JPH10247906A - Device with processing function, information processing system, authentication method, authentication / encryption method, and authentication / decryption method - Google Patents

Abstract

(57) [Summary] [PROBLEMS] To provide a device which can secure extremely high security for data in a system for encrypting and storing data. A device with a processing function capable of communicating with an information processing device for encrypting data with a temporary key, comprising: a secret key storage unit for storing a secret key; Biometric information input means for generating information; reference biometric information storage means for pre-registering the biometric information for a predetermined user; and biometric information obtained by the biometric information input means are registered in the reference biometric information storage means. Whether or not it is the same as the biological information that has been compared, only when it is determined that the same, means to enable the secret key, the temporary key passed from the information processing device, An encryption unit for encrypting using the secret key which has become available, and a unit for transmitting a temporary key encrypted with the secret key to the information processing apparatus.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to an information processing system for encrypting and storing data and authenticating a user, a device with a processing function for sharing some of the functions, an authentication method, and authentication / encryption. The present invention relates to a method and an authentication / decryption method.

[0002]

2. Description of the Related Art In recent years, computers have been miniaturized due to technological advances, and portable computers such as portable terminals have been particularly popular because of their convenience. Usually, a personal computer has a built-in large-capacity external storage device such as a hard disk, and can store various programs and data even if it is a portable type.

[0003] However, portable terminals are portable.
If the entire device is left behind or if the device itself is stolen, there is a risk that data existing in the computer will be illegally used. Also, if the computer is placed in a shared environment, the data may be viewed by a third party, the program may be used, or they may be taken out of the computer, or the data may be accidentally destroyed by the use of the third party. There is also a possibility that it will.

Therefore, conventionally, means for authenticating a user by inputting a password at a predetermined timing before access to a file (immediately before access to a file or at the time of log-in, etc.), or confidentiality from a user other than an authorized user, In order to protect them, a method was used to encrypt and save files in the computer.

[0005] However, when a password is entered when accessing a computer, the password is commonly used, so that the password may be leaked to the outside. It was complicated because it had to be configured so that it would not leak.

Also, the key information for encrypting a file is the same for all stored files, so that once the key information is known, all the files can be decrypted. Was.

[0007]

As described above, conventionally, there has been a risk that a third party could gain unauthorized access to a computer and view files stored in the computer.

[0008] In order to cope with this, there is a problem that a password may be known to a third party or a password may be forgotten.

In addition, even if a file stored in a computer is encrypted, if the computer reaches a third party's hand, the file may be decrypted and all files may be viewed. .

[0010] The present invention has been made in view of the above circumstances, and in a system for encrypting and storing data,
It is an object of the present invention to provide a device with a processing function, an information processing system, an authentication method, an authentication / encryption method, and an authentication / decryption method that can ensure extremely high security for data.

[0011]

Means for Solving the Problems The present invention (claim 1) provides:
A device device with a processing function capable of communicating with an information processing device for encrypting data with a temporary key, comprising: a secret key storage unit for storing a secret key; and a biometric information generated by detecting a predetermined physical quantity that can be individually identified. A biometric information input unit, a reference biometric information storage unit in which the biometric information of a predetermined user is registered in advance, and a biometric information obtained by the biometric information input unit is registered in the reference biometric information storage unit. It is checked whether the information is the same as the information, and only when it is determined that the information is the same, the means for enabling the secret key and the temporary key passed from the information processing apparatus are enabled. Encryption means for encrypting using the secret key,
Means for transmitting the temporary key encrypted with the secret key to the information processing apparatus.

According to a second aspect of the present invention, there is provided a device having a processing function capable of communicating with an information processing apparatus for encrypting data with a temporary key, wherein the means connects an external storage for storing a secret key, Biometric information input means for detecting a predetermined physical quantity capable of personal identification and generating biometric information; reference biometric information storage means for pre-registering the biometric information for a predetermined user; and a biometric information obtained by the biometric information input means. Means for checking whether the information is the same as the biometric information registered in the reference biometric information storage means, and only when it is determined that the biometric information is the same, means for enabling the use of the secret key; Encrypting means for encrypting the temporary key passed from the information processing device using the secret key stored in the external storage device that has become available, and encrypting the temporary key encrypted with the secret key. Information processing Characterized by comprising a means for transmitting to the location.

According to a third aspect of the present invention, there is provided a device having a processing function capable of communicating with an information processing apparatus for encrypting data with a temporary key, wherein a secret key storing means for storing a secret key, and a personal identification means. Biological information input means for detecting a predetermined physical quantity and generating biological information, reference biological information storage means in which the biological information for a predetermined user is registered in advance, and biological information obtained by the biological information input means, Means for comparing whether the biometric information is the same as the biometric information registered in the reference biometric information storage means, and only when it is determined that the biometric information is the same, the secret key can be used; A temporary key generating means for generating a temporary key, an encrypting means for encrypting the generated temporary key using the secret key which has become available, and a temporary key encrypted with the generated temporary key and the secret key. The information processing Characterized by comprising a means for transmitting to the location.

According to a fourth aspect of the present invention, there is provided a device having a processing function capable of communicating with an information processing apparatus for encrypting data with a temporary key, comprising: means for connecting an external storage device for storing a secret key; Biometric information input means for detecting a predetermined physical quantity capable of personal identification and generating biometric information; reference biometric information storage means for pre-registering the biometric information for a predetermined user; and a biometric information obtained by the biometric information input means. Means for checking whether the information is the same as the biometric information registered in the reference biometric information storage means, and only when it is determined that the information is the same, the means for enabling the use of the secret key; Temporary key generating means for generating a temporary key, encrypting means for encrypting the generated temporary key using the secret key stored in the available external storage device, and a generated temporary key. Key and Characterized in that the temporary key encrypted with a dense key and means for transmitting to the information processing apparatus.

[0015] The present invention (claim 5) is a device device with a processing function that can communicate with an information processing device that decrypts data encrypted with a temporary key, wherein secret key storage means for storing a secret key; Biometric information input means for detecting a predetermined physical quantity capable of personal identification and generating biometric information; reference biometric information storage means for pre-registering the biometric information for a predetermined user; and a biometric information obtained by the biometric information input means. Means for checking whether the information is the same as the biometric information registered in the reference biometric information storage means, and only when it is determined that the biometric information is the same, means for enabling the use of the secret key; Decryption means for decrypting the temporary key encrypted with the secret key passed from the information processing device using the secret key which has become available, and transmitting the decrypted temporary key to the information processing device Means And it said that there were pictures.

The present invention (claim 6) is a device device with a processing function that can communicate with an information processing device that decrypts data encrypted with a temporary key, and connects an external storage device that stores a secret key. Means, biometric information input means for detecting a predetermined physical quantity that can be identified individually and generating biometric information, reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, and biometric information input means. Means for comparing whether or not the obtained biometric information is the same as the biometric information registered in the reference biometric information storage means, and enabling the secret key only when it is determined that the biometric information is the same. Decoding means for decoding a temporary key encrypted with a secret key passed from the information processing device using the secret key stored in the available external storage device,
Means for transmitting the decrypted temporary key to the information processing apparatus.

According to a seventh aspect of the present invention, there is provided an information processing system according to the first or second aspect of the present invention, a temporary key generating means for generating a predetermined temporary key, and a generated temporary key. Encryption means for encrypting desired data using the temporary key, and encrypting the temporary key encrypted with the secret key, which is generated by passing the temporary key to the device device having the processing function. And an information processing device having means for storing the data in the storage device in association with the converted data.

[0018] An information processing system according to the present invention (claim 8) uses the device device with the processing function according to claim 3 or 4 and the desired data using the temporary key received from the device device with the processing function. Encryption means for encrypting;
Means for storing, in a storage device, a temporary key encrypted with a secret key, received from the device device with a processing function, in association with data encrypted with the temporary key, in a storage device. It is characterized by the following.

An information processing system according to the present invention (claim 9) is used for encrypting desired encrypted data to be decrypted with the device device having the processing function according to claim 5 or 6. Means for decrypting the data encrypted with the temporary key by using the temporary key encrypted by the secret key and passed to the device with the processing function and decrypted by the temporary key. And an information processing apparatus having the same.

