WO2006038290A1 - Wireless authenticating method and wireless authenticating system - Google Patents

Abstract

A wireless authenticating method used between first and second communication devices each having a radio signal transmitting/receiving function. The first communication device performs a first authentication by judging that the level of the signal transmitted from the second communication device is a predetermined value or more, receiving the identification information, and checking the identification information with the identification information stored in internal storage means. When the first communication device succeeds in the authentication of the second communication device, it reports the authentication result to a remote certificate authority. On receiving the authentication result, the certificate authority requests behavior history information from the second communication device. On receiving the behavior history information, the certificate authority performs a second authentication of checking it with the behavior history information stored in internal storage means of the certificate authority. If the certificate authority succeeds in the authentication of the second communication device, the certificate authority transmits a removal permission signal to remove the use restriction on a device the use of which is restricted by the first communication device to the first communication device. On receiving the removal permission signal, the first communication device removes the use restriction on the device.

Description

 Specification

 Wireless authentication method and wireless authentication system

 Technical field

 The present invention relates to a wireless authentication method and a wireless authentication system in which a key side device and a device side device mutually authenticate with a radio signal.

 Background art

 [0002] When a door is locked or unlocked wirelessly using radio waves without using a key (such as a keyless entry of an automobile), the user carries a portable device corresponding to the key of the automobile. Then, using the portable device, the locking and unlocking of the door lock of the automobile is operated by a remote radio signal. More specifically, a predetermined ID is stored in the portable device, and the same ID is also incorporated in the unlocking device on the automobile side. Then, the unlocking device on the automobile side receives the ID transmitted by the wireless power of the portable device, compares it with the ID stored in the unlocking device, and unlocks if the ID matches.

 [0003] As described above, a wireless authentication system that performs ID authentication wirelessly and remotely controls a controlled device such as a door lock device of an automobile based on the collation result is a portable device corresponding to a key. The security operation is performed by regarding the person who owns as a legitimate user. Therefore, for example, if a portable device is acquired by a malicious third party due to loss or theft, the malicious third party can impersonate a legitimate user and unlock the car door lock. This is not preferable. For this reason, it is necessary to prevent impersonation and unauthorized operation by a third party to ensure security.

 [0004] Such third-party fraudulent operations are not limited to automobile door locks, but remotely monitor devices such as home door locks, cameras, PDAs (Personal Digital Assistants), personal computers, and mobile phones. Similarly, the portable device to be operated needs to be prevented. Therefore, it is necessary to ensure security in the same way when these devices are remotely monitored and operated by radio.

On the other hand, as described above, a portable device itself owned by a legitimate user is illegally acquired by a third party by stealing or the like, and an ID communicated wirelessly is stolen by some means. By listening, a portable device (clone device) with the same ID may be produced and used illegally. A clone device is another device that has the same function as the wireless authentication function (including ID) of a portable device owned by a legitimate user, and a malicious third party uses this clone device. Impersonate a legitimate user and misuse it. In this case, since the legitimate user has a legitimate portable device, it does not notice the existence of the clone device until the clone device is illegally used, and the illegal use by the clone device cannot be prevented.

 Disclosure of the invention

 An object of the present invention is to provide a wireless authentication method and a wireless authentication system that can prevent unauthorized use due to impersonation of a third party.

 An object of the present invention is to provide a wireless authentication method and a wireless authentication system that can prevent unauthorized use by a clone device.

 [0008] A first wireless authentication method of the present invention for achieving the above object is a wireless authentication method between a first communication device and a second communication device each having a wireless signal transmission / reception function. The first communication device determines that the transmission signal level from the second communication device is equal to or higher than a predetermined value, and identifies the second communication device from the second communication device. Is received, the received identification information is collated with the identification information stored in the internal storage means of the first communication device, a first authentication process is performed on the second communication device, and the first When the second communication device succeeds in authenticating the second communication device by the first authentication process, the communication device notifies the authentication result including the identification information to a remote certificate authority, and the certificate authority The identification information included in the result is stored in the certification authority. The second authentication process is performed on the second communication device by comparing with the identification information stored in the storage unit, and the certificate authority authenticates the second communication device by the second authentication process. If successful, a release permission signal for releasing the use restriction of the device whose use is restricted by the first communication device is transmitted to the first communication device, and the first communication device When the release permission signal is received, the use restriction of the device is released.

[0009] Preferably, in the first wireless authentication method, the second communication device is a third communication device. When it is determined that the transmission signal level from the communication device is equal to or higher than a predetermined value and the identification information for identifying the third communication device is received from the third communication device, the received identification information is converted into the second identification information. Compared with the identification information stored in the internal storage means of the communication device, the third authentication process for the third communication device is performed, and the second communication device performs the third authentication process, The communication with the first communication device is possible only while the authentication of the third communication device is successful.

 [0010] A second wireless authentication method of the present invention is a wireless authentication method between a first communication device and a second communication device each having a radio signal transmission / reception function, wherein the first communication When the device determines that the transmission signal level from the second communication device is equal to or higher than a predetermined value and receives the identification information identifying the second communication device from the second communication device, the device The received identification information is collated with the identification information stored in the internal storage means of the first communication device, and the first authentication process for the second communication device is performed. When the authentication of the second communication device is successful by the first authentication process, the authentication result is notified to a remote certificate authority, and the certificate authority sends the action history information to the second communication device. Request and receive the action history information from the second communication device. Then, the received action history information is collated with the action history information stored in the internal storage means of the certificate authority, and a second authentication process is performed on the second communication device. Upon successful authentication of the second communication device by the second authentication process, the use restriction of the device whose use is restricted by the first communication device is released for the first communication device. When the release permission signal is transmitted, the first communication device receives the release permission signal and cancels the use restriction of the device.

In the second wireless authentication method, preferably, the second communication device determines that a transmission signal level from the third communication device is equal to or higher than a predetermined value, and the third communication device. When the identification information for identifying the third communication device is received from the third communication device, the received identification information is collated with the identification information stored in the internal storage means of the second communication device. And the second communication device performs the third authentication process only while the third communication device is successfully authenticated by the third authