1. Field of the Invention
The present invention relates to a technique of connection authentication performed to allow wireless communication between a wireless terminal having control functions as a wireless station (hereafter may be referred to as ‘access point’) and a wireless terminal under control of the wireless station (hereafter may simply be referred to as ‘terminal’) in a wireless communication network that adopts a short-range wireless communication standard, such as Bluetooth, for data transfer.
2. Description of the Related Art
Diversity of electronic devices (wireless terminals) having wireless communication functions (BT functions) in conformity with the Bluetooth (BT) standard, for example, cell phones and digital cameras (BT terminals) have been under development. It is expected to spread various services involved in such BT terminals. One example of such services prints photos taken by cell phones and digital cameras (images expressed by electronic data) (hereafter referred to as ‘photo print service’).
In one typical system of the photo print service, a print service providing apparatus (BT access point) is installed in some place filled with many people, for example, a family restaurant, a tourist attraction, an amusement part, or a railway station (hereafter referred to as ‘public space’). The user of the photo print service transfers electronic data of object photos to be printed by wireless communication of the BT standard (BT communication) from the user's BT terminal, for example, cell phone or digital camera, to the print service providing apparatus as the BT access point. The print service providing apparatus then prints images (photos) expressed by the transferred electronic data.
The BT communication between the BT access point and the BT terminal is made by exchanging ID information (BT addresses) required for established connection of a BT communication link between the BT access point and the BT terminal. The typical procedure of connecting the BT terminal to the BT access point sets an ‘inquiry’ mode of the BT standard, sends an inquiry to a BT access point located in the coverage of radio waves from the BT terminal, and exchanges the ID information required for connection of the BT communication link with a responding BT access point. Connection of the BT communication link is established between the BT terminal and the BT access point, based on the exchanged ID information.
In the inquiry mode, however, the BT access point equally responds to all the BT terminals that have sent the inquiries to make connection of the BT communication link. Some of the BT terminals within the coverage of radio waves from the BT access point may be possessed by unauthorized or illegal users or by careless users who do not intend to currently receive the service but have mistakenly given the inquiries. The BT access point readily makes connection of the BT communication link with such unauthorized, illegal, and careless users. Especially at the BT access point installed in a public space filled with general public, there is a high potential that such unauthorized, illegal and careless users interfere with the smooth service to the authorized users. In the description below, the connection interfering with smooth service is called ‘improper connection’.
The BT terminal exchanges the ID information required for connection of the BT communication link with the BT access point responding to the inquiry and establishes connection of the BT communication link with the responding BT access point. There is accordingly a possibility that the BT terminal exchanges the required ID information even with a fake BT access point disguised as a legal BT access point and makes connection of the BT communication link with the fake BT access point. Important personal information may thus be stolen from the BT terminal establishing connection with the fake BT access point.
In the service system based on BT communication, it is thus essential to prevent improper connections and allow only the user who actually desires the service to specify a BT access point as a connection target. It is also preferable to enable the user to confirm the connecting BT access point as a legal BT access point providing the desired service. The requirements are thus to enable the user to explicitly specify a desired BT access point as a connection target and to ensure established connection of a communication link between the specified BT access point and the user's BT terminal.
One proposed technique to solve the above problem utilizes infrared (IR) communication to send the ID information required for connection of the BT communication link from the BT terminal to the BT access point as disclosed in Japanese Patent Laid-Open Gazette No. 2001-156723. Infrared radiation has high directivity and short coverage of only several meters. The user should thus sufficiently approach to and visually confirm a desired BT access point as a connection target of the user's BT terminal. The user then sends the ID information required for connection of the BT communication link from the user's BT terminal to the desired BT access point by IR communication. This proposed technique enables the user to explicitly specify a desired BT access point as the connection target and establishes connection of the BT communication link between the specified BT access point and the user's BT terminal.
The primary issue of wireless communication is leakage and interception of transmitted information. Cryptography of transmitted information is thus the general procedure to protect the security. The BT standard specifies cryptography of information and enables encryption of information prior to transmission. The general procedure of encrypting the transmitted information in BT communication receives individual entries of an identical PIN (Personal Identification Number) code in the BT terminal and in the BT access point and performs connection authentication between the BT terminal and the BT access point.
The disclosure of the above cited reference only regards the technique relating to establishment of connection of the BT communication link but does not take into account connection authentication.
One typical method of entry of a PIN code in the BT terminal requires the user to read the PIN code provided through a display on the BT access point and to enter the PIN code in the user's BT terminal. This method, however, forces the relatively troublesome entry operations of the PIN code on the user. There are also other potential problems: the user may enter a wrong PIN code; and any unauthorized third person may steal a glance at the displayed PIN code. The third person may enter the stolen PIN code in his own BT terminal to illegally have connection authentication and acquire information.
The PIN code provided by the BT access point may be sent to the BT terminal by IR communication or BT communication to ensure the use of the identical PIN code by the BT access point and the BT terminal. This proposed method makes the user free from the troublesome entry operations of the PIN code. Both the IR communication and the BT communication are wireless and may thus disadvantageously allow the PIN code to be readily intercepted and captured by any unauthorized third person.
The above drawbacks are not restricted to the wireless communication network system including the BT terminal connected to the BT access point, but are also found in diversity of wireless communication network systems that use various wireless communication standards other than BT for data transfer.