JP2020046778A - Ic card and portable electronic apparatus - Google Patents

Abstract

To provide an IC card and a portable electronic apparatus which allow a cipher key to be securely managed.SOLUTION: In a cryptographic system 100, a module M of an IC card 2 comprises a first interface (communication unit 25), a second interface (fingerprint sensor 27), a first storage unit, and a processor. The first interface transmits and receives data to and from an external device. The second interface acquires biological information of a user. The first storage unit stores therein biological information for authentication processing. In response to successful matching between the biological information of the user and the biological information stored in the first storage unit, the processor acquires a cipher key and uses the cipher key to encrypt or decrypt data received through the first interface and transmits the encrypted or decrypted data through the first interface.SELECTED DRAWING: Figure 1

Description

  Embodiments of the present invention relate to an IC card and a portable electronic device.

  2. Description of the Related Art Some information processing apparatuses such as PCs encrypt or decrypt data using an encryption technique such as OpenPGP (Pretty Good Privacy). Such an information processing device stores therein an encryption key such as a secret key, which is encrypted with a password or the like. As a result, there is a possibility that the encryption key stored in the information processing device is illegally accessed or the encryption key is falsified.

  Therefore, a technique for securely storing an encryption key in an external device such as an IC card is desired.

JP 2018-45330A

  In order to solve the above-described problems, an IC card and a portable electronic device capable of securely managing an encryption key are provided.

  According to the embodiment, an IC card includes a first interface, a second interface, a first storage unit, and a processor. The first interface sends and receives data to and from an external device. The second interface acquires the biological information of the user. The first storage unit stores biometric information for an authentication process. The processor, when succeeding in matching the biometric information of the user with the biometric information stored in the first storage unit, acquires an encryption key, and receives data received through the first interface using the encryption key. Encrypting or decrypting, and transmitting the encrypted or decrypted data through the first interface;

FIG. 1 is a block diagram illustrating a configuration example of a cryptographic system according to the embodiment. FIG. 2 is a diagram illustrating a configuration example of the fingerprint table according to the embodiment. FIG. 3 is a diagram illustrating a configuration example of a key table according to the embodiment. FIG. 4 is a diagram illustrating a configuration example of a correspondence table according to the embodiment. FIG. 5 is a flowchart illustrating an operation example of the IC card according to the embodiment.

Hereinafter, embodiments will be described with reference to the drawings.
The encryption system according to the embodiment encrypts or decrypts data using a predetermined algorithm. Here, the encryption system encrypts the data (signs the data) or decrypts the encrypted data using OpenPGP. The encryption system encrypts or decrypts data using an encryption key (for example, a secret key) stored in the IC card 2.

  FIG. 1 is a block diagram illustrating a configuration example of a cryptographic system 100 according to the embodiment. As shown in FIG. 1, the encryption system 100 includes a host PC 1, an IC card 2, a reader / writer 11, and the like. The host PC 1 connects to the reader / writer 11. Further, the reader / writer 11 connects to the IC card 2. Note that the cryptographic system 100 may include a configuration as needed in addition to the configuration shown in FIG. 1, or a specific configuration may be excluded from the cryptographic system 100.

  The host PC 1 (external device) controls the entire encryption system 100. The host PC 1 encrypts data using an encryption key (for example, a secret key) stored in the IC card 2 or decrypts the encrypted data.

  For example, the host PC 1 obtains data to be encrypted (for example, data to be signed). The host PC 1 transmits data to be encrypted to the IC card 2 through the reader / writer 11. The host PC 1 receives data (for example, signed data) encrypted by the IC card 2 through the reader / writer 11.

  Further, the host PC 1 acquires the encrypted data through a network or the like. The host PC 1 transmits the encrypted data to the IC card 2 through the reader / writer 11. The host PC 1 receives the data decrypted by the IC card 2 through the reader / writer 11.

  The reader / writer 11 is an interface device for transmitting and receiving data to and from the IC card 2. The reader / writer 11 is configured by an interface according to the communication method of the IC card 2. For example, when the IC card 2 is a contact type IC card, the reader / writer 11 is configured by a contact portion for physically and electrically connecting to a contact portion of the IC card 2.