According to a tenth aspect of the present invention, there is provided an information processing apparatus and a device with a processing function that can communicate with each other, and an external storage device with a processing function that can communicate with the device with the processing function. In the information processing system, the information processing apparatus includes: a temporary key generation unit configured to generate a predetermined temporary key; an encryption unit configured to encrypt desired data using the generated temporary key; Means for storing a temporary key encrypted with a secret key, which has been passed to the device device with the processing function and generated in association with the data encrypted with the temporary key, in a storage device, A device device with a processing function, a biometric information input unit that detects a predetermined physical quantity that can be identified individually and generates biometric information,
The reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, and whether the biometric information obtained by the biometric information input means is the same as the biometric information registered in the reference biometric information storage means Means for transmitting a predetermined control signal to the external storage device with the processing function, and a temporary key passed from the information processing device with the processing function only when it is determined that they are the same. Means for transmitting a temporary key encrypted with a secret key to the information processing device, the temporary key having been generated by being passed to an external storage device,
The external storage device with the processing function is a secret key storage unit that stores a secret key, and a unit that enables the use of the secret key only when a predetermined control signal is given from the device device with the processing function. Encrypting means for encrypting the temporary key passed from the device with the processing function using the secret key which has become available, and the device with the processing function encrypting the temporary key encrypted with the secret key And means for transmitting the data.

The present invention (claim 11) comprises an information processing apparatus and a device with a processing function that can communicate with each other, and an external storage device with a processing function that can communicate with the device with the processing function. An information processing system, wherein the device device with a processing function detects biological information input means for detecting a predetermined physical quantity that can be individually identified and generates biological information, and a reference biological information in which the biological information for a predetermined user is registered in advance. The information storage unit and the biometric information obtained by the biometric information input unit are compared to determine whether or not the biometric information registered in the reference biometric information storage unit is the same, and it is determined that the biometric information is the same. Means for transmitting the predetermined control signal to the external storage device with the processing function, a temporary key generating means for generating a predetermined temporary key, a generated temporary key, Means for transmitting a temporary key encrypted with a secret key, which has been generated by passing the time key to the external storage device with a processing function, to the information processing device. Secret key storage means for storing a secret key, means for enabling the use of the secret key only when a predetermined control signal is given from the device device with a processing function, and transfer from the device device with a processing function. Encryption means for encrypting the temporary key, using the secret key that has become available, and means for transmitting the temporary key encrypted with the secret key to the device device with a processing function, The information processing apparatus includes an encryption unit that encrypts desired data using a temporary key received from the device with a processing function, and an encryption unit that is encrypted with a secret key received from the device with the processing function. A temporary key,
Means for storing the data in the storage device in association with the data encrypted with the temporary key.

According to a twelfth aspect of the present invention, there is provided an information processing apparatus and a device with a processing function that can communicate with each other, and an external storage device with a processing function that can communicate with the device with the processing function. In the information processing system, the external storage device with a processing function includes a secret key storage unit that stores a secret key, and the secret key only when a predetermined control signal is given from the device device with a processing function. Means for enabling use, temporary key generation means for generating a predetermined temporary key, encryption means for encrypting the generated temporary key using the secret key which has become available, and the generated temporary key. Means for transmitting a temporary key encrypted with a key and a secret key to the device device with a processing function, the device device with a processing function detects a predetermined physical quantity that can be identified individually, and detects biometric information. Biometric information input means to be generated, reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, and biometric information obtained by the biometric information input means are registered in the reference biometric information storage means. Means for transmitting whether the predetermined control signal is transmitted to the external storage device having the processing function, and comparing the predetermined control signal with the external storage device having the processing function only when it is determined that they are the same. Means for transmitting a temporary key and a temporary key encrypted with a secret key, transmitted from the device, to the information processing device, wherein the information processing device Encryption means for encrypting desired data by using the temporary key encrypted with the secret key, which is received from the device with the processing function, and encrypting the data encrypted with the temporary key. Give characterized by comprising a means for storing in the storage device.

According to a thirteenth aspect of the present invention, there is provided an information processing apparatus and a device with a processing function that can communicate with each other, and an external storage device with a processing function that can communicate with the device with the processing function. An information processing system, wherein the information processing apparatus converts a temporary key used in encrypting desired encrypted data to be decrypted, which is encrypted with a secret key, into the processing function. Means for decrypting the data encrypted with the temporary key using the temporary key passed to and decrypted by the device device with the processing function, wherein the device device with the processing function detects a predetermined physical quantity that can be identified individually. Biometric information input means for generating biometric information, reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, and biometric information obtained by the biometric information input means, Means for comparing whether the biometric information is the same as the biometric information registered in the quasi-biological information storage means, and transmitting a predetermined control signal to the external storage device with the processing function only when it is determined that the biometric information is the same; Means for transmitting a temporary key encrypted with the secret key passed from the information processing device to the external storage device with a processing function and having the generated temporary key transmitted to the information processing device. The external storage device with a processing function includes a secret key storage unit that stores a secret key, and a unit that enables the use of the secret key only when a predetermined control signal is given from the device device with a processing function. Decryption means for decrypting the temporary key encrypted with the secret key passed from the device device having the processing function using the secret key which has become available; With debye Characterized by comprising a means for transmitting device.

The reference biometric information additional registration device according to the present invention (claim 14) is characterized in that the biometric information is stored in the reference biometric information storage means of the device with the processing function according to any one of claims 1 to 13. If is not registered,
The user is prompted to enter a password, and if it is determined that the entered password is valid, and if the biometric information is registered in the reference biometric information storage means, the user is asked to enter biometric information, Only when the biological information input from the information input means is determined to be the same as the biological information registered in the reference biological information storage means, the biological information stored in the reference biological information storage It is characterized by comprising means for at least enabling additional registration of information.

[0025] The present invention (claim 15) is an authentication method in an information processing system for performing encryption or decryption using a secret key, wherein a biometric information is generated by detecting a predetermined physical quantity that can be identified. The secret key can be used only when it is determined that the generated biometric information is the same as biometric information registered in advance.

The present invention (claim 16) relates to an authentication / encryption method in an information processing system for encrypting data, wherein a biometric information is generated by detecting a predetermined physical quantity which can be identified individually. Only when it is determined that the biometric information is the same as pre-registered biometric information, the secret key can be used, desired data is encrypted with a predetermined temporary key, and the temporary key is The data is encrypted with the temporary key that has become usable, and the data encrypted with the temporary key and the temporary key encrypted with the secret key are stored in association with each other.

The present invention (claim 17) relates to an authentication / decryption method for an information processing system for decrypting encrypted data, wherein a biometric information is generated by detecting a predetermined physical quantity that can be identified individually. Only when it is determined that the obtained biometric information is the same as the biometric information registered in advance, the secret key can be used, and when encrypting desired encrypted data to be decrypted, The used temporary key encrypted with the secret key is decrypted using the secret key, and the data encrypted with the temporary key is decrypted using the decrypted temporary key. It is characterized by the following.

[0028] Preferably, the predetermined temporary key generated by the temporary key generation means may be changed each time data is encrypted.

Preferably, the temporary key may be different for each data.

Preferably, the biological information is a one-dimensional distribution of electrical characteristics (for example, a one-dimensional distribution of electric resistance or capacitance) caused by contact of the surface of a specific part of the body of the user. Is also good. Preferably, the biological information input means may include a surface shape sensor that forms a one-dimensional electric signal distribution in response to a change in electric characteristics caused by contact of the surface of the specific portion. .

Preferably, the biometric information is a one-dimensional electrical characteristic distribution (electric resistance or capacitance of electric resistance or capacitance) in the longitudinal direction of the finger caused by contact of the user's finger surface (finger surface including the user's finger joint). (One-dimensional distribution). Also, preferably, the biological information input means,
It may have a surface shape sensor that forms a one-dimensional electric signal distribution in response to a change in electric characteristics caused by the contact of a finger.

Preferably, the data is a document,
It may include at least one of a sound, an image, and a program.

The invention relating to each apparatus described above is also valid as an explanation relating to a method.

The above-described invention is also realized as a machine-readable medium storing a program for causing a computer to execute the corresponding procedure or means.

According to the present invention, a private key necessary for encryption and decryption can be used only when the user is authenticated by user authentication using biometric information that can be individually identified. However, a third party who is not registered cannot view the encrypted data stored in the information processing device, and cannot encrypt the data and store it in the information processing device.

Also, since the key actually used for encryption is not a fixed secret key but a generated temporary key, the key can be changed for each data or every encryption, and this temporary key is Since it is encrypted and stored with the private key, it is extremely difficult for a third party who is not registered to decrypt the secret key and the temporary key, and that the third party decrypts the ciphertext data. Is impossible. As a result, even if the information processing device storing the encrypted data therein passes to a third party, it is possible to prevent the third party from using the encrypted data.

In addition, when registering biometric information data used for verification, registration can be performed after authenticating the registrant's validity. You cannot register with.

[0038]

Embodiments of the present invention will be described below with reference to the drawings.

