1. Technical Field
The present invention relates to: a communication method for establishing communication between a portable communication device and a plurality of relay devices capable of communicating with the communication device; a communication system to which the communication method is applied; a key management device and a relay device which are used in the communication system; and a computer program for implementing the key management device and the relay device. In particular, the present invention relates to a communication method, a communication system, a key management device, a relay device and a recording medium, which are used to establish communication between a communication device and the relay device based on key information required for concealment of the communication.
2. Description of the Related Art
In recent years, the use of wireless LAN has been rapidly spread in general households and companies, and portable IP phones utilizing wireless LAN has also been attracting attention. A communication device, used as a portable IP phone, and a relay device, known as an access point for communicating with the communication device, share master key information. The master key information is called a “PMK (Pairwise Master Key)” and is required for concealment of the communication in a wireless zone. The communication device and the relay device encrypt and decrypt the communication content by using a communication key derived from the shared master key information, thereby realizing wireless communication with high security.
The master key information used for concealment of communication, can be shared between a communication device and a relay device as follows. Based on a mutual authentication standard such as EAP-TLS provided by WPA2 (Wi-Fi Protected Access) which is an encryption standard for wireless LAN, the communication device and the relay device make a request to an authentication device for authentication, and the authentication device transmits encrypted master key information to the authenticated communication device and relay device, thereby allowing the master key information to be shared between the communication device and the relay device. A method for performing wireless communication in such a manner is provided by a standard such as IEEE802.1X, for example.
Further, a user who possesses a communication device may move during communication such as a phone call using the communication device, and this move of the communication device may require a process for switching a relay device to which the communication device makes access. In such a case, the communication device has to share master key information with the relay device that has been switched. The sharing process of the master key information might take about 1.5 seconds, which becomes a cause of a communication trouble such as a phone call interruption. It should be noted that, although a process of deriving communication key from the master key information only takes about a few milliseconds, and therefore, no particular problem occurs even during a phone call.
As an example of methods for speeding up a process switching a relay device to the other, called a “PMK cache method”. In the PMK cache method, master key information shared with a communication device is stored by both the relay device and communication device, even after the communication link was disconnected. In this method, if the communication device returned the area where it can communicate with the previously connected relay devices, and when the master key information used for the previous communication are still valid, the stored master key information is used, thereby avoiding a process for sharing the master key information.
Another example of such methods is a method called “preauthentication method”. In the preauthentication method, a communication device communicating with one of relay devices, shares master key information with the each adjacent relay devices via wired communication links between the relay devices in advance, and if the communication device is allowed to communicate with the other relay device, the other relay device uses the already shared master key information, thereby speeding up the switching process.
Furthermore, an example of methods for avoiding a process for sharing master key information based on the result of authentication include the method disclosed in Japanese Unexamined Patent Application Publication No. 2004-222300. The method, disclosed in Japanese Unexamined Patent Application Publication No. 2004-222300, derives RKs (Roaming Keys) from master key information (PMK) for each adjacent relay devices for a terminal device which is successfully authenticated by the first relay device, and the first relay device distributes the generated R's to the adjacent other relay device. Thus, in this method, if a communication device communicating with one of relay devices is allowed to communicate with the other relay device, the other relay device uses the distributed RK as the equivalent of the PMK for that relay device, thereby avoiding a process for sharing master key information.
However, the PMK cache method has a problem that it is effective only in the case of reconnecting to a previously connected relay device, and cannot be applied to a newly connecting relay device.
Furthermore, in the preauthentication method, a communication device during communication carries out a process for sharing master key information with all the other adjacent relay devices via the first connected relay device, and therefore, there arises a problem that the processing load on the communication device during communication is increased. If the processing load on the communication device is increased, a process for reproducing media communication data cannot be completed in real time, and therefore, the following situations occur. For example, during a phone call, a trouble such as a clipping noise occurs, and in the case of visual communication, a trouble such as a block noise occurs. In addition, since a communication device performs a process for sharing master key information also with a relay device with which no communication is actually established, there arises a problem that the storage area of each relay device is constrained. Moreover, the unnecessary sharing of master key information with relay devices, which is not willing to communicate, might also lead to a problem that the security is weakened.
In the method disclosed in Japanese Unexamined Patent Application Publication No. 2004-222300, master key information is also transmitted to relay devices which is not willing to communicate, thus causing problems that the storage area of each relay device is constrained and the security is also weakened.