JP6765061B2 - Authentication system and authentication method - Google Patents

Description

The present invention relates to an authentication system that enables a secure connection between a device and a controller.

In recent years, home appliances are connected to a network, and services using various historical information collected on a server on the cloud are expected. In addition, services such as remote control of home appliances from outside via the cloud have begun to be provided. In such a service, for example, a controller for managing home appliances is installed in the home, and history information is transmitted from the home appliances to a server on the cloud or control information is transmitted from a server on the cloud to the home appliances. The controller relays it. At this time, by establishing the safety of the connection between the controller and the home electric appliance, it is possible to prevent the unauthorized device from being connected to the home network due to information leakage or spoofing in the communication in the home.

Conventionally, it is known to use a public key infrastructure (PKI) to authenticate the validity of home appliances (hereinafter, simply referred to as devices) and controllers. Authentication based on PKI prevents spoofing by mutually authenticating the legitimacy of a communication partner using a private key and a public key certificate issued by a certificate authority. Then, information leakage is prevented by securely sharing the key for encrypted communication with the communication partner whose legitimacy has been authenticated and performing encrypted communication.

RFC5191 Protocol for Carrying Authentication for Network Access (PANA)

In a home network, when the controller and the device cannot communicate directly, such as when the controller and the device are connected via a converter, a mechanism for the controller to authenticate the device is required. There is.
An object of the present disclosure is to provide an authentication method for a controller to authenticate a device when the controller and the device are connected via a converter in order to solve the above problems.

The authentication method of one aspect of the present disclosure is an authentication method executed by the server of the authentication authority, and there is an authentication method executed by the server, from the converter to the authentication information of the converter and the authentication of the device connected to the converter. When the information is received and it is determined that the combination of the converter and the device is valid, the authentication information proving the validity of the combination of the converter and the device is generated from the converter authentication information and the device authentication information. Then, the authentication information certifying the validity of the combination of the converter and the device is transmitted to the converter.

The authentication method of one aspect of the present disclosure is executed by a converter that connects to a controller via a first network, connects to a device via a second network, and connects to a server via a third network. It is an authentication method that receives authentication information from the server that proves the validity of the combination of the converter and the device, and executes mutual authentication with the controller using the authentication information that proves the validity of the combination of the converter and the device. To do.

According to the present disclosure, the server uses the converter authentication information and the device authentication information to generate a combined public key certificate (authentication information proving the validity of the combination of the converter and the device) for conversion. Send to the machine. Then, the converter performs mutual authentication with the controller using the combined public key certificate. As a result, the controller can authenticate the device that is in front of the converter and cannot communicate directly.

It is a figure which shows an example of the whole structure of an authentication system. It is a figure which shows an example of the structure of a controller. It is a figure which shows an example of the connected equipment management table held by a controller. It is a figure which shows an example of a public key certificate. It is a figure which shows an example of the structure of a device. It is a figure which shows an example of the connection controller management table held by a device. It is a figure which shows an example of the structure of a device. It is a figure which shows an example of the structure of a converter. It is a figure which shows an example of the connected equipment management table held by a converter. It is a figure which shows an example of the configuration of a server. It is a figure which shows an example of the structure of the combined public key certificate. It is a sequence diagram of the device registration process 1. It is a sequence diagram of the device registration process 2. It is a sequence diagram of the message transmission processing from a device to a controller. It is a sequence diagram of the message transmission processing from a controller to a device. It is a figure which shows an example of the whole structure of an authentication system. It is a figure which shows an example of the structure of the combined public key certificate.

Hereinafter, the authentication system according to the embodiment will be described with reference to the drawings. In addition, all the embodiments described below show a preferable specific example of the present invention. That is, the numerical values, shapes, materials, components, arrangement and connection forms of components, steps, order of steps, etc. shown in the following embodiments are examples of the present disclosure, and are not intended to limit the present disclosure. .. The present disclosure is specified based on the statements of the claims. Therefore, among the components in the following embodiments, the components not described in the independent claims indicating the highest level concept of the present disclosure are not necessarily necessary for achieving the tasks of the present disclosure, but are more preferable. It is described as a component constituting the form.