In the information processing system according to the present embodiment, generally, when data is encrypted, the information processing apparatus generates a predetermined temporary key, and encrypts the plaintext data using the key. Requesting the encryption of the temporary key to a device device with a processing function (or a device device and an external storage device with a processing function) detachable from the information processing device, and the device device with the processing function The key is encrypted with the secret key and passed to the information processing device, and the information processing device associates the data encrypted with the temporary key with the temporary key encrypted with the secret key, and stores the data in the storage device in the information processing device. save. At this time, in the device device having the processing function, the biometric information of the user is input from the sensor unit, and the secret key can be used only when the biometric information matches the registered one.

In the information processing system according to the present embodiment, when decrypting encrypted data, the encrypted data and the corresponding encrypted temporary key are stored in a storage device. And decrypts the encrypted temporary key with a device device with a processing function detachable to this information processing device (or a device device and an external storage device with a processing function). The encrypted temporary key key is decrypted with the secret key and passed to the information processing device, and the information processing device decrypts the encrypted data using the passed temporary key. that time,
In the device with the processing function, the biometric information of the user is input from the sensor unit and the secret key is made usable only when the biometric information matches the registered one.

The function of generating a temporary key may be provided on the device with processing function (or on the external storage device) instead of being provided on the information processing device. In this case, in the case of encryption, the difference from the above is that the temporary key and the temporary key encrypted with the secret key are passed from the device with the processing function to the information processing apparatus.

As a method of storing the secret key, a method of storing the secret key in the device with the processing function and a method of reading the secret key from the IC card storing the secret key into the device with the processing function can be considered.

Each information processing device may be a single user or a device shared by a plurality of users. However, it is desirable to prepare a device device with a processing function that stores a secret key for each user. Alternatively, an IC card storing a secret key may be prepared for each user, and a device device with a processing function in this case may be provided exclusively for the information processing device.

In this embodiment, DES or FEAL is used for the encryption method of the data to be encrypted and the encryption method of the temporary key used for encrypting and decrypting the data.
It is assumed that a desired common key cryptosystem such as the above is used. Note that the former encryption method of the data to be processed and the latter encryption method of the temporary key may be the same or different.

Here, the data is a set of information, and its contents may be in various forms such as a document, a sound, an image, and a program. The encrypted data is stored in a storage device as a file.

Hereinafter, the information processing system according to the present embodiment will be described in more detail.

In the following, after describing the personal authentication function, an information processing system for encrypting data and an information processing system for decrypting encrypted data will be described in order.

In the following description, it is assumed that the temporary key is generated on the information processing apparatus side, and that the secret key is stored in the device with the processing function.

FIGS. 1 and 4 are diagrams respectively showing an example of a configuration for encrypting data and an example of a configuration for decrypting encrypted data in an information processing system according to an embodiment of the present invention. is there.

As shown in FIGS. 1 and 4, in this embodiment, the information processing system is divided into two parts, a device device (hereinafter, referred to as a device device) 107 having a processing function and an information processing device 113. And they are configured as separate housings that can communicate with each other.

The information processing device 113 generates a temporary key, encrypts data using the temporary key, and decrypts data encrypted using the temporary key. In the information processing device 113,
For example, a personal computer or a portable terminal can be used.

The device 107 stores the secret key, encrypts the temporary key with the secret key, and decrypts the temporary key encrypted with the secret key. The device device 107 includes:
For example, an IC card having a processing function can be used.

Information processing device 113 and device device 107
Means that data is exchanged via the respective interface units (not shown). For example, a method of directly connecting the device device 107 to a socket in the information processing device 113 at the time of use may be used, or communication may be performed by infrared rays or the like.

When the device 107 is not used, it is preferable that the device 107 be stored in a safe place by the user.

Next, before describing the encryption and decryption of data, a personal authentication function common to the configuration on the encryption side in FIG. 1 and the configuration on the decryption side in FIG. 4 will be described.

In this embodiment, instead of encrypting data with a secret key, data is encrypted with a temporary key that can be changed each time, and this temporary key is encrypted with a secret key. Registered biometric information (electronic information of physical features that can be identified individually), and perform personal authentication as to whether or not the user is a valid user of the information processing system by comparing the biometric information, By enabling the use of the private key only when the verification is successful, and by providing the personal authentication function and the data of the private key in the device and storing them independently of the information processing device, Security is provided to ensure extremely high security.

The physical characteristics that can be identified are:
Various types such as a fingerprint, a voiceprint, and an iris are known, but in the present embodiment, the personal authentication function is changed depending on the fingerprint in that it is easy to build the personal authentication function in a device device having a small and thin housing. The electrical characteristic distribution (one-dimensional information) in the longitudinal direction of the finger to be taken is collected as biological information, and this information is used for personal authentication. This enables highly accurate authentication in a short time. Further, since the user only has to put his finger on the electrode of the sensor unit, there is an advantage that the user is not burdened with the authentication.

In this embodiment, it is assumed that one-dimensional information (hereinafter, referred to as finger information) of electric resistance in the longitudinal direction of the finger which changes depending on the fingerprint is used.

As the electrical characteristics, capacitance may be used instead of electric resistance. It is also possible to use a one-dimensional distribution of electric resistance or capacitance of the surface of a part of the living body other than the finger.

Regarding the personal authentication by the finger joint, “A
New Personal Verification
Sensor System Using an E
Electrode Array ”; Technical
Daigest of the 13th Sens
or Symposium, 1995, pp. 22
9 to 232; Itsumi and S.M. Uch
ida, JP-A-7-168930, JP-A-8-
It is disclosed in detail in JP-A-235261.

In this embodiment, it is assumed that the technology disclosed in the above document is used.

As shown in FIGS. 1 and 4, the device 107 includes a biometric information detecting unit 101 and a collating unit 10.
2, a switch unit 103, a second encryption processing unit 104, a reference finger data storage unit 105, and a secret key storage unit 106.

The sensor section 101 inputs finger information data from the user's finger applied to the electrode portion. Sensor unit 10
One electrode portion is formed on the surface of the device device 107 main body.

The finger reference data storage unit 105 stores user's finger information data registered in advance as reference data. The finger reference data storage unit 105 makes access inaccessible unless a special procedure described later is taken, for example. It is preferable that a plurality of finger information data can be registered in the finger reference data storage unit 105.

The collation unit 102 collates the finger information data output from the sensor unit 101 with the reference data registered in the finger reference data storage unit 105, and authenticates its validity (the finger is placed on the electrode part). It is determined whether the assigned user is a valid user). Then, only when it is determined to be valid, a predetermined control signal is output.

The private key storage unit 106 stores private key data. The secret key storage unit 106 includes the switch unit 10
Others that can be provided to the second cryptographic processing unit 104 via the third unit 3 are inaccessible. However, an operation such as updating of the secret key data may be made possible after passing the authentication.

The switch section 103 is assumed to be closed only when the predetermined control signal is given from the collation section 102.

FIG. 19 shows an example of the procedure of the authentication processing according to the present embodiment.

When the same finger as that at the time of registration is applied to the electrode portion of the sensor unit 101 of a legitimate user whose finger information data has already been registered, finger information data is generated by the sensor unit 101 (step S61). ), The inputted finger information data is stored in the reference finger data storage
5 is determined (step S 5).
62). As a result of the collation, when it is determined that the user is registered, that is, when it is determined that the user who puts a finger on the electrode portion is a valid user (step S63), a predetermined control signal is given to the switch unit 103. In response, the switch unit 103 is closed, and the secret key becomes usable (step S64). As a result, the secret key is transmitted to the second encryption processing unit 104, and encryption or decryption becomes possible.

On the other hand, if the user who is not authorized
When a finger is applied to one electrode portion, the finger illuminating unit 102
It is determined whether or not the input finger information data is registered in reference finger data storage unit 105. In this case, since the corresponding reference data has not been registered, the matching does not match, the predetermined control signal is not given to the switch unit 103, the switch unit 103 remains open, and therefore, the secret key storage unit 106 The data of the secret key cannot pass through the switch unit 106, thereby prohibiting the use of the secret key.

Here, an example of a sensor unit provided in each device for registering or collating finger information data, such as the sensor unit 101, will be described. Next, an example of collation determination processing by the collation unit 102 will be described.

FIG. 16 is a diagram showing a specific example of the electrode portion of the sensor section 101. As shown in FIG. (A) is a schematic view from the side, and (b) is a schematic view from the top. In the figure, reference numeral 3 denotes a substrate, on the surface of which a plurality of linear contact electrodes 2 are provided in a one-dimensional array. Also,
Each linear contact electrode 2 is connected to an electrode extraction pad 5. As a material of the substrate 3, for example, a printed circuit board material such as glass epoxy, a ceramic plate, a thin metal plate coated with an insulating material, or the like is used. The material of the linear contact electrode 2 is, for example, a conductive material that is not immersed in body fluid such as sweat from human skin, such as Cu thin film, Au thin film, Ni plated thin film, Pt thin film, or Pd thin film. It is desirable. The interval between the linear contact electrodes 2 is about 1/10 mm. In addition, it is usually preferable that the number of the linear contacts 2, that is, the length in the longitudinal direction of the electrode array completely include the second joint from the tip of the finger.