  When the IC card 2 is a non-contact type IC card, the reader / writer 11 includes an antenna for performing wireless communication with the IC card 2, a communication control unit, and the like. In the reader / writer 11, power supply, clock supply, reset control, and data transmission / reception to the IC card 2 are performed.

  With such a function, the reader / writer 11 supplies power to the IC card 2, activates (starts up) the IC card 2, supplies clock, resets control, transmits various commands, and transmits the transmitted commands based on the control by the host PC 1. For example, receiving a response to the request.

  The IC card 2 (portable electronic device) encrypts data according to the control of the host PC 1 or decrypts the encrypted data.

  The IC card 2 has a card-shaped main body C made of plastic or the like. The IC card 2 has a module M built in a main body C. The module M is integrally formed with the IC chip Ca, the communication unit 25, the MPU 26, and the fingerprint sensor 27 connected thereto, and is embedded in the main body C of the IC card 2.

  As shown in FIG. 1, the IC card 2 includes a module M and the like. The module M includes an IC chip Ca, a communication unit 25, an MPU 26, a fingerprint sensor 27, and the like. The IC chip Ca includes a processor 21, a ROM 22, a RAM 23, an NVM 24, and the like. The processor 21 is connected to the ROM 22, the RAM 23, the NVM 24, and the communication unit 25 via a data bus or the like. The communication unit 25 connects to the MPU 26 via a data bus or the like. The MPU 26 connects to the fingerprint sensor 27 via a data bus or the like.

  In addition, the IC card 2 may have a configuration as needed in addition to the configuration shown in FIG. 1, or a specific configuration may be excluded from the IC card 2.

  The processor 21 functions as a control unit that controls the entire IC card 2. The processor 21 performs various processes based on a control program and control data stored in the ROM 22 or the NVM 24. For example, by executing a program stored in the ROM 22, the processor 21 performs operation control of the IC card 2 or various processes according to the operation mode of the IC card 2.

For example, the processor 21 may be a processor that executes a program to realize control of each unit in the IC card 2 and information processing.
A part of various functions realized by the processor 21 executing the program may be realized by a hardware circuit. In this case, the processor 21 controls a function executed by the hardware circuit.

  The ROM 22 is a nonvolatile memory that stores a control program, control data, and the like in advance. The ROM 22 is incorporated in the IC card 2 in a state where a control program, control data, and the like are stored at a manufacturing stage. That is, the control program and control data stored in the ROM 22 are incorporated in advance according to the specifications of the IC card 2 and the like.

  The RAM 23 is a volatile memory. The RAM 23 temporarily stores data being processed by the processor 21 and the like. For example, the RAM 23 functions as a calculation buffer, a reception buffer, and a transmission buffer. The calculation buffer temporarily holds the results of various arithmetic processes executed by the processor 21 and the like. The reception buffer holds command data and the like received from the reader / writer 11 via the communication unit 25. The transmission buffer holds a message (response data) to be transmitted to the reader / writer 11 via the communication unit 25, and the like.

  The NVM 24 (the first storage unit and the second storage unit) is configured by, for example, a nonvolatile memory such as a flash ROM which can write and rewrite data. The NVM 24 stores a control program, an application, and various data according to the operation purpose of the IC card 2. For example, in the NVM 24, a program file and a data file are created. In each of the created files, a control program and various data are written.

  The NVM 24 stores a fingerprint table, a key table, a correspondence table, and the like. The key table, fingerprint table and correspondence table will be described later.

  The communication unit 25 (first interface) is an interface for transmitting and receiving data to and from the reader / writer 11. That is, the communication unit 25 is an interface for transmitting and receiving data to and from the host PC 1 through the reader / writer 11. When the IC card 2 is realized as a contact-type IC card, the communication unit 25 includes a communication control unit for physically and electrically contacting the reader / writer 11 to transmit and receive signals and a contact unit. You. For example, the IC card 2 is activated by receiving an operation power supply and an operation clock from the reader / writer 11 via the contact section.