(Embodiment 1)
1. 1. System Configuration Here, as an embodiment of the present disclosure, the authentication system 10 will be described with reference to the drawings.
1.1 Overall configuration of the authentication system 10 FIG. 1 is a diagram showing an example of the overall configuration of the authentication system 10. The authentication system 10 is composed of, for example, a controller 100, a device 200 (device A, device B), a device 210 (device C), a converter 300, a server 400, a home area network 500, 600, and a network 700. The controller 100 is a device having a function of managing other devices. Device management refers to, for example, monitoring (collecting device history information of a device) and control (sending a control command to a device to execute a predetermined function). The devices 200 and 210 are home appliances such as televisions, recorders, air conditioners, refrigerators, and storage batteries, and housing equipment. The converter 300 is a device that converts a network between the home area network 500 and the home area network 600. Specific examples of the home area networks 500 and 600 include Ethernet (registered trademark), specified low power radio, Wi-Fi, Bluetooth (registered trademark), and power line communication. The server 400 is a server of a certificate authority that issues a public key certificate used for device authentication.
1.2 Configuration of Controller 100 FIG. 2 is a configuration diagram of the controller 100. The controller 100 is composed of a device management unit 101, a device information holding unit 102, an authentication processing unit 103, an authentication management unit 104, an authentication information holding unit 105, and a communication unit 106.

The device management unit 101 manages information on devices connected to the controller. When the device management unit 101 receives the connection request from the device, the device management unit 101 transmits the public key certificate received from the device to the authentication processing unit 103 and requests the authentication process. When the authentication result is received from the authentication processing unit 103 and the authentication is successful, the device ID, certificate ID, individual key, and group key are registered in the connected device management table held by the device information holding unit 102. In addition, the encrypted device history information received from the device is decrypted with the individual key or the group key, and the decrypted device history information is saved.

The device information holding unit 102 holds information on the device connected to the controller. FIG. 3 is a diagram showing an example of a connected device management table held by the device information holding unit 102. The device ID, the certificate ID of the public key certificate of the device or controller, the individual key shared by each device with the controller, and the group key are recorded in the connected device management table.
The authentication processing unit 103 performs an authentication process with the device for which the connection request has been made. When the authentication processing unit 103 receives an authentication request from the device management unit 101 together with the public key certificate of the device, the authentication processing unit 103 performs mutual authentication with the device and notifies the device management unit 101 of the authentication result. When the mutual authentication with the device fails, the authentication processing unit 103 determines that the device is an unauthorized device.

The authentication processing unit 103 also manages the key shared with the device. In the key management, an individual key and a group key are generated, and the generated individual key and the group key are transmitted to the device management unit 101. When performing encrypted communication with a device, the authentication processing unit 103 acquires an individual key or a group key from the device management unit 101 and sets it in the communication unit 106. It also manages the registration mode of the controller. The registration mode is the operation mode of the controller for mutual authentication with the device. If the registration mode is not activated, the authentication process or registration process is not executed even if a connection request comes from the device. .. The registration mode of the controller is activated, for example, by touching a button on the controller or an icon for activating the registration mode displayed on the touch screen.

The authentication management unit 104 performs a negotiation process between the controllers when the controllers enter the network. The negotiate process is a process of determining which of the plurality of controllers manages the group key and the session based on the type of the controller when a plurality of controllers exist in the home area network 500. The type of controller includes a dedicated device in which the controller controls the device, a general-purpose device such as a personal computer to which a function for controlling the device is added, and the like. Hereinafter, the controller that performs the group key and the session may be referred to as a coordinator.

The authentication information holding unit 105 has a key pair of a private key and a public key certificate and a CRL (Certificate Revocation List). The private key, public key certificate and CRL are embedded at the time of shipment. FIG. 4 is a diagram showing an example of the configuration of the public key certificate. A public key certificate consists of a version, an issuer, the start and end of a validity period, a certificate ID, and a signature of a certificate authority server.
The communication unit 106 communicates with the device 200. The communication unit 106 encrypts the communication with the device by using the group key received from the authentication processing unit 103.
1.3 Configuration of the device 200 FIG. 5 is a configuration diagram of the device 200. The device 200 is composed of a device management unit 201, a device history holding unit 202, a device information holding unit 203, an authentication processing unit 204, an authentication information holding unit 205, and a communication unit 206.

When the device management unit 201 activates the registration mode, the device management unit 201 transmits a connection request to the controller 100. When the public key certificate is received from the controller, the authentication request is sent to the authentication processing unit 204. When the authentication result is received from the authentication processing unit 204 and the authentication is successful, the controller ID, the certificate ID, the individual key, and the group key are registered in the connection controller management table held by the device information holding unit 203. Further, the device history recorded by the device history holding unit 202 is encrypted with the group key and transmitted to the controller periodically or irregularly.

