1. Technical Field
The present invention relates to an authentication system that implements identity verification using a control device and a terminal device.
2. Description of the Related Art
With an authentication system consisting of a control device and an authentication terminal device, authentication is performed by matching the input data input to the authentication terminal device with authentication data prepared in advance. Here, when all the authentication data is stored in one of either the control device or the authentication terminal device, there is the risk that the authentication data is decrypted and illegal authentication is implemented. In light of this, with prior art authentication systems, there was a technique for which authentication data was divided using an electronic tally, and the divided authentication data was held respectively by the control device and the authentication terminal device, such that the authentication data is not decrypted (Unexamined Patent No. 2004-234633). With the prior art, for example, even if one device was stolen, if both devices were not stolen, recovering the authentication data was difficult.
However, with the prior art, the authentication data was divided and stored in the control device and the authentication terminal device, but the processing data used when matching the input data and the authentication data was stored in one or the other of the control device or the authentication terminal device. Here, processing data means algorithms or the like put into data form which is used when matching the input data with the authentication data, and for example, includes items put into data form such as a cryptography key, function, authentication program, library, or the like. When the control device or the authentication terminal device in which the processing data is stored is stolen, by the processing data being analyzed, it is possible for the authentication data to be forged and for identity verification to be implemented. Also, when the processing data is stored in the control device, when the authentication terminal device is changed, by accessing the control device from the changed authentication terminal device, it is possible for the processing data to be stolen, analyzed, for the authentication data to be forged, and for identity verification to be implemented.
Also, when both the control device and the authentication terminal device are stolen, analysis of the authentication data and the processing data becomes easy, and the possibility increases of identity verification being implemented by authentication data forgery.