  When the IC card 2 is realized as a non-contact type IC card, the communication unit 25 includes a communication control unit such as a modulation / demodulation circuit for performing wireless communication with the reader / writer 11 and an antenna. For example, the IC card 2 receives a radio wave from the reader / writer 11 via an antenna and a modulation / demodulation circuit. The IC card 2 generates and activates an operation power supply and an operation clock from a radio wave by a power supply unit (not shown).

  The communication unit 25 is an interface for transmitting and receiving data to and from the MPU 26. The communication unit 25 acquires a fingerprint collation result and the like through the MPU 26.

  The MPU 26 processes a fingerprint image from the fingerprint sensor. For example, the MPU 26 performs a collation process on a fingerprint image from the fingerprint sensor. That is, the MPU 26 determines whether the fingerprint image matches the preset fingerprint information. The MPU 26 transmits the collation result to the processor 21 via the communication unit 25. For example, the MPU 26 transmits information (such as a fingerprint ID described later) indicating fingerprint information that matches the fingerprint image to the processor 21.

  The fingerprint sensor 27 (second interface) acquires a fingerprint image from the user's finger. For example, the fingerprint sensor 27 includes a CCD sensor and the like. The fingerprint sensor 27 transmits a fingerprint image to the MPU 26.

  The fingerprint sensor 27 may extract a feature from a fingerprint image and generate fingerprint information indicating the feature. The fingerprint sensor 27 may transmit the generated fingerprint information to the MPU 26.

  Next, the fingerprint table will be described.

  The fingerprint table stores fingerprint information registered in advance for collating a fingerprint image input to the fingerprint sensor 27. FIG. 2 shows a configuration example of the fingerprint table.

  As shown in FIG. 2, the fingerprint table stores “fingerprint ID” and “fingerprint information” in association with each other.

  “Fingerprint ID” is an identifier that specifies fingerprint information registered in advance. Here, the “fingerprint ID” is a numerical value.

  “Fingerprint information” is fingerprint information registered in advance for collation with the fingerprint sensor 27. “Fingerprint information” indicates a fingerprint to be registered. For example, “fingerprint information” indicates a feature amount extracted from a fingerprint image. The “fingerprint information” may be a fingerprint image. The configuration of “fingerprint information” is not limited to a specific configuration. In the example shown in FIG. 2, “fingerprint information” whose “fingerprint ID” is “1” is fingerprint information of the registrant's thumb.

  The fingerprint table is stored in the NVM 24 in advance.

  For example, the host PC 1 transmits a command for generating a fingerprint table to the IC card 2 through the reader / writer 11. The processor 21 of the IC card 2 acquires the registrant's fingerprint image through the fingerprint sensor 27 according to the command. Upon acquiring the fingerprint image, the processor 21 generates fingerprint information from the fingerprint image. After generating the fingerprint information, the processor 21 generates a fingerprint table using the generated fingerprint information and stores the fingerprint table in the NVM 24.

  Note that the processor 21 may acquire fingerprint information from the MPU 26. Further, the processor 21 may generate fingerprint information of a plurality of fingers to generate a fingerprint table. Further, the processor 21 may update the fingerprint table according to a command from the host PC. Further, the fingerprint table may be stored in the MPU 26.

Next, the key table will be described.
The key table stores an encryption key used for encryption or decryption. FIG. 3 is a diagram illustrating a configuration example of the key table.

  As shown in FIG. 3, the key table stores “KeyID”, “secret key”, and “expiration date” in association with each other.

  “KeyID” is an identifier that specifies an encryption key. Here, “KeyID” is a numerical value.

  The “secret key” stores the contents of the encryption key. Here, the encryption key is a secret key used in OpenPGP. For example, the “secret key” is 256-byte data.

  The “expiration date” indicates a period in which the “secret key” can be used.

  Next, the correspondence table will be described.

  The correspondence table indicates an encryption key that is activated when fingerprint authentication is successful. FIG. 4 shows a configuration example of the correspondence table.

  As shown in FIG. 4, the correspondence table stores “fingerprint ID” and “Key ID” in association with each other.