The device history holding unit 202 acquires and records the operation history of the device.
The device information holding unit 203 manages information on the controller 100 connected to the device. FIG. 6 is a diagram showing an example of the connection controller management table included in the device information holding unit 203. The connection controller management table registers the controller ID, the certificate ID of the public key certificate of the controller, the individual key shared with the controller, and the group key. Further, when a plurality of controllers exist in the home area network 500, information indicating which controller is the coordinator is acquired and recorded.

The authentication processing unit 204 performs an authentication process with the controller. When an authentication request is received from the device management unit 201 together with the public key certificate, mutual authentication with the controller is performed. When the mutual authentication with the controller fails, the authentication processing unit 204 determines that the controller is an unauthorized device.
The authentication processing unit 204 manages the key shared with the controller. In key management, individual keys and group keys are received from the controller and transmitted to the device management unit 201. When performing encrypted communication with the controller, the authentication processing unit 204 acquires an individual key or a group key from the device management unit 201 and sets it in the communication unit 206. In addition, the authentication processing unit 204 manages the registration mode of the device. The registration mode is the operation mode of the device for mutual authentication with the controller that manages the device. If the registration mode is not activated, the controller authentication process and the registration process in the connection controller management table are executed. do not do. The device registration mode is activated, for example, by touching the device button or the registration mode activation icon displayed on the touch screen.

The authentication information holding unit 205 holds a key pair of a private key and a public key certificate and a CRL. The key pair of private key and public key certificate and CRL are embedded at the time of shipment of the device. Since the public key certificate has the same configuration as the public key certificate of the controller, the description here is omitted.
The communication unit 206 communicates with the controller. For communication with the controller, encrypted communication is performed using the individual key or group key received from the authentication processing unit 204.
1.3.1 Configuration of device 210 FIG. 7 is a configuration diagram of device 210. The device 210 is connected to the controller via a converter. The device 210 does not perform mutual authentication with the controller, but authenticates with the converter. The authentication between the device and the converter is not particularly limited, and mutual authentication using a public key certificate may be performed, or authentication may be performed using common secret information.

The device 210 is composed of a device management unit 201, a device history holding unit 202, a device information holding unit 203, an authentication information holding unit 205, a communication unit 206, and an authentication information management unit 207. The same reference numerals are given to the same configurations as those of the device 200, and the description thereof will be omitted.
The authentication information management unit 207 manages the key pair and the CRL of the private key and the public key certificate held by the authentication information holding unit 205. When a request to send a public key certificate is received from the converter, the public key certificate is sent via the communication department.
1.4 Configuration of Converter 300 FIG. 8 is a configuration diagram of the converter 300. The converter 300 is composed of a device management unit 301, a device information holding unit 302, an authentication processing unit 303, an authentication information holding unit 304, and a communication unit 305.

After connecting to the device, the device management unit 301 transmits a connection request to the controller 100. When the public key certificate is received from the controller, the authentication request is sent to the authentication processing unit 303. The device management unit 301 receives the authentication result from the authentication processing unit 303, and if the authentication is successful, registers the controller ID, the certificate ID, the individual key, and the group key in the connection controller management table held by the device information holding unit 302. To do.

The device information holding unit 302 manages information on the controller 100 and the device 210 connected to the converter. Since the connection controller management table held by the device information holding unit 302 is the same as in FIG. 6, description thereof will be omitted. FIG. 9 is a diagram showing an example of a connected device management table held by the device information holding unit 302. The connected device management table records the device ID and the certificate ID of the public key certificate of the device.

The authentication processing unit 303 performs authentication processing with the server 400 and the controller 100. In the authentication process with the server 400, mutual authentication with the server is performed using the public key certificate of the converter. When the authentication processing unit 303 acquires the public key certificate of the device 210, it sends it to the server together with the public key certificate of the converter and requests the issuance of the combined public key certificate. When the authentication processing unit 303 acquires the combined public certificate from the server, the authentication processing unit 303 performs mutual authentication with the controller using the combined public key certificate. When the mutual authentication with the controller fails, the authentication processing unit 303 determines that the controller is an unauthorized device. In addition, the authentication processing unit 303 manages the key shared with the controller. In key management, individual keys and group keys are received from the controller and transmitted to the device management unit 301. When performing encrypted communication with the controller, the authentication processing unit 303 acquires an individual key or a group key from the device management unit 301 and sets it in the communication unit 305.

