. FIG. 13 is a flowchart describing a user authentication procedure executed by the user authentication module 757. The block diagram of FIG. 12 is different from the block diagram of FIG. 7 in that the serial number 219 read from the USB flash memory 127 is used for decrypting the secret key data 763. More specifically, the secret key data 763 and the PIN 207 input by the user are XORed, and the serial number 219 is further XORed to obtain the secret key 213 to decrypt the encrypted data 731. It is a point to become.

  The flowchart of FIG. 13 differs from the flowchart of FIG. 8 in that first, the process for obtaining the secret key 213 performs XOR operation on the secret key data 763 and the input PIN 207 as described above, and further, the serial number is obtained. This is a point that becomes a process of XORing 219 (block 909). Second, there is no processing of the block 513 for comparing the serial number. Instead, the POP 201 and the HDP 203 obtained by decrypting the encrypted data 731 are input to the system BIOS 151 and the HDD 123, so that the OS is booted correctly. There is a process in block 918 for determining whether or not it is ready. If the OS can be started by the correctly decrypted POP 201 and HDP 203, then the secret key 213 is correct, and the encrypted data 731, the secret key data 763, the serial number 219, and the PIN 207 are all valid. It can be determined that Except for these, the configuration shown in FIGS. 11 and 12 is the same as that described in FIGS. Further, the processing executed by the password management utility 251 after the user authentication is normally completed is also the same as the content shown in FIG.

  Several variations are possible for the embodiments of the present invention described so far. For example, in a notebook PC equipped with a security chip called TPM (Trusted Platform Module) which is a module for strengthening security, the non-volatile memory provided as standard in the TPM is replaced with the secure NVRAM 133 in the above-described embodiment. Can be used as an alternative. Since the TPM nonvolatile memory can prohibit reading and writing, it is suitable for implementing the present invention. Other than these, any non-volatile memory that is built in the PC and can be read / written can be used as a secure storage area for storing the secret key data in the present invention.

  Some PCs store the POP in the register of the I / O bridge 121 instead of in the setting information 161 of the secure NVRAM 133. In this case as well, the present invention can be implemented in exactly the same manner as in the previous embodiment. According to the present invention, since the user does not need to memorize POP, HDP, etc., it is possible to employ a random character string or number string having a large number of digits, so that the password stored in the user PC is a third party. The risk of being attacked and deciphered decreases. In addition, if the user stores only a PIN with a number of digits that does not burden the user and secures the secret, the user PC is not exposed to danger even if the removable device is stolen. According to the present invention, even if an inexpensive storage medium is adopted as a removable device, the security of encrypted data to be stored is sufficiently secured, so that it is safe.

  Although the present invention has been described with the specific embodiments shown in the drawings, the present invention is not limited to the embodiments shown in the drawings, and is known so far as long as the effects of the present invention are achieved. It goes without saying that any configuration can be adopted.

  It can be used in computers that perform password authentication.

It is a figure which shows the whole structure of the authentication system of this invention. It is a schematic block diagram which shows the system configuration | structure of PC concerning embodiment of this invention. FIG. 2 is a diagram showing an internal configuration of a BIOS flash ROM, a secure NVRAM, and a main memory in a PC according to an embodiment of the present invention. It is a block diagram shown about generation of the key registration tool and encrypted data concerning an embodiment of the present invention. It is the flowchart which described the procedure of the production | generation of the key registration tool which concerns on embodiment of this invention, and encryption data. It is the flowchart which described the procedure of registration of the secret key data which concerns on embodiment of this invention. It is a block diagram shown about the authentication of the user which concerns on embodiment of this invention. It is the flowchart which wrote down about the procedure of the authentication of the user which concerns on embodiment of this invention. It is the flowchart which described the procedure performed by the password management utility which concerns on embodiment of this invention. It is a block diagram which shows the other Example about the production | generation of the key registration tool which concerns on embodiment of this invention, and encryption data. 11 is a flowchart describing a procedure for generating a key registration tool and encrypted data performed in the embodiment according to FIG. 10. It is a block diagram shown about the authentication of the user performed in the Example which concerns on FIG. 11 is a flowchart describing a user authentication procedure performed in the embodiment according to FIG. 10.

Explanation of symbols

10 ... Administrator PC
11, 12, 13 ... User PC
21, 22, 23, 721 ... key registration tools 31, 32, 33, 731 ... encrypted data 41, 42, 43 ... removable devices 51, 751 ... authentication data creation tool 125 ... USB interface 127 ... USB flash memory 131 ... BIOS flash ROM
133 ... Secure NVRAM
151 ... System BIOS
157, 757 ... User authentication modules 163, 763 ... Secret key data 171 ... SMRAM
201 ... POP
203 ... HDP
205 ... Other password 207 ... PIN
209 ... Asymmetric key generation unit 211 ... Public key 213 ... Secret key 219 ... Serial number

Claims (17)