  “Fingerprint ID” is an identifier that specifies fingerprint information registered in advance, as described above.

  “KeyID” is an identifier that specifies an encryption key to be validated when authentication is successful using fingerprint information of “fingerprint ID”. That is, “KeyID” indicates an encryption key that can be used for encryption or decryption when the fingerprint image from the fingerprint sensor 27 and the fingerprint information of “Fingerprint ID” are successfully collated.

  In the example shown in FIG. 4, when the fingerprint image from the fingerprint sensor 27 matches the fingerprint information (thumbprint information of the thumb) whose “fingerprint ID” is “1”, the correspondence table indicates that “KeyID” is “1”. Or "2" ("RSA SK1" or "RSA SK2").

  The key table and the correspondence table are stored in the NVM 24 in advance.

  For example, the host PC 1 transmits a command for generating an encryption key to the IC card 2 through the reader / writer 11. The host PC 1 transmits information for generating an encryption key (designation of the encryption key length, exp, etc.), an expiration date, a fingerprint ID, and the like to the IC card 2 along with the command.

  The processor 21 of the IC card 2 generates an encryption key according to the command. After generating the encryption key, the processor 21 stores the KeyID indicating the generated encryption key, the generated encryption key, and the expiration date in the key table in association with each other. Further, the processor 21 stores the fingerprint ID from the host PC 1 and the KeyID indicating the generated encryption key in the correspondence table in association with each other.

  Note that the processor 21 may update the key table or the correspondence table according to a command from the host PC.

  Next, functions realized by the IC card 2 will be described. The functions realized by the IC card 2 are realized by the processor 21 executing a program stored in the ROM 22 or the NVM 24 or the like.

  First, the processor 21 has a function of acquiring a fingerprint image using the fingerprint sensor 27.

  Here, it is assumed that the IC card 2 is set in the reader / writer 11 and is in a state capable of transmitting and receiving data to and from the host PC 1.

  The host PC 1 transmits an authentication request command for instructing authentication using a fingerprint to the IC card 2 through the reader / writer 11.

  The processor 21 of the IC card 2 receives the authentication request command through the communication unit 25. Upon receiving the authentication request command, the processor 21 activates the fingerprint sensor 27.

  Here, it is assumed that the user puts a finger on fingerprint sensor 27 and inputs a fingerprint.

  The processor 21 acquires a fingerprint image through the fingerprint sensor 27.

  Further, the processor 21 has a function of comparing the acquired fingerprint image with fingerprint information registered in advance.

  For example, the processor 21 performs the matching process using the MPU 26.

  The MPU 26 acquires a fingerprint image through the fingerprint sensor 27. Upon acquiring the fingerprint image, the MPU 26 collates the fingerprint image with each piece of fingerprint information in the fingerprint table. For example, the MPU 26 generates fingerprint information indicating characteristics of a fingerprint from a fingerprint image. When the fingerprint information is generated, the MPU 26 collates the generated fingerprint information with each fingerprint information in the fingerprint table.

  When there is fingerprint information that has been successfully collated, the MPU 26 transmits a fingerprint ID indicating the fingerprint information to the processor 21.

  When there is no fingerprint information that has been successfully collated, the MPU 26 transmits information indicating that the collation has failed to the processor 21.

  Further, the processor 21 has a function of validating an encryption key corresponding to fingerprint information that has been successfully collated. That is, the processor 21 acquires the encryption key corresponding to the fingerprint information that has been successfully verified.

  The processor 21 receives from the MPU 26 a fingerprint ID indicating fingerprint information that has been successfully collated. Upon receiving the fingerprint ID, the processor 21 refers to the correspondence table and acquires a Key ID corresponding to the received fingerprint ID. Upon acquiring the KeyID, the processor 21 validates the encryption key corresponding to the KeyID. That is, the processor 21 determines that the encryption key has been authenticated, and makes the encryption key usable for encryption or decryption. For example, the processor 21 stores information indicating that the obtained key ID encryption key is validated in the RAM 23 or the like.

  Note that the processor 21 may transmit a response indicating that the collation has been successful to the reader / writer 11 via the communication unit 25.