The authentication information holding unit 304 has a key pair of a private key and a public key certificate. The key pair of private key and public key certificate is embedded at the time of shipment. Since the public key certificate has the same configuration as the public key certificate of the controller, the description here is omitted.
The communication unit 305 communicates with the controller. For communication with the controller, encrypted communication is performed using the individual key or group key received from the authentication processing unit 303.
1.5 Configuration of Server 400 FIG. 10 is a configuration diagram of server 400. The server 400 is composed of an authentication processing unit 401, an authentication information holding unit 402, a certificate issuing unit 403, a certificate holding unit 404, and a communication unit 405.

The authentication processing unit 401 performs authentication processing with a converter that requests issuance of a certificate. If mutual authentication with the converter fails, the certificate will not be issued. In the authentication process, the validity of the combination of the converter and the device is verified. Specifically, the authentication information holding unit 402 holds a whitelist of legitimate converter / device combinations, and the whitelist is confirmed to ensure that the converter / device combination is legitimate and meets the certificate issuance criteria. Check if it is. If the verification is successful, a request to issue a combined public key certificate is sent to the certificate issuing unit 403 together with the public key certificate of the converter and the device.

Upon receiving the request for issuing the combined public key certificate of the public key certificate of the converter and the device from the authentication processing unit 401, the certificate issuing unit 403 issues the combined public key certificate. FIG. 11 is a diagram showing an example of the combined public key certificate. The combined public key certificate is composed of a version, an issuer, a start of the validity period, an end of the validity period, a certificate ID, model information, and a signature. The model information is information on the models of the converter and the device, and specifically, information such as a product number and a serial number that can identify the model. For example, when the model connected to the converter is an air conditioner, the model information of the combined public key certificate includes both the model information of the converter and the model information of the air conditioner. The combined public key certificate certifies the validity of the combination of the converter and the device by including the model information of the converter, the model information of the device, and the signature of the certificate authority. When the certificate issuing unit 403 issues the combined public key certificate, it sends it to the converter.

The certificate holding unit 404 holds the combined public key certificate issued by the certificate issuing unit 403.
The communication unit 405 communicates with the converter.
1.6 Operation of the authentication system 10 The operation of the authentication system 10 includes the following.
(1) Device registration process 1 in which the device 200 and the controller 100 are connected and the controller 100 registers the device 200.
(2) Device registration process 2 in which the device 210 connects to the controller 100 via the converter 300 and the controller 100 registers the device 210.
(3) Process of transmitting a message from the device 210 to the controller 100 via the converter 300 (4) Process of transmitting a message from the controller 100 to the device 210 via the converter 300 Each of these will be described below with reference to figures. ..
1.6.1 Operation of device registration process 1 FIG. 12 shows a sequence of processes for registering the device 200a in FIG. 1 in the controller 100. The process of registering the device 200b in the controller 100 is also the same.
(S1101) The controller and the device activate the registration mode.
(S1102) A connection request is transmitted from the device to the controller. At this time, the device ID of the device is also transmitted.
(S1103) The device and the controller perform mutual authentication. For mutual authentication, PANA described in RFC5191 (Non-Patent Document 1) may be used. Further, the authentication algorithm of PANA may use EAP-TLS (Extensible Authentication Protocol-Transport Layer Security). Alternatively, mutual authentication of TLS may be performed.

If the device and the controller fail in mutual authentication, the process ends. Hereinafter, it is assumed that mutual authentication has been successful.
(S1104) The controller determines whether the group key is generated. That is, the controller determines whether or not the group key is shared with another device 200 or the converter 300 connected to the home area network 500. If the controller has not generated a group key, it will generate one. When encrypted communication of simultaneous broadcast transmission is performed with an AES (Advanced Encryption Standard) key length of 128 bits, a 128-bit group key is generated.
(S1105) The controller generates an individual key. When unicast encrypted communication is performed with an AES key length of 128 bits, a 128-bit group key is generated.
(S1106) The controller encrypts the individual key and the group key. For the encryption, the encryption function of PANA may be used, or the encryption function of TLS may be used. Send the encrypted individual key and group key to the device.
(S1107) The device decrypts the encryption individual key and the encryption group key, and registers the controller information, the individual key, and the group key in the connection controller management table.
(S1108) The controller registers the device ID, the certificate ID, the generated individual key, and the group key in the connected device management table.
1.6.2 Operation of device registration process 2 FIG. 13 shows a sequence of processes for registering the device 210 in FIG. 1 in the controller 100.
(S1201) The device and the converter perform the registration process. In the registration process, the device that has activated the registration mode and the converter may be registered by communication via the home area network 600, or the device may be registered by inputting the device information to the converter that has activated the registration mode. May be good. Further, the device and the converter may be registered by performing mutual authentication. In the registration process, the device's public key certificate may be sent from the device to the converter.
(S1202) The converter transmits a request for issuing a combined public key certificate to the server.
(S1203) The converter and the server perform mutual authentication. Mutual authentication at this time may be performed by TLS. If mutual authentication fails, the registration process ends.
(S1204) The converter transmits the public key certificate of the device to the server.
(S1205) The server verifies whether the public key certificate of the converter and the device meets the issuance criteria of the combined public key certificate. If the issuance criteria are not met, the server notifies the converter of the error. If the issuance criteria are met, the server issues a combined public key certificate and sends it to the converter.
(S1206) The controller and the converter activate the registration mode.
(S1207) The converter transmits a connection request to the controller.
(S1208) Authentication processing is performed by the converter and the controller. Since the authentication process here is the same as the process from (S1103) to (S1108), the description here will be omitted. However, mutual authentication between the controller and the converter is performed using the combined public key certificate issued by the server. Then, when the controller succeeds in mutual authentication, both the converter and the device are registered in the connected device management table. The certificate ID of the converter may be registered in the certificate ID field of the converter record in the connected device management table, or the certificate ID of the combined public key certificate may be registered. Further, the certificate ID of the device may be registered in the certificate ID field of the device record in the connected device management table, or the certificate ID of the combined public key certificate may be registered.
1.6.3 Operation of processing for transmitting a message from the device 210 to the controller 100 FIG. 14 shows a sequence of processing for transmitting device history information as a message from the device to the server. This upload is performed regularly or irregularly.
(S1301) The device transmits the accumulated device history information to the converter together with the device ID.
(S1302) The converter encrypts the device ID and device history information received from the device with a group key or an individual key, and transmits the device to the controller. When the message from the device to the controller is a message to a plurality of destinations including the controller, the converter may encrypt the message by using the group key and transmit it by simultaneous broadcast transmission. Further, when the message is a message addressed to one controller, the converter may encrypt it with an individual key and transmit it by unicast transmission.
(S1303) The controller receives the device ID and the encrypted device history information, and decrypts and records the device history information with the group key or the individual key. When the controller receives the message transmitted by broadcast transmission, it may decrypt it using the group key, and when it receives the message transmitted by unicast transmission, it decrypts it using the individual key. May be.
1.6.4 Operation of processing for transmitting a message from the controller 100 to the device 210 FIG. 15 shows a sequence of processing for transmitting a control command as a message from the controller to the device. It should be noted that the transmission of this control information is performed periodically or irregularly.
(S1401) The controller generates a control command for the device.
(S1402) The controller encrypts the generated control command using the group key or the individual key of the converter. For example, when the control command is for a plurality of devices, the controller may be encrypted using a group key. When the control command is for one device, it may be encrypted using an individual key.
(S1403) The controller transmits an encrypted control command. When the control command is for multiple devices, the controller may send the encryption control command by simultaneous broadcast transmission, and when it is for one device, the controller sends the encryption control command to the device by unicast transmission. You may.
(S1404) The converter decrypts the encryption control command received from the controller with the group key or the individual key, and transmits the decrypted control command to the device. When the converter receives the encryption control command transmitted by broadcast transmission, the converter may decrypt the control command with the group key, and receives the encryption control command transmitted by unicast transmission to the device. If so, it may be decrypted with an individual key.
(S1405) The device receives a control command from the converter and operates according to the control command.
1.7 Effect of the first embodiment In the first embodiment, the controller is connected to the converter by authenticating with the controller using the combined public key certificate from the information of the public key certificate of the converter and the device. The legitimacy of the device can also be authenticated. As a result, the validity can be verified even for a device that cannot be directly connected from the controller, and the device can be safely controlled. In addition, the controller and the converter perform the authentication process, so that the processing load on the device can be reduced.

2. Modifications Although the present disclosure has been described based on each of the above embodiments, it goes without saying that the present disclosure is not limited to each of the above embodiments. The following cases are also included in this disclosure.
(Modification 1) In the present disclosure, the operation when a device is newly connected to the converter may be as follows.

FIG. 16 is an overall configuration diagram when the device D is connected to the converter.
When the device D is connected, the processing of the controller, the converter, and the device is the same as the sequence of the device registration process 2 of FIG. 13, and thus the description thereof is omitted here. FIG. 17 is a diagram showing a configuration of a combined public key certificate issued by the server when the device D enters. The model information is a converter, device C (air conditioner), and device D (lighting). As described above, the combined public key certificate describes the device information of the converter and the device information of all the devices 210 connected to the converter via the home area network 600.

In the first modification, when a device is newly connected to the converter, the converter asks the server to issue a new combined public key certificate and authenticates with the controller using the new combined public key certificate. As a result, even if the number of devices connected to the converter increases, the devices can be registered in the controller by authenticating the controller and the converter.
(Modification 2) In the first embodiment, the converter receives the public key certificate from the device, but the present invention is not limited to this, and when the device to be connected to the converter is known in advance. , The public key certificate of the device may be embedded in the converter in advance, and the embedded public key certificate may be used to request the server to issue the combined public key certificate. If the device to be connected to the converter is known in advance, the public key certificate of the device and the private key of the device are embedded in the converter in advance, and the public key certificate and secret of the embedded device are embedded. The device may be registered in the controller by performing mutual authentication with the controller using the key.
(Modification 3) In the first embodiment, the converter receives the public key certificate from the device and requests the server to issue the combined public key certificate, but the conversion is not limited to this. If the device to be connected to the machine is known in advance, the combined public key certificate may be embedded in the converter in advance.
(Modification 4) In the first embodiment, when the device history information is transmitted from the device to the converter, it may be encrypted and transmitted. As the key used for encryption at this time, the key for encrypted communication may be shared in advance when the device and the converter are linked (registered), or a common encryption key may be embedded in advance.
(Modification 5) In the first embodiment, when the control information is transmitted from the converter to the device, it may be encrypted and transmitted. For encryption at this time, the key for encrypted communication may be shared in advance when the device and the converter are linked (registered), or a common encryption key may be embedded in advance.
(Modification 6) In the first embodiment, the controller may have a function of displaying the power consumption of the connected device, the power consumption of the storage battery, and the power generation amount of the photovoltaic power generation.
(Modification 7) In the first embodiment, the controller may be a distribution board installed at home.
(Modification 8) In the first embodiment, a new group key may be updated every time a session is updated. In the process of updating the session, the coordinator may manage the remaining time of the session and update the session of each device, or the coordinator notifies each device of the session time and each device manages the remaining time of the session. May be.
(Modification 9) In the first embodiment, the converter holds the public key certificate and the private key, and the converter receives the public key certificate from the device and requests the server to issue the combined public key certificate. However, this is not limited to this, and if the converter securely receives the public key certificate and private key from the device, the device's public key certificate and private key are used for mutual authentication with the controller. You may do. In addition, when the device is newly connected to the converter, when the public key certificate and private key are received from the newly connected device, the public key certificate of the device already connected and the newly connected device is received. May be sent to the server to issue a combined public key certificate. This eliminates the need to issue a public key certificate and private key to the converter.
(Modification 10) In the first embodiment, when the history information is transmitted from the converter to the controller, it is encrypted by using the group key and transmitted, but the present invention is not limited to this, and the controller and the converter are not limited to this. It may be encrypted and transmitted using a common individual key held by.
(Modification 11) In the first embodiment, when the control information is transmitted from the controller to the converter, it is encrypted by using the group key and transmitted, but the present invention is not limited to this, and the control information is connected to the converter. When transmitting the control information to the device to be used, the control information may be encrypted and transmitted using a common individual key held by the controller and the converter.
(Modification 12) Specifically, each of the above devices is a computer system composed of a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like. A computer program is recorded in the RAM or the hard disk unit. When the microprocessor operates according to the computer program, each device achieves its function. Here, a computer program is configured by combining a plurality of instruction codes indicating commands to a computer in order to achieve a predetermined function.
(Modification 13) A part or all of the constituent elements constituting each device of the first embodiment may be composed of one system LSI (Large Scale Integration). A system LSI is an ultra-multifunctional LSI manufactured by integrating a plurality of components on a single chip, and specifically, a microprocessor, a ROM (Read Only Memory), a RAM (Random Access Memory), and the like. It is a computer system composed of. A computer program is recorded in the RAM. When the microprocessor operates according to the computer program, the system LSI achieves its function.