According to the sensor unit 101 having the surface shape sensor configured as described above, when the finger 1 whose finger information data is to be detected is pressed against the linear contact 2 in a direction perpendicular to the electrode arrangement direction. Since the resistance between the linear contact electrodes 2 changes in accordance with the amount of the convex portion of the fingerprint contacting the adjacent linear contact electrodes 2, a one-dimensional resistance distribution is generated. The resistance value of the finger surface between the adjacent linear contactor electrodes 2 is sequentially read from each electrode extraction pad 5 in the longitudinal direction of the finger 1.

FIG. 17 is an equivalent circuit of a resistance value distribution detecting portion of the sensor unit 101 for explaining the principle of measuring the resistance value distribution on the finger surface.

I + 1 linear contact electrodes 2 _n (1 ≦ n ≦
When a finger is pressed against (i + 1), the resistance value R _n between the linear contact electrodes 2 is changed according to the amount of the convex portion of the fingerprint contacting the adjacent linear contact electrodes 2 _n and 2 _{n + 1.} Change. Between two adjacent linear contact electrodes 2 _n, 2 n _{+ 1,} as shown, and a reference resistor R _ref and the constant voltage source V _o is connected via the analog switch. The potential difference V _n across the reference resistor R _ref in this case is given by the following equation.

[0076] Switch the _{V n = R ref · V o} (R ref / R n) analog switches, sequentially reads the potential difference V _n in the longitudinal direction of the finger, a resistance value R _n calculated from the potential difference V _n Fig. 1
As shown in FIG. 8, finger information data represented by a resistance value distribution in the longitudinal direction of the finger can be obtained.

Next, an example of the collation judging process by the collating unit 102 will be described.

The collation unit 102 collates the finger information data input from the sensor unit 101 with the finger information data registered in the finger reference data storage unit 105. Since the finger information data is one-dimensional data, high-speed and high-precision matching can be performed by applying a process based on correlation.

In this case, first, the collating section 102 first executes FIG.
Each of the finger information data collated with the registered finger information data is subjected to a filtering process (band-pass filter) for i, and then the registered finger information data a after the processing and the finger information collated after the processing The data b is compared by the following evaluation function f (t).

[0080] _{f (t) = Σ i =} i1~i2 {a (i) -b (i + t)} 2 / Σ i = i1~i2 a 2 (i) s = min -t1 <t <t1 {f ( t)｝ That is, a square error when both are shifted by t is obtained, and a position where f (t) becomes minimum is obtained as a position that best matches. And f at that time
Let (t) be the collation value s. The smaller the collation value s, the better the two features compared.

The collating unit 102 determines a predetermined threshold value as r, and if s <r, determines that the persons are the same person,
Otherwise, it is determined that the person is different.

Usually, r is set to about 0.5 or 0.6. In this case, it is possible to maintain the false recognition rate of about 95% while maintaining the false exclusion rate of 99% or more.

The value of s slightly changes due to the growth of the body and the like, but is not so large as to change every month. However, since there is a large change such as a child in the growth period, it is desirable to update the registration information at an appropriate timing.

In the above description, the registered finger information data is subjected to the filtering process at the time of the collation process. Instead, the filtering process is performed before the registration, and the finger information data after the filtering process is registered. May be.

Next, an information processing system for encrypting data will be described.

As shown in FIG. 1, an information processing apparatus 113 for encrypting data includes a temporary key generation unit 108, a first encryption processing unit 111, and a storage unit 112.

The temporary key generating section 108 generates a temporary key used for encrypting data. Further, the temporary key generation unit 108 generates a temporary key at least for each data using a random number generated by a random number generator (not shown). The random number generator may generate a random number based on time information obtained from a clock (not shown) at a predetermined timing, for example. Further, it is desirable to generate and use a different key for the same data every time this data is encrypted. The random number generator may be provided on the information processing device 113 side or on the device device 107 side. This temporary key is also passed to the device 107 via the interface unit.

At the time of encryption, the first encryption processing unit 111 uses the temporary key generated by the temporary key generation unit 108 to
Encrypt the data to be encrypted.

The data to be encrypted is stored in the storage device 1
12 or may be obtained through a wired or wireless communication line, may be created or edited on the information processing apparatus, or may be a video device or an audio device. May be directly taken into the information processing apparatus from the Internet.

The temporary key generated by the temporary key generating unit 108 is sent to the device 107, and when the personal key is passed, the temporary key is encrypted by the secret key in the device 107 and the temporary key encrypted by the secret key. The key is the device 107
Is sent to the information processing apparatus 113.

The storage unit 112 is, for example, a storage device such as a built-in hard disk of the information processing device 113.

The data encrypted with the temporary key is sent to storage section 112 together with the temporary key encrypted with the secret key, and storage section 112 associates the encrypted data with the encrypted temporary key. save.

As shown in FIG. 1, the device 107 for encrypting data includes a biometric information detecting unit 1.
01, a matching unit 102, a switch unit 103, a second encryption processing unit 104, a reference finger data storage unit 105, and a secret key storage unit 106.

The device device 107 has a function of storing the information of the secret key, and encrypts the temporary key passed from the information processing device 113 without exposing the data of the secret key to the outside of the device. Is performed in its own device, and only the result is returned to the information processing device 113.

The device unit 107 performs a personal authentication as to whether or not the user is a valid user by collating biometric information (finger information data), and makes it possible to use a secret key only when the collation is successful. have.

The biometric information detection unit 101, the collation unit 102, the switch unit 103, the reference finger data storage unit 105, and the secret key storage unit 106 are the same as described above. Is provided to the second encryption processing unit 104 via the switch unit 103.

The second encryption processing unit 104 receives the temporary key transmitted from the information processing device 113 via the interface unit, and encrypts the temporary key with the secret key transmitted from the switch unit 103.

The temporary key encrypted with the secret key is transmitted to the information processing device 113.

Next, the operation of the information processing system at the time of encryption will be described.

FIG. 2 shows an example of an operation procedure of the information processing apparatus at the time of encryption, and FIG. 3A shows an example of an operation procedure of the device at the time of encryption.

On the information processing apparatus 113 side, first, a temporary key is generated by the temporary key generation unit 108 (step S11).
The first encryption processing unit 111 encrypts the plaintext data to be encrypted with the temporary key (step S1).
2) The temporary key encryption is transmitted to the device 107 (step S13).

Here, it waits for the transmission of the temporary key encrypted with the secret key from the device 107 (step S).
14).

If the encrypted temporary key is stored in the device 1
07 (step S15), the encrypted data and the encrypted temporary key are stored in the storage unit 112 in association with each other (step S16).

If it is determined that an encrypted temporary key cannot be obtained (step S15), the process is terminated abnormally.
In addition, the judgment that the encrypted temporary key cannot be obtained
For example, (1) a method of waiting for reception for a predetermined time in step S14, and judging that an encrypted temporary key cannot be obtained if no transmission has been made within that time;
(2) A method of transmitting information indicating that an explicitly encrypted temporary key cannot be transmitted from the device device 107, or the like.

The order of execution of the encryption in step S12 and the transmission in step S13 is arbitrary.

Further, the transmission in step S13 is performed first, and
Only when the encrypted temporary key is obtained, the step S
Twelve encryptions may be performed.

On the other hand, on the device device 107 side, finger information data is input from the sensor unit 101 (step S2).
1) The user is authenticated by the collation unit 102 and the finger reference data storage unit 105 (step S22). If it is determined that the user is valid (step S23), the switch unit 1
03 is closed and the private key becomes usable (step S
24).

Then, the second encryption processing unit 104
The temporary key received from the information processing device 113 in step S25 is encrypted with the secret key that has become available (step S26), and the encrypted temporary key is transmitted to the information processing device 113 (step S27).

If it is determined in step S23 that the secret key is not valid, the secret key is made unusable, and the process ends abnormally. If the processing ends abnormally, the information processing apparatus 113
May be transmitted to the user to the effect that an explicitly encrypted temporary key cannot be transmitted.

In the procedure of FIGS. 2 and 3A, the authentication processing of steps S21 to S23 of FIG. 3A is performed first, and after this authentication is successful, another processing is started. You may do it.

Further, when the use of the secret key becomes necessary, an instruction may be issued from the system side to request the user to authenticate (put a finger on the electrode portion of the sensor unit).

By the way, the procedure of FIG. 3A relates the encryption process and the authentication process.
In the case where the authentication processing as shown by is performed without relating to the encryption processing, the procedure for encrypting the device 107 is, for example, as shown in FIG.