  Further, when the processor 21 receives the information indicating that the matching has failed from the MPU 26, the processor 21 may transmit a response indicating that the matching has failed to the reader / writer 11 via the communication unit 25.

  Further, the processor 21 has a function of encrypting predetermined data or decrypting the encrypted data using the validated encryption key.

  For example, the host PC 1 transmits a processing command for encrypting predetermined data to the IC card 2 through the reader / writer 11.

  The processor 21 of the IC card 2 receives the processing command via the communication unit 25. Upon receiving the processing command, the processor 21 refers to the key table and determines whether there is an activated encryption key that is within the expiration date.

  When determining that there is an encryption key within the validity period, the processor 21 encrypts predetermined data using the encryption key. When the predetermined data is encrypted, the processor 21 transmits the encrypted predetermined data to the reader / writer 11 through the reader / writer 11.

  Further, the host PC 1 transmits a processing command for decrypting the encrypted data to the IC card 2 through the reader / writer 11.

  The processor 21 of the IC card 2 receives the processing command via the communication unit 25. Upon receiving the processing command, the processor 21 refers to the key table and determines whether there is an activated encryption key that is within the expiration date.

  When determining that there is an encryption key within the validity period, the processor 21 uses the encryption key to decrypt the encrypted data. After decrypting the encrypted data, the processor 21 transmits the decrypted data to the reader / writer 11 through the reader / writer 11.

  If the processor 21 determines that there is no encryption key within the expiration date, the processor 21 may transmit a response indicating that the processing has failed to the reader / writer 11 via the communication unit 25.

  Next, an operation example of the IC card 2 will be described.

  FIG. 5 is a flowchart for explaining an operation example of the IC card 2. Here, it is assumed that the IC card 2 is set in the reader / writer 11 and is in a state capable of transmitting and receiving data to and from the host PC 1.

  First, the processor 21 of the IC card 2 determines whether an authentication request command has been received via the communication unit 25 (S11). If it is determined that the authentication request command has not been received (S11, NO), the processor 21 returns to S11.

  When determining that the authentication request command has been received (S11, YES), the processor 21 acquires a fingerprint image through the fingerprint sensor 27 (S12). Upon acquiring the fingerprint image, the processor 21 uses the MPU 26 to collate the acquired fingerprint image with each piece of fingerprint information in the fingerprint table (S13).

  When the acquired fingerprint image is compared with each piece of fingerprint information in the fingerprint table, the processor 21 determines whether there is fingerprint information that has been successfully matched (S14). If it is determined that there is fingerprint information that has been successfully verified (S14, YES), the processor 21 refers to the correspondence table and validates the encryption key corresponding to the successfully verified fingerprint information (S15).

  When the encryption key is validated, the processor 21 receives a processing command for encrypting or decrypting data via the communication unit 25 (S16). Upon receiving the processing command, the processor 21 determines whether there is an activated encryption key that has not expired (S17).

  If it is determined that there is an encryption key within the validity period (S17, YES), the processor 21 executes the processing command (S18).

  If it is determined that there is no fingerprint information that has been successfully collated (S14, NO), it is determined that there is no encryption key within the validity period (S17, NO), or if a processing command is executed (S18), the processor 21 Ends the operation.

  Note that the processor 21 may realize the function of the MPU 26.

  Further, the IC card 2 may include a coprocessor that generates an encryption key such as a secret key.

  In addition, the processor 21 may generate a secret key used in the elliptic curve-based encryption algorithm as the encryption key and store the secret key in the key table. Further, the processor 21 may generate a shared key as an encryption key and store it in the key table. The configuration of the encryption key is not limited to a specific configuration.

  Further, the processor 21 may perform the authentication process using biometric information other than the fingerprint. For example, the processor 21 may perform the authentication process using biological information such as a glow, a vein, a voiceprint, or a face image.

  Further, the host PC 1 may include a fingerprint sensor. The processor 21 may acquire the fingerprint image or the fingerprint information indicating the characteristic of the fingerprint image from the host PC 1 through the communication unit 25. In this case, the communication unit 25 functions as a second interface. Further, the host PC 1 may include a biometric sensor for obtaining biometric information other than a fingerprint. The processor 21 may acquire biometric information from the host PC 1 and perform an authentication process.