Further, each part of the constituent elements constituting each of the above-mentioned devices may be individually integrated into one chip, or may be integrated into one chip so as to include a part or all of them.
Further, although the system LSI is used here, it may be referred to as an IC (Integrated Circuit), an LSI, a super LSI, or an ultra LSI depending on the degree of integration. Further, the method of making an integrated circuit is not limited to LSI, and may be realized by a dedicated circuit or a general-purpose processor. An FPGA (Field Programmable Gate Array) that can be programmed after the LSI is manufactured, or a reconfigurable processor that can reconfigure the connection and settings of circuit cells inside the LSI may be used.

Furthermore, if an integrated circuit technology that replaces an LSI appears due to advances in semiconductor technology or another technology derived from it, it is naturally possible to integrate functional blocks using that technology. There is a possibility of applying biotechnology.
(Modification 14) A part or all of the components constituting each device of the first embodiment may be composed of an IC card or a single module that can be attached to and detached from each device. The IC card or the module is a computer system composed of a microprocessor, ROM, RAM and the like. The IC card or the module may include the above-mentioned super multifunctional LSI. When the microprocessor operates according to a computer program, the IC card or the module achieves its function. This IC card or this module may have tamper resistance.
(Modification 15) The present disclosure may be the method shown above. Further, it may be a computer program that realizes these methods by a computer, or it may be a digital signal composed of the computer program.

The present disclosure also includes recording media capable of computer-readable computer programs or digital signals, such as flexible disks, hard disks, CDs (Compact Discs) -ROMs, MOs (Magneto-Optical discs), DVDs, DVD-ROMs. It may be recorded on a DVD-RAM, BD (Blu-ray (registered trademark) Disc), a semiconductor memory, or the like. Further, it may be the digital signal recorded on these recording media.

Further, in the present disclosure, the computer program or the digital signal may be transmitted via a telecommunication line, a wireless or wired communication line, a network typified by the Internet, data broadcasting, or the like.
Further, the present disclosure is a computer system including a microprocessor and a memory, in which the memory records the computer program, and the microprocessor may operate according to the computer program.

It is also carried out by another independent computer system by recording and transferring the program or the digital signal on the recording medium, or by transferring the program or the digital signal via the network or the like. May be.
(Modified Example 16) The above-described embodiment and the above-mentioned modified example may be combined.

3. 3. Supplement Further, the configuration of the authentication method, server, converter, and authentication system according to the present disclosure will be described.

(1) The authentication method of one embodiment of the present disclosure is an authentication method executed by a server, which receives the authentication information of the converter and the authentication information of the device connected to the converter from the converter, and the above-mentioned. When it is determined that the combination of the converter and the device is valid, the authentication information proving the validity of the combination is generated from the authentication information of the converter and the authentication information of the device, and the validity of the combination is generated. It is characterized in that the authentication information certifying the above is transmitted to the converter.

(2) The authentication method of one embodiment of the present disclosure is a conversion in which a controller is connected via a first network, a device is connected via a second network, and a server is connected via a third network. An authentication method executed by the machine, in which authentication information certifying the validity of the combination of the converter and the device is received from the server, and the authentication information certifying the validity of the combination is used with the controller. It is characterized by performing mutual authentication.

(3) The server of one embodiment of the present disclosure receives the authentication information of the converter and the authentication information of the device connected to the converter from the converter, and the combination of the converter and the device is valid. If it is determined that there is, the authentication information certifying the validity of the combination is generated from the authentication information of the converter and the authentication information of the device, and the authentication information certifying the validity of the combination is transmitted to the converter. It is characterized by doing.

(4) The converter according to the embodiment of the present disclosure is a conversion that connects to a controller via a first network, connects to a device via a second network, and connects to a server via a third network. The machine receives authentication information certifying the validity of the combination of the converter and the device from the server, and executes mutual authentication with the controller using the authentication information certifying the validity of the combination. It is characterized by that.