A method for a computer to store authentication information on a removable device,
Connecting the removable device to the computer;
Receiving a user computer password from outside,
Receiving the user's personal information from outside ,
Generating a pair of public and private keys;
Encrypting the password using the public key to generate the authentication information;
Destroying the public key used for the encryption from the computer;
Encrypting the secret key with the personal information;
Storing the authentication information in the removable device.   The storage method according to claim 1, wherein the password includes one or more passwords selected from a group including a power-on password, a hard disk password, a logon password, and a network password. Reading the unique information of the removable device;
Encrypting the unique information using the public key,
The storage method according to claim 1, wherein the authentication information includes the encrypted unique information. Wherein said step of encrypting using personal information, storage method of claim 1 including the step of XOR operation and the private key and the personal information. Connect the removable device to the user computer, to the user authentication by using personal information of the user input from the outside, the step of generating a user authentication module executed by the user computer The storage method according to claim 1 . The step of encrypting using the personal information includes the step of encrypting the secret key using unique information of the removable device, and further encrypting the encrypted secret key using the personal information. The storage method according to claim 1. A method in which a user computer authenticates a user using authentication information stored in a removable device,
Storing a password and a secret key generated by an administrator computer and encrypted using the user's personal information in the user computer;
Authentication information generated by encrypting a password input to the administrator computer using a public key generated in a pair with the secret key and then destroying the public key from the administrator computer is stored. Connecting a removable device to the user computer;
Reading the authentication information from the removable device;
A step of decoding the authentication information obtaining the password by using the secret key is decrypted using the private information received from the outside,
Comparing the decrypted password with a password stored in the user computer. The authentication information includes unique information of the removable device encrypted using the public key, and is read from the unique information acquired by decrypting the authentication information using the secret key and the removable device. The authentication method according to claim 7, further comprising a step of comparing the unique information. A method of authenticating a user on an administrator computer and a user computer,
The administrator computer receiving the password of the user computer from outside;
The administrator computer receiving personal information of the user from outside;
The administrator computer generating a pair of public and private keys;
The administrator computer encrypts the password using the public key to generate authentication information;
Destroying the public key used for the encryption from the administrator computer;
The administrator computer encrypting the private key using the personal information;
The administrator computer storing the authentication information in the removable device;
Storing the password and the encrypted secret key in the user computer;
The user computer reading the authentication information from the removable device;
A step of decoding the authentication information obtaining the password by using the secret key is decrypted using the private information which the user computer receives from the outside,
An authentication method comprising: comparing the decrypted password with a password stored in the user computer. A computer capable of storing authentication information on a removable device,
A processor;
An interface to which the removable device can be connected;
In the computer,
The ability to receive user computer passwords from outside;
A function of receiving the user's personal information from the outside, a function of generating a pair of public key and secret key,
A function of encrypting the password using the public key and generating the authentication information;
A function of destroying the public key used for the encryption from the computer;
A function of encrypting the secret key using the personal information;
A computer having a storage device storing a computer program for realizing a function of storing the authentication information in the removable device. The computer program on the computer;
A function of reading the unique information of the removable device;
A function of encrypting the unique information using the public key;
The computer according to claim 10 , wherein a function of including the encrypted unique information in the authentication information is realized. A computer that performs user authentication using a removable device,
A processor;
A storage unit for storing a password and a secret key generated by an administrator computer and encrypted using the user's personal information ;
A removable device storing authentication information generated by encrypting a password input to the administrator computer using a public key generated in a pair with the secret key and then destroying the public key from the administrator computer An interface that can be connected
A reading unit that reads the authentication information from the removable device;
A computer having an authentication unit that compares a password obtained by decrypting the authentication information using the private key decrypted using the personal information received from outside and a password stored in the storage unit. The computer according to claim 12, wherein the authentication unit includes a BIOS and an SMRAM. The computer according to claim 12, wherein the storage unit is configured by a memory capable of read / write protection. A method of manufacturing a removable device in which authentication information is stored by an administrator computer,
Connecting the removable device to an administrator computer;
Receiving a user computer password from outside,
Receiving the user's personal information from outside ,
Generating a pair of public and private keys;
Encrypting the password using the public key to generate the authentication information;
Destroying the public key used for the encryption from the administrator computer;
Encrypting the secret key using the personal information;
Storing the authentication information in the removable device. On the computer,
The ability to receive user computer passwords from outside;
The ability to receive user personal information from outside,
The ability to generate a pair of public and private keys;
A function of encrypting the password using the public key and generating the authentication information;
A function of destroying the public key used for the encryption from the computer;
A function of encrypting the secret key using the personal information;
A computer program for realizing a function of storing the authentication information in the removable device. On the user computer,
A function for storing a password and a secret key generated by an administrator computer and encrypted using the user's personal information ;
Authentication information generated by encrypting a password input to the administrator computer using the public key generated in a pair with the secret key and then destroying the public key from the administrator computer is removed from the removable device. Read function,
A function of decrypting the authentication information using the private key decrypted using the personal information received from outside and obtaining the password;
A computer program for realizing a function of comparing the decrypted password with a password stored in the user computer.

Images