That is, the temporary key is received from the information processing apparatus 113 (step S121). At this time, if the secret key is usable (step S122), the temporary key is encrypted with the secret key (step S123). The temporary key encrypted with the key is transmitted to the information processing device 113 (step S124).

On the other hand, if the secret key cannot be used (step S122), the process ends abnormally.

In this case as well, when it becomes necessary to use the secret key, the system issues an instruction to the user to authenticate (put a finger on the electrode part of the sensor unit) and asks the user to authenticate. After the key becomes available, step S12
Third and subsequent steps may be executed.

Here, a description will be given of the timing at which the secret key is made unusable after being made usable.

Various methods can be considered for the timing at which the secret key is made unusable (that is, the switch section is opened).

For example, once the secret key is made usable, until the user explicitly gives a command to make the secret key unusable, or the device unit 107 is detached from the information processing unit 113. Until, it may be usable. Further, the switch unit may be opened each time encryption is completed once.

Here, the decryption of the encrypted data requires the decryption of the temporary key encrypted with the secret key and the extraction of the temporary key. You can extract plaintext data. Needless to say, it is extremely difficult to decrypt the temporary key and the secret key from information such as the data encrypted with the temporary key and the temporary key encrypted with the secret key.

Further, even if the device in which the secret key is stored is used illegally, an unauthorized user whose finger information data is not registered cannot pass the authentication, so that the secret key can be used. Cannot decrypt the encrypted data.

Since the temporary key is generated at least for each data, even if the temporary key of certain encrypted data is decrypted, other encrypted data cannot be decrypted with the temporary key.

Next, an information processing system for decrypting encrypted data will be described.

FIG. 4 shows a configuration example of the information processing apparatus, and FIG.
FIG. 6 shows an example of an operation procedure of the information processing apparatus, and FIG. 6A shows an example of an operation procedure of the device apparatus.

The information processing system for decrypting encrypted data is similar to the information processing system for encrypting data described above in many respects in terms of both configuration and operation. Mainly the differences will be described.

The information processing apparatus 113 of FIG. 4 includes a first encryption processing unit 111 and a storage unit 112. Here, unlike FIG. 1, the temporary key generation unit 108 is unnecessary.

The storage unit 112 stores the data encrypted with the temporary key and the temporary key encrypted with the secret key in association with each other.

The encrypted temporary key corresponding to the encrypted data to be decrypted is sent to the device unit 107, and when the personal key is passed, the encrypted temporary key is decrypted by the secret key in the device unit 107 and the decrypted temporary key is decrypted. Is sent from the device device 107 to the information processing device 113.

At the time of decryption, the first cryptographic processing section 111 decrypts the encrypted data to be decrypted with the temporary key decrypted by the device 107. Thus, data can be obtained in the original plain text.

The device device 107 shown in FIG. 4 includes a biological information detecting unit 101, a collating unit 102, a switch unit 103,
A second encryption processing unit 104, a reference finger data storage unit 105,
A secret key storage unit 106 is provided.

The difference from FIG. 1 is that the second encryption processing unit 1
04 is an information processing device 113 via the interface unit.
The only difference is that the encrypted temporary key transmitted from the switch unit 103 is received and decrypted with the secret key transmitted from the switch unit 103.

This decrypted temporary key is stored in the information processing device 1
13 is transmitted.

Next, with reference to FIG. 5 and FIG. 6A, the operation of the information processing system at the time of encryption will be described.

The information processing apparatus 113 reads out the encrypted data and the encrypted temporary key (step S3).
1) The encrypted temporary key to be decrypted is
07 (step S32).

Here, the process waits until the decrypted temporary key is transmitted from the device 107 (step S33).

If the decrypted temporary key is stored in the device 10
7 (step S34), the first encryption processing unit 111 decrypts the encrypted data with the temporary key (step S35).

If it is determined that the decrypted temporary key cannot be obtained (step S34), the process ends abnormally. The determination that the decrypted temporary key cannot be obtained is made, for example, by (1) waiting for reception for a predetermined time in step S33, and decrypting the temporary key if it has not been transmitted within that time. (2) a method of transmitting information indicating that an explicitly decrypted temporary key cannot be transmitted from the device device 107, or the like.

On the other hand, on the device device 107 side, finger information data is input from the sensor unit 101 (step S4).
1) The user is authenticated by the collation unit 102 and the reference finger data storage unit 105 (step S42). If it is determined that the user is valid (step S43), the switch unit 1
03 is closed and the private key becomes usable (step S
44).

Then, the second encryption processing unit 104
The encrypted temporary key received from the information processing device 113 in step S45 is decrypted with the available private key (step S46), and the decrypted temporary key is transmitted to the information processing device 113 (step S47). ).

If it is determined in step S43 that the secret key is not valid, the secret key is determined to be unusable, and the process ends abnormally. If the processing ends abnormally, the information processing apparatus 113
May be transmitted to the server to the effect that the explicitly decrypted temporary key cannot be transmitted.

In the procedure of FIGS. 5 and 6A, the authentication processing of steps S41 to S43 of FIG. 6A is performed first, and after this authentication is successful, another processing is started. You may do it.

When the use of the secret key becomes necessary, the system may issue an instruction to request the user to authenticate (put a finger on the electrode portion of the sensor unit).

The procedure shown in FIG. 6A has a relationship between the decryption process and the authentication process. However, when the authentication process as shown in FIG. 19 is performed without relating to the decryption process. For example, the procedure at the time of decryption by the device device 107 is as shown in FIG.

That is, the temporary key encrypted with the secret key is received from the information processing device 113 (step S141).
At this time, if the secret key is usable (step S14)
2), decrypt the temporary key with the secret key (step S143),
The decrypted temporary key is transmitted to the information processing device 113 (step S144).

On the other hand, if the secret key cannot be used (step S142), the process ends abnormally.

In this case as well, when the use of the secret key becomes necessary, the system issues an instruction to request the user to authenticate (put a finger on the electrode part of the sensor unit), and After the key becomes available, step S14
Third and subsequent steps may be executed.

Here, the timing at which the secret key is made unusable after it is made available will be described.

Various methods can be considered for the timing of disabling the secret key (ie, opening the switch unit).

For example, once the secret key is made usable, until the user explicitly gives a command to disable the secret key, or until the device 107 is removed from the information processing apparatus 113. , May be usable. Further, the switch unit may be opened each time decoding is completed once.

The embodiment of the present invention has been described above. When the present invention is applied to an information processing apparatus, FIG.
It is preferable to have both the encryption function described in FIG. 4 and the decryption function described in FIG. 4 or the like, but it is possible to have only the encryption function or only the decryption function. Similarly, when the present invention is applied to a device with a processing function, it is preferable to have both the encryption function described with reference to FIG. 1 and the like and the decryption function described with reference to FIG. 4 and the like. Alternatively, only the decryption function may be provided.

Next, an example of the device configuration of the information processing system according to this embodiment will be described.

FIG. 7 shows the device 107 of FIGS. 1 and 4.
Here is an example of the overview. 7, reference numeral 301 denotes an overview of the device 107 shown in FIGS. 1 and 4 as viewed from above, 302 denotes an electrode portion of the sensor unit 101 for measuring a one-dimensional resistance distribution of a user's finger, and 303 Is a connector unit for connecting to the information processing device 113.

FIG. 8 is an overview of the device 107 of FIG. 7 as viewed from below. In the figure, reference numeral 304 denotes each component of the device device 107, that is, a part of the sensor unit 101 which generates a finger information data by receiving a signal from the electrode unit 302, a collation unit 102 which performs collation, and a registered finger. Conceptually, several IC chips containing a reference finger data storage unit 105 for storing information data, a secret key storage unit 106, a second encryption processing unit 109, a switch unit 103, and the like are provided. This is shown in FIG. In practice, it is preferable that the IC chip is sealed inside the device 107. Further, the number of IC chips may be one.

The electrode part 30 attached to the upper surface of FIG.
2 and the IC chip mounted on the lower surface or inside are connected inside the device 301.

FIG. 9 shows the information processing apparatus 113 shown in FIGS.
An example of a method of attaching and detaching the device device 107 to and from the device will be described. FIG.
As shown in FIG.
The connector section 303 is provided in
And use it. It is preferable to remove and store it after the processing is completed.

According to the present embodiment as described above, by using biometric information such as finger information data unique to an individual instead of a password for user authentication, access from anyone other than a legitimate user is rejected, and As a result of the comparison, the secret key required for encryption and decryption can be used only when the user is found to be legitimate. For this reason, even if there is an unauthorized access, it becomes impossible for a third party to view the data stored in the computer. Of course, the third party cannot encrypt the data and store it in the computer.