  Further, the IC card 2 does not need to store the encryption key in the internal memory (such as the NVM 14). For example, after generating the encryption key, the processor 21 of the IC card 2 encrypts the encryption key using the master key and transmits the encrypted key to the host PC 1. The host PC 1 stores one or a plurality of encrypted encryption keys. The host PC 1 transmits the encrypted encryption key to the IC card 2 as necessary. The processor 21 of the IC card 2 receives the encrypted encryption key. Upon receiving the encrypted encryption key, the processor 21 decrypts the encryption key using the master key. After decrypting the encryption key, the processor 21 encrypts or decrypts the data using the decrypted encryption key according to the processing command from the host PC 1. With this configuration, the IC card 2 can reduce the memory required for storing the encryption key.

  The encryption system configured as described above stores an encryption key in the IC card 2. The encryption system transmits predetermined data from the host PC to the IC card 2, and encrypts or decrypts the predetermined data in the IC card 2. Therefore, the encryption system can encrypt or decrypt data using the encryption key without storing the encryption key in the host PC. As a result, the encryption system can safely manage the encryption key.

  Although several embodiments of the present invention have been described, these embodiments are provided by way of example and are not intended to limit the scope of the invention. These new embodiments can be implemented in other various forms, and various omissions, replacements, and changes can be made without departing from the spirit of the invention. These embodiments and their modifications are included in the scope and gist of the invention, and are also included in the invention described in the claims and their equivalents.

  DESCRIPTION OF SYMBOLS 1 ... Host PC, 2 ... IC card, 11 ... Reader / writer, 14 ... NVM, 21 ... Processor, 22 ... ROM, 23 ... RAM, 24 ... NVM, 25 ... Communication part, 27 ... Fingerprint sensor, 100 ... Encryption system.

Claims (9)

A first interface for transmitting and receiving data to and from an external device;
A second interface for acquiring biometric information of the user;
A first storage unit for storing biometric information for authentication processing,
When the biometric information of the user is successfully compared with the biometric information stored in the first storage unit, an encryption key is obtained,
Encrypting or decrypting data received through the first interface using the encryption key;
Transmitting the encrypted or decrypted data through the first interface;
A processor,
An IC card comprising: A second storage unit for storing the encryption key,
The IC card according to claim 1. The second storage unit stores a plurality of the encryption keys,
The first storage unit stores a plurality of pieces of biometric information in association with an encryption key,
The processor comprises:
Performing a comparison between the biological information of the user and each of the biological information stored in the first storage unit,
Successfully collating with the user's biometric information, encrypting or decrypting the data using the encryption key corresponding to the biometric information stored in the first storage unit,
The IC card according to claim 2. The second storage unit stores a plurality of the encryption keys and an expiration date in association with each other,
The processor encrypts or decrypts the data using the encryption key within a validity period,
The IC card according to claim 3. The biometric information stored in the first storage unit is fingerprint information.
The IC card according to claim 1. The second interface is a fingerprint sensor that acquires a fingerprint image.
The IC card according to claim 5. The encryption key is a secret key;
The IC card according to claim 1. A first interface for transmitting and receiving data to and from an external device, a second interface for acquiring biometric information of the user, a first storage unit for storing biometric information for authentication processing, If the verification with the biometric information stored in the first storage unit succeeds, an encryption key is obtained, and the data received through the first interface is encrypted or decrypted using the encryption key, and the encryption or decryption is performed. A processor for transmitting the data obtained through the first interface; and
A main body containing the module,
An IC card comprising: A first interface for transmitting and receiving data to and from an external device;
A second interface for acquiring biometric information of the user;
A first storage unit for storing biometric information for authentication processing,
When the biometric information of the user is successfully compared with the biometric information stored in the first storage unit, an encryption key is obtained,
Encrypting or decrypting data received through the first interface using the encryption key;
Transmitting the encrypted or decrypted data through the first interface;
A processor,
A portable electronic device comprising: