1. Field of the Invention
The present invention relates to an authentication method, a communication method, and an information processing apparatus. More particularly, the present invention relates to an authentication method in which a plurality of information processing apparatuses authenticate one another, a communication method, and an information processing apparatus.
2. Description of the Related Art
With the development of information processing technology, large amounts of information are communicated over predetermined transmission lines. Most transmission lines over which information is communicated are such that a third party (a party except for a transmission party or a receiving party) is capable of intercepting data which is being communicated.
When communications are performed using such transmission lines without wanting information to be leaked to a third party, codes are often used. As a result of using codes and communicating encrypted data, even if the encrypted data can be intercepted, it is difficult for a third party to read the contents of the communicated information from such data.
For such an encryption method of generating codes, a method is often used which generates codes (data which is transmitted actually) from plain text (information to be transmitted).
For such codes using keys, there are two types: symmetric key codes and public key codes. In the symmetric key codes, the key (encryption key data) during encryption and the key (decryption key data) during decryption are the same. For example, as symmetric key codes, a DES (Data Encryption Standard), one of the Feistel codes, is often used. On the other hand, in the public key codes, encryption key data differs from decryption key data. Further, the receiving party makes public the encryption key data from among those keys for the sake of the transmission party, but keeps the decryption key data hidden without making it public data (that is, only the receiving party knows the decryption key).
FIG. 14 shows an example of such a communication (secret communication) using keys (symmetric keys). A transmission party 101 encrypts information (plain text M) to be transmitted into a code C by using a key K. Then, the transmission party 101 transmits the code C to a receiving party 102 over a predetermined transmission line.
The receiving party 102 receives the code C and decrypts it by using the same key K as the key K that the transmission party 101 has in order to obtain the information (plain text M) transmitted from the transmission party 101. With communications performed in this way, even if the code C is intercepted, it is difficult for a third party to obtain transmitted information (plain text M).
Further, it is possible to determine (authenticate) if the communication party is an authorized receiving party by using such keys. FIG. 15 shows an example of authentication using keys (symmetric keys). A party 111 who determines authentication generates a random number M and transmits the random number M to a party 112 who is authenticated. The authentication party 111 causes the party 112 who is authenticated to encrypt the random number M into a code C by using the key K and to transmit the code C. Then, the authentication party 111 receives the code C and decrypts it into plain text M1 using the key K. Then, the authentication party 111 makes a determination if the random number M and the plain text M1 match each other. When they match each other, the authentication party 111 authenticates the party 112 who is authenticated.
In this way, it is possible for the transmission party (the authentication party 111) to determine (authenticate) if the receiving party (the party 112 who is authenticated) is an authorized receiving party (has the same key as that of the transmission party). At this time, even if the random number M which is plain text and the code C containing the encrypted random number M are intercepted by a third party, since it is difficult to generate the key K from the plain text M and the code C, only the authorized receiving party having the same key K as the key K of the transmission party (the authentication party 111) becomes authenticated.
However, in the above-described authentication method, predetermined transmission and receiving parties merely authenticate other transmission and receiving parties. Therefore, if, for example, the above-described authentication method is applied to a card system formed of a reader/writer (R/W) and an IC card, there are problems in that although it is possible for the R/W to determine (authenticate the communication party) if the communication party is an authorized IC card, it is difficult for the IC card to determine if the communication party is an authorized R/W.