Also, since the key actually used for encryption is not a secret key but a temporary key generated each time, the encryption key differs at least for each data, and the encryption key is changed every time data is stored. Therefore, it is impossible to decipher the ciphertext data even by making full use of the deciphering technology that has been progressing in recent years.

Also, the temporary key used for encryption is encrypted by the secret key and stored, and the stored temporary key changes every time. Therefore, it is necessary for a third party to decrypt the encrypted temporary key. Is almost impossible. Therefore, for example, if a mobile terminal is misplaced or stolen,
Data can be prevented from being used by others.

Next, another embodiment of the information processing system according to the present embodiment will be described.

In the present embodiment, the secret key storage unit 106 in the previous embodiment is stored in an external storage device such as an IC card, or the secret key storage unit 106 and the switch unit 10 are stored.
3 and the second encryption processing unit 104 are stored in an external storage device such as an IC card having a processing function, and the other components are provided in an IC card reader or an IC card reader / writer. Since the essential components, their operations and their matters are the same as those of the previous embodiment, the following description focuses on the differences from the previous embodiment.

FIG. 10 shows an overview of an information processing system according to another embodiment. In FIG. 10, reference numeral 601 denotes an IC card on which a secret key is recorded, and 602 denotes an IC card reader or an IC card reader / writer. The IC card reader (or IC card reader / writer) 602 includes:
A sensor 603 for inputting finger information data (electrode portion of the sensor unit 101 in FIGS. 1 and 4) is attached.
02, IC containing reference finger data storage unit 105
604 is embedded.

The user of the information processing device 605 inserts the card reader 603 into the information processing device 605, inserts the IC card 601 in which his / her private key is recorded into the card reader 602, and puts a finger on the sensor 603. Thus, data can be encrypted or decrypted.

FIG. 11 shows an example of a configuration in which the secret key storage section 106 is stored in the IC card 200 in the configuration of FIG. FIG. 12 shows the secret key storage unit 106 in the configuration of FIG.
A configuration example in the case where the data is stored in 0 is shown. In any case, when the IC card is mounted on the IC card reader which is the device device 107, the configuration and operation are the same as those of the above embodiment. 11 and 12 are different in that the device device 107 has a connector for connecting the IC card 200 and the like, and that the device device 107 has a function of reading a secret key from the IC card 200.

FIG. 13 shows a configuration example in which the secret key storage unit 106, the switch unit 103, and the second encryption processing unit 104 are stored in the IC card 200 in the configuration of FIG. . Further, FIG. 14 shows that the secret key storage unit 106, the switch unit 103 and the second
A configuration example in the case where the portion of the encryption processing unit 104 is stored in the IC card 200 is shown. In each case, I
When the C card is mounted on the IC card reader / writer, which is the device device 107, the configuration and operation are the same as those of the previous embodiment. 13 and 14, the device device 107 has a connector for connecting the IC card 200, the device device 107 has a function of communicating with the IC card 200, and a predetermined control signal output from the matching unit 102. The difference is that the device device 107 is transmitted from the device device 107 to the IC card 200, and that the device device 107 only relays data between the information processing device 113 and the IC card 200.

Although the other embodiments of the present invention have been described above, when the present invention is applied to an information processing apparatus, it is preferable to have both an encryption function and a decryption function.
It may have only the encryption function, or may have only the decryption function. Similarly, when the present invention is applied to a device with a processing function, it is preferable to have both an encryption function and a decryption function, but it may have only an encryption function or may have only a decryption function.

Next, still another embodiment of the information processing system according to the present embodiment will be described.

In each of the embodiments described above, the temporary key generator is provided in the information processing apparatus. However, in FIGS. 1, 11, and 13, the temporary key generator is provided in the device. 11 and 13
In, the temporary key generator may be provided in the IC card.

In these cases, the basic components, their operations, and their matters are the same as those of the previous embodiment, and therefore, the following description will focus on the differences from the previous embodiment.

In the case where the temporary key generation section is provided in the device in FIG. 1 or FIG. 11, the temporary key and the temporary key encrypted with the secret key are transmitted from the device to the encryption processing section.

In FIG. 13, when the temporary key generation unit is provided in the device, the temporary key is transmitted from the device to the IC card, is encrypted in the IC card, and is transmitted from the IC card to the information processing apparatus using a secret key. The encrypted temporary key is sent.

In FIG. 11, when the temporary key generation unit is provided in the IC card, the temporary key is transmitted from the IC card to the device, is encrypted in the device, and is transmitted from the device to the information processing apparatus using a secret key. The encrypted temporary key is sent.

In FIG. 13, when the temporary key generator is provided in the IC card, the temporary key is generated and encrypted in the IC card, and the temporary key encrypted with the secret key is transmitted from the IC card to the device. Then, the temporary key encrypted with the secret key is transmitted from the device device to the information processing device.

Next, FIG. 1, FIG. 4, FIG. 11, FIG.
3. Registration of the user's finger information data in the reference finger data storage unit 105 of the device device 107 in each of the embodiments shown in FIG. Registration and additional registration) will be described.

FIG. 15 shows an example of the procedure of initial registration and additional registration.

In the present embodiment, when there is no registered data in the reference finger data storage unit 105 of the device device 107, for example, when the device is shipped from a factory, the reference finger data is set to a predetermined initial value in advance. Shall be entered.
The value of the initial setting may be, for example, all 1 or 0. In the present embodiment, the initial setting values are all 1.

When the user attempts to register, it is determined whether the reference finger data is all 1 or whether the reference finger data has already been registered (step S51).

If it is determined that all the reference finger data is 1, a password is requested, for example, to determine whether the user is a valid user (step S52).
For example, as the password, there is a means that uses a password already registered in the computer by a valid user, or a unique number or a character may be attached to the sensor device of the finger information data, and the password may be input. The password is required only when the reference finger data is all ones.

If the password is correct, new reference finger data can be registered (step S53).

On the other hand, if the reference finger data has already been registered and is not all 1, the user is requested to input biometric information (finger information data) (step S54). A registered user inputs finger information data in the above-described procedure. If it is determined that the input finger information data matches the registered reference finger data, new reference finger data can be registered (step S55).

Then, if any of the above conditions is satisfied, the user to be registered puts finger information data on the electrode portion of the sensor unit 101 of the device device 107, and
Finger information data is generated by the sensor unit (step S
56), and this is registered in the reference finger data storage unit 105 (step S57).

When the finger reference data is registered in the reference finger data storage unit 105 without adding identification information, only one finger information data may be registered in the reference finger data storage unit 105 (in this case) , Overwritten upon additional registration), a plurality of finger information may be registered.

In the case where a plurality of finger information can be registered, additional registration after the maximum set number of finger information data is registered is overwritten.

When the identification information is added to the finger reference data and registered in the reference finger data storage unit 105, a plurality of finger information can be registered in the reference finger data storage unit 105.
In this case, update (overwrite) or deletion by designating identification information may be made possible.

When the identification information is registered in the reference finger data storage unit 105 in the finger reference data, the identification information may not be added to the finger information data, and the registration processing may be closed in the device device 107 and performed. The device 10
7 may be connected to a computer, and processing such as registration may be performed using the computer as identification information instruction means and registered identification information list display means. Also, the device 107
May be provided with a function of designating identification information and a function of displaying a list of registered identification information, and processing such as registration may be performed with the device apparatus 107 closed.

The reference finger data may be registered as a plurality of pieces of finger information data in consideration of, for example, a case where the user cannot injure the finger and put the finger used for registration on the sensor unit. Is also good.

[0185] Authentication may be performed using a plurality of finger information data, and the secret key may be used when all of the information has passed the authentication.

Hereinafter, effects and the like of each embodiment will be described collectively.

According to each of the embodiments described above, by using biometric information, particularly finger information data, specific to an individual instead of a password for user authentication, access from anyone other than a legitimate user is rejected, and As a result of the comparison, the secret key required for encryption and decryption can be used only when the user is found to be legitimate. For this reason, even if there is an unauthorized access, it becomes impossible for a third party to view the data stored in the computer. Of course, the third party cannot encrypt the data and store it in the computer.

Further, since the encryption and decryption of the temporary key are performed outside the information processing device, the secret key and the information processing device are separated, and the secret key can be handled safely. For example,
Even if an unauthorized third party accesses the information processing apparatus, the secret key does not exist in the information processing apparatus, so that the secret key is not stolen.

Also, since the key actually used for encryption is not a secret key but a temporary key generated each time, the encryption key differs for each data, and the encryption key must be changed each time data is stored. Therefore, it is impossible to decipher the ciphertext data even by making full use of the decipherment technology that has been advanced in recent years.

The temporary key used for encryption is encrypted and stored by the secret key, and the stored temporary key changes each time. Therefore, it is necessary for a third party to decrypt the encrypted temporary key. Is almost impossible. Therefore, for example, if a mobile terminal is misplaced or stolen,
Data can be prevented from being read by others.

Further, when registering finger information data to be used for collation, since the person to be registered can be registered after being authenticated as a valid user, the third party can illegally register himself / herself. I can't do it.

Further, since a plurality of finger information data can be registered as reference finger data, it is possible to enable only a specific user to encrypt or decrypt data.
It is also possible that only certain groups, for example members of a section of the company, can encrypt or decrypt data.

When an arbitrary encryption method is used, an encryption method can be freely selected by adding an encryption method identifier as a header to the encrypted data.

Here, another use example of the information processing system according to the present embodiment will be described. For example, a plurality of information processing apparatuses according to the present embodiment are connected to a LAN or the like. It is also assumed that a file management device for storing and managing files is connected to this LAN. The user of each information processing apparatus creates a file including a pair of the encrypted data and the encrypted temporary key using the device or the device and the external storage device, and performs the above-described file management via the LAN. Save to device. As a result, the encrypted file can be decrypted if the user has the corresponding private key and the finger information data is registered. In this way, it is possible to construct a system for safely sharing the encrypted file.

In each of the above embodiments, the secret key can be used when it passes the authentication. Instead, the operation of another part, for example, the part for performing the encryption processing or the decryption processing is performed. May be enabled.

In each of the above embodiments, other biometric information such as a fingerprint, a voiceprint, and an iris may be used for personal authentication. However, a device that can be mounted on a device is preferable.

The above functions can also be realized as software. Further, the present invention can be embodied as a machine-readable medium storing a program for causing a computer to execute the above-described procedures or means.

The present invention is not limited to the above-described embodiments, but can be implemented with various modifications within the technical scope thereof.

[0199]

According to the present invention, a private key required for encryption and decryption can be used only when the user is authenticated by user authentication using biometric information that can be identified individually. Therefore, a third party who has not been registered cannot view the encrypted data stored in the information processing device, and cannot encrypt the data and store it in the information processing device.

Further, the key actually used for encryption is not a fixed secret key but a generated temporary key, so that the key can be changed for each data or each time encryption is performed, and this temporary key is Since it is encrypted and stored with the private key, it is extremely difficult for a third party who is not registered to decrypt the secret key and the temporary key, and that the third party decrypts the ciphertext data. Is impossible. As a result, even if the information processing device storing the encrypted data therein passes to a third party, it is possible to prevent the third party from using the encrypted data.

Further, when registering biometric information data to be used for verification, since the registration can be performed after authenticating the validity of the registrant, the third party can illegally authenticate the biometric information of himself / herself. You cannot register with.

[Brief description of the drawings]

FIG. 1 is a diagram showing a configuration example of an information processing system when data is encrypted and stored according to an embodiment of the present invention;

FIG. 2 is a flowchart showing an example of an operation procedure of the information processing apparatus of FIG. 1;

FIG. 3 is a flowchart showing an example of an operation procedure of the device shown in FIG. 1;

FIG. 4 is a diagram showing an example of the configuration of an information processing system when reading and decoding data according to an embodiment of the present invention;

FIG. 5 is a flowchart illustrating an example of an operation procedure of the information processing apparatus in FIG. 4;

6 is a flowchart showing an example of an operation procedure of the device shown in FIG.

FIG. 7 is a diagram showing a configuration example of an information processing system according to an embodiment of the present invention.

FIG. 8 is a diagram showing a configuration example of an information processing system according to an embodiment of the present invention.

FIG. 9 is a diagram showing a configuration example of an information processing system according to an embodiment of the present invention.

FIG. 10 is a diagram showing a configuration example of an information processing system according to an embodiment of the present invention.

FIG. 11 is a diagram showing another configuration example of an information processing system when data is encrypted and stored according to an embodiment of the present invention;

FIG. 12 is a diagram showing another configuration example of the information processing system when reading and decoding data according to an embodiment of the present invention;

FIG. 13 is a diagram showing still another configuration example of the information processing system when data is encrypted and stored according to an embodiment of the present invention.

FIG. 14 is a diagram showing still another configuration example of the information processing system when reading and decoding data according to an embodiment of the present invention.

FIG. 15 is a flowchart showing a user registration procedure;

FIG. 16 is a diagram showing a configuration example of an electrode portion of a sensor unit.

FIG. 17 is a diagram for explaining the principle of measuring the resistance value distribution on the finger surface;

FIG. 18 is a diagram illustrating an example of finger information data obtained by a sensor unit;

FIG. 19 is a flowchart illustrating an example of a procedure of an authentication process;

[Explanation of symbols]

 DESCRIPTION OF SYMBOLS 1 ... Finger 2 ... Linear contact electrode 3 ... Substrate 5 ... Pad 101 ... Sensor part 102 ... Collation part 103 ... Switch part 104 ... Second encryption processing part 105 ... Reference finger data storage part 106 ... Private key storage part 107 ... device device 108 ... temporary key generation unit 109 ... temporary key 110 ... encrypted temporary key 111 ... first encryption processing unit 112 ... storage unit 113 ... information processing device 114 ... decrypted temporary key 115 ... plaintext data 200 ... IC card 300 ... Information processing device main body 301 ... Device device main body 302 ... Electrode part of sensor unit 303 ... Connector 304 ... IC chip 320 ... Connection unit 601 ... IC card 602 ... IC card reader (IC card reader / writer) 603 ... Sensor 604: IC chip 605: Information processing device body

 ──────────────────────────────────────────────────続 き Continued on the front page (72) Inventor Hideo Shimizu 70 Yanagicho, Saiwai-ku, Kawasaki City, Kanagawa Prefecture Inside the Toshiba Yanagimachi Plant Co., Ltd.

Claims (17)

