1. Field of the Invention
The present invention relates to an authentication method performed between an IC card and a terminal unit, and a system therefor.
2. Description of the Related Art
Conventional authentication methods between an IC card and a terminal unit have been disclosed in, for example, Japanese Patent Laid-Open No. Sho 59-77575 (Japanese Patent Publication No. Hei 3-40879). In this authentication method, a random number is generated first in the terminal unit, and then the generated random number is sent to the card together with an address specifying the desired authentication code stored in the card. In the IC card, the authentication code corresponding to the given address is obtained. Thereafter, a predetermined processing is performed using the given random number and the obtained authentication code by an encryptor in the IC card itself, and the obtained result of the processing is transmitted to the terminal unit. The terminal unit is also provided with data on the authentication code and the encryptor, like the IC card. Therefore, the terminal unit performs the similar processing to that performed in the IC card on the random number and the authentication code using the encryptor. If the result of the processing performed by the terminal unit coincides with the result of the processing sent from the IC card, the identity of the IC card is established to the terminal unit.
In the conventional authentication method between the IC card and the terminal unit which is performed in the manner described above, an address indicating the location where the authentication code is stored is directly given to the IC card from the terminal unit in order to obtain a desired authentication code. Thus, there is the possibility that the location where the authentication code is stored and the contents thereof may be disclosed to an unauthorized user.