(5) The authentication system of one embodiment of the present disclosure connects to the controller via the registered device, the converter connected to the controller via the first network, and the converter via the second network. It is an authentication system including a device to be used and a server connected to the converter via a third network. The converter holds the authentication information of the converter and the authentication information of the device, transmits the authentication information of the converter and the authentication information of the device to the server, and causes the converter and the device from the server. It receives the authentication information that proves the validity of the combination with the device, and executes mutual authentication with the controller using the authentication information that proves the validity of the combination. The server receives the authentication information of the converter and the authentication information of the device from the converter, and when it is determined that the combination is valid, the authentication information of the converter and the authentication information of the device are used. The authentication information certifying the validity of the combination is generated, and the authentication information certifying the validity of the combination is transmitted to the converter. When the controller succeeds in the mutual authentication, the controller registers the device.

(6) The authentication system of one embodiment of the present disclosure is the authentication system of the above embodiment (5), and when the mutual authentication is successful, the controller and the converter share an encryption key. The converter receives a message from the device, encrypts the message using the encryption key to generate an encrypted message, and transmits the encrypted message to the controller. The controller receives an encrypted message from the converter and decrypts the received encrypted message using the encryption key.

(7) The authentication system of one embodiment of the present disclosure is the authentication system of the above embodiment (5), and when the mutual authentication is successful, the controller and the converter share an encryption key. The controller generates a message to the device, encrypts the message using the encryption key to generate an encrypted message, and transmits the encrypted message to the converter. The converter receives an encrypted message from the controller, decrypts the received encrypted message using the encryption key, and transmits the decrypted message to the device.

According to the authentication method, server, converter, and authentication system according to the present disclosure, the server (for example, a certificate authority) generates a combined public key certificate (authentication information indicating the validity of the combination of the converter and the device). And send it to the converter. Then, the converter performs mutual authentication with the controller using the combined public key certificate. As a result, the controller can authenticate the legitimacy of the device that is in front of the converter and cannot communicate directly.

According to the present invention, in a system in which a device and a controller are connected, the device can be registered in the controller even when the communication network is different, and the controller can control the device.

10 Authentication system 100 Controller 101 Device management section 102 Device information holding section 103 Authentication processing section 104 Authentication management section 105 Authentication information holding section 106 Communication section 200a, 200b, 210a, 210b Device 201 Device management section 202 Device history holding section 203 Device information Holding unit 204 Authentication processing unit 205 Authentication information holding unit 206 Communication unit 205 Authentication information management unit 300 Converter 301 Device management unit 302 Device information holding unit 303 Authentication processing unit 304 Authentication information holding unit 305 Communication unit 400 Server 401 Authentication processing unit 402 Authentication information holding part 403 Certificate issuing part 404 Certificate holding part 405 Communication part 500, 600 Network (Home Area Network)
700 networks

Claims (3)

A controller that manages registered devices, a converter that connects to the controller via a first network, a device that connects to the converter via a second network, and a converter that connects to the converter via a third network. An authentication system consisting of a server that connects to
The converter
Holds the authentication information of the converter including the model of the converter and the authentication information of the device including the model of the device.
The authentication information of the converter and the authentication information of the device are transmitted to the server.
Receives authentication information from the server, including model information indicating a combination of the model of the converter and the model of the device , and receives authentication information.
Mutual authentication with the controller is executed using the authentication information including the model information .
The server
Keep a whitelist of converter models and device model combinations,
Upon receiving the authentication information of the converter and the authentication information of the device from the converter,
It is determined whether or not the whitelist includes a combination of the model of the converter and the model of the device.
If it is determined that the Ru contains said combination, to generate authentication information including the model information from the authentication information of the authentication information of the converter device,
Authentication information including the model information is transmitted to the converter,
The controller
An authentication system that registers the device when the mutual authentication is successful. If the mutual authentication is successful, the controller and the converter share the encryption key, and the encryption key is shared.
The converter
Receive a message from the device
The message is encrypted using the encryption key to generate an encrypted message.
Send the encrypted message to the controller and
The controller
Receive an encrypted message from the converter
The authentication system according to claim 1 , which decrypts an encrypted message received by using the encryption key. If the mutual authentication is successful, the controller and the converter share the encryption key, and the encryption key is shared.
The controller
Generate a message to the device
The message is encrypted using the encryption key to generate an encrypted message.
Send the encrypted message to the converter and
The converter
Receive an encrypted message from the controller
Decrypt the encrypted message received using the encryption key,
Authentication system according to claim 1 for transmitting the decrypted message to the device.

Images