[Claims] 1. A device device having a processing function capable of communicating with an information processing device for encrypting data with a temporary key, comprising: secret key storage means for storing a secret key; Biometric information input means for generating biometric information; reference biometric information storage means in which the biometric information for a predetermined user is registered in advance; biometric information obtained by the biometric information input means is stored in the reference biometric information storage means. It is checked whether or not it is the same as the registered biometric information, and only when it is determined that the biometric information is the same, means for enabling the secret key, and a temporary key passed from the information processing apparatus. Processing means for encrypting using the secret key which has become available, and means for transmitting a temporary key encrypted with the secret key to the information processing apparatus. Attached Chair apparatus. 2. A device device having a processing function capable of communicating with an information processing device for encrypting data with a temporary key, comprising: means for connecting an external storage device for storing a secret key; Biometric information input means for detecting the biometric information for a predetermined user, reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, and the biometric information obtained by the biometric information input means is the reference biometric information Means for enabling the secret key to be used only when it is determined that the biometric information is the same as the biometric information registered in the storage means, Encrypting means for encrypting a temporary key using the secret key stored in the external storage device which has become available; means for transmitting the temporary key encrypted with the secret key to the information processing apparatus The processing function device apparatus comprising the. 3. A device device having a processing function capable of communicating with an information processing device for encrypting data with a temporary key, comprising: a secret key storing means for storing a secret key; Biometric information input means for generating biometric information; reference biometric information storage means in which the biometric information for a predetermined user is registered in advance; biometric information obtained by the biometric information input means is stored in the reference biometric information storage means. Means for checking whether or not the information is the same as registered biometric information, and only when it is determined that the information is the same, enabling the secret key to be used; and temporary key generating means for generating a predetermined temporary key Encryption means for encrypting the generated temporary key using the secret key which has become available; and transmitting the generated temporary key and the temporary key encrypted with the secret key to the information processing apparatus. Means to do A device device having a processing function. 4. A device device having a processing function capable of communicating with an information processing device for encrypting data with a temporary key, comprising: means for connecting an external storage device for storing a secret key; Biometric information input means for detecting the biometric information for a predetermined user, reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, and the biometric information obtained by the biometric information input means is the reference biometric information Means for checking whether the biometric information is the same as the biometric information registered in the storage means, and only when it is determined that the biometric information is the same, means for enabling the use of the secret key; Key generation means; encryption means for encrypting the generated temporary key using the secret key stored in the external storage device which has become usable; and encryption with the generated temporary key and secret key. Is Means for transmitting the temporary key to the information processing apparatus. 5. A device device having a processing function capable of communicating with an information processing device for decrypting data encrypted with a temporary key, comprising: secret key storage means for storing a secret key; Biometric information input means for detecting the biometric information for a predetermined user, reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, and the biometric information obtained by the biometric information input means is the reference biometric information Means for enabling the secret key to be used only when it is determined that the biometric information is the same as the biometric information registered in the storage means, Decoding means for decoding a temporary key encrypted with a secret key using the secret key that has become available, and means for transmitting the decoded temporary key to the information processing apparatus. Features and That processing function with the device unit. 6. A device device having a processing function capable of communicating with an information processing device for decrypting data encrypted with a temporary key, comprising: means for connecting an external storage device for storing a secret key; Biometric information input means for detecting a predetermined physical quantity and generating biometric information, reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, and biometric information obtained by the biometric information input means, Means for checking whether or not the biometric information is the same as the biometric information registered in the reference biometric information storage means, and only when it is determined that the biometric information is the same, means for making the secret key usable; and Decryption means for decrypting the passed temporary key encrypted with the secret key using the secret key stored in the external storage device which has become available; and processing the decrypted temporary key for the information processing. Processing function device system characterized by comprising a means for transmitting to the location. 7. A device device with a processing function according to claim 1 or 2, a temporary key generating means for generating a predetermined temporary key, and encryption for encrypting desired data using the generated temporary key. Means and a temporary key encrypted with a secret key, which is generated by passing the temporary key to the device device with a processing function, and stored in a storage device in association with the data encrypted with the temporary key. An information processing system comprising: an information processing apparatus having means for performing 8. A device with a processing function according to claim 3 or 4, encryption means for encrypting desired data using a temporary key received from the device with a processing function, and a device with the processing function And a means for storing a temporary key encrypted with the secret key received from the device device in a storage device in association with the data encrypted with the temporary key. Information processing system. 9. A device with a processing function according to claim 5 or 6, further comprising: a temporary key used for encrypting desired encrypted data to be decrypted, the temporary key being encrypted with a secret key. What
An information processing apparatus having means for decrypting data encrypted with the temporary key using a temporary key passed to the device with the processing function and decrypted. . 10. An information processing system comprising: an information processing device and a device device having a processing function capable of communicating with each other; and an external storage device having a processing function capable of communicating with the device device having the processing function. The information processing apparatus includes: a temporary key generation unit configured to generate a predetermined temporary key; an encryption unit configured to encrypt desired data using the generated temporary key; and the device key with the processing function. A temporary key encrypted with a secret key, which is passed to the storage device, and storing the temporary key in a storage device in association with the data encrypted with the temporary key. Biometric information input means for detecting a predetermined physical quantity capable of personal identification and generating biometric information; reference biometric information storage means for pre-registering the biometric information for a predetermined user; The biometric information obtained by the force means is compared with the biometric information registered in the reference biometric information storage means to determine whether or not the biometric information is the same, and only when it is determined that the biometric information is the same, a predetermined control signal is output. Means for transmitting to the external storage device with the processing function, and a temporary key encrypted with a secret key, which is generated by passing the temporary key passed from the information processing device to the external storage device with the processing function. Means for transmitting to the information processing apparatus, wherein the external storage device with a processing function comprises: a secret key storage device for storing a secret key; and when a predetermined control signal is given from the device device with a processing function. Only, means for enabling the secret key, and a temporary key passed from the device device with a processing function,
Information comprising: an encrypting unit for encrypting using the secret key that has become available; and a unit for transmitting a temporary key encrypted with the secret key to the device device with a processing function. Processing system. 11. An information processing system comprising: an information processing apparatus and a device with a processing function that can communicate with each other; and an external storage device with a processing function that can communicate with the device with the processing function. The device device with a processing function includes: a biometric information input unit configured to detect a predetermined physical quantity that can be individually identified to generate biometric information; a reference biometric information storage unit that pre-registers the biometric information for a predetermined user; The biometric information obtained by the information input means is compared with the biometric information registered in the reference biometric information storage means to determine whether it is the same, and only when it is determined to be the same, the predetermined control Means for transmitting a signal to the external storage device with the processing function; temporary key generation means for generating a predetermined temporary key; generated temporary key; Means for transmitting, to the information processing device, a temporary key encrypted with a secret key, which has been generated by being handed over to the attached external storage device, wherein the external storage device with a processing function stores the secret key. Secret key storage means, means for enabling the secret key only when a predetermined control signal is given from the device with processing function, and a temporary key passed from the device with processing function,
Encrypting means for encrypting using the secret key which has become available, and means for transmitting a temporary key encrypted with the secret key to the device device with a processing function, wherein the information processing apparatus comprises: Encrypting means for encrypting desired data using the temporary key received from the device with the processing function; and transmitting the temporary key encrypted with the secret key received from the device with the processing function to the temporary key. Means for storing the data in the storage device in association with the data encrypted in step (a). 12. An information processing system comprising: an information processing device and a device device having a processing function capable of communicating with each other; and an external storage device having a processing function capable of communicating with the device device having the processing function. The external storage device with a processing function, a secret key storage unit that stores a secret key, and a unit that enables the secret key only when a predetermined control signal is given from the device device with a processing function, Temporary key generation means for generating a predetermined temporary key; encryption means for encrypting the generated temporary key using the secret key which has become available; encryption with the generated temporary key and secret key Means for transmitting the obtained temporary key to the device device with a processing function, wherein the device device with a processing function detects a predetermined physical quantity that can be identified individually and generates biometric information. Input means, reference biometric information storage means in which the biometric information for a predetermined user is registered in advance, biometric information obtained by the biometric information input means, biometric information registered in the reference biometric information storage means Means for transmitting the predetermined control signal to the external storage device with the processing function, and transmitting the predetermined control signal to the external storage device with the processing function only when it is determined that they are the same. Means for transferring a temporary key and a temporary key encrypted with a secret key to the information processing device, wherein the information processing device uses a temporary key received from the device device with a processing function to perform a desired process. Encrypting means for encrypting data; and storing the temporary key encrypted with the secret key received from the device device having the processing function in association with the data encrypted with the temporary key. Means for storing the information in a storage device. 13. An information processing system comprising: an information processing device and a device device having a processing function capable of communicating with each other; and an external storage device having a processing function capable of communicating with the device device having the processing function. The information processing apparatus includes: a temporary key used for encrypting desired encrypted data to be decrypted, the temporary key being encrypted with a secret key;
Means for decrypting data encrypted with the temporary key using a temporary key passed to and decrypted by the device with processing function, wherein the device with processing function has a predetermined Biometric information input means for detecting a physical quantity and generating biometric information; reference biometric information storage means in which the biometric information for a predetermined user is registered in advance; and biometric information obtained by the biometric information input means is the reference biometric information. Means for comparing whether or not the same as the biological information registered in the information storage means, only when it is determined to be the same, transmitting a predetermined control signal to the external storage device with the processing function, Means for transmitting a temporary key, encrypted with the secret key passed from the information processing apparatus, to the information processing apparatus, the temporary key being generated by being passed to the external storage device with the processing function The external storage device with a processing function comprises: secret key storage means for storing a secret key; and the private key can be used only when a predetermined control signal is given from the device device with a processing function. Means, a decryption means for decrypting the temporary key encrypted with the secret key passed from the device device having the processing function using the secret key which has become available, and a process for processing the decrypted temporary key. Means for transmitting to a device device with a function. 14. If the biometric information is not registered in the reference biometric information storage means of the device with the processing function according to any one of claims 1 to 13, a password is requested and input. If the password is determined to be valid, and if the biometric information is registered in the reference biometric information storage means, input of biometric information is requested, and input from the biometric information input means is performed. Only when one of the biological information is determined to be the same as the biological information registered in the reference biological information storage means, at least additional registration of the biological information in the reference biological information storage means is possible. A reference biometric information additional registration device, comprising: 15. An authentication method in an information processing system for performing encryption or decryption using a secret key, wherein a biometric information is generated by detecting a predetermined physical quantity that can be identified individually, and the generated biometric information is An authentication method characterized in that the secret key can be used only when it is determined that it is the same as biometric information registered in advance. 16. An authentication / encryption method in an information processing system for encrypting data, wherein a biometric information is generated by detecting a predetermined physical quantity that can be identified individually, and the generated biometric information is registered in advance. Only when it is determined that they are the same as the biometric information, the secret key can be used, desired data is encrypted with a predetermined temporary key, and the temporary key is used. An authentication method characterized by encrypting with a key, storing the data encrypted with the temporary key and the temporary key encrypted with the secret key in association with each other.
Encryption method. 17. An authentication / decryption method in an information processing system for decrypting encrypted data, wherein a biometric information is generated by detecting a predetermined physical quantity that can be identified individually, and the generated biometric information is: The secret key can be used only when it is determined that the secret key is the same as the biometric information registered in advance, and the secret key is used for encrypting the desired encrypted data to be decrypted. Decrypting the data encrypted with the secret key using the secret key, and decrypting the data encrypted with the temporary key using the decrypted temporary key. Decryption method.