1. Technical Field
The present disclosure relates to a method of authenticating devices using certificates.
2. Description of the Related Art
In recent years, home electric appliance devices and audiovisual devices have come to be connected to networks, and there is anticipation for services using various types of history information collected therefrom to the cloud. In this arrangement, a controller is installed in the home, and transmission of history information from the home electric appliance devices to a manufacturer's server is relayed through the controller. Setting the connection between the controller and the home electric appliance devices so as to be safe enables communication within the home to be controlled, and leakage of information over wireless communication and connection to the in-home network by spoofing to be prevented.
To this end, the Wi-Fi Alliance has conventionally set forth a standard to facilitate connection among devices, called Wi-Fi Protected Setup (See Wi-Fi Alliance, “Wi-Fi CERTIFIED Wi-Fi Protected Setup: Easing the User Experience for Home and Small Office Wi-FiR Networks (2010)”, [online], December 2010, [Searched Jun. 24, 2014], Internet <URL: http://www.wi-fi.org/ja/file/wi-fi-certified-wi-fi-protected-setup%E2%84%A2-easing-the-user-experience-for-home-and-small-office-wi>). However, in Wi-Fi wireless connection, this only guarantees interconnection among devices at an access point of devices and home electric appliance devices, that is equivalent to a controller, and does not guarantee whether a connecting device is valid or not.
Usage of the Public Key Infrastructure (PKI) to authenticate the validity of devices has been conventionally known (See Atsuko Miyaji/Hiroaki Kikuchi, “IT Text Information Security” published by Ohmsha, October 2003 (hereinafter referred to as “Miyaji and Kikuchi”). Authentication based on PKI guarantees the validity of devices by authenticating that an entity (home electric appliance device or controller) has a secret key and a public key certificate issued by a certificate authority. Once there is an occurrence of leakage of a secret key or the like regarding a public key certificate, the public key certificate needs to be revoked in order to prevent unauthorized use of the public key certificate. A representative way to revoke a public key certificate is a Certificate Revocation List (CRL) which is a list of certificate revocations (See Miyaji and Kikuchi). A CRL is a list of revoked public key certificates, with IDs and the like of revoked public key certificates affixed with the signature of the certificate authority that has issued the public key certificate, and distributed. The entity such as the home electric appliance device or controller verifies whether the public key certificate of another entity to which it is to connect is not listed in the CRL. Accordingly, the newest CRL needs to be used as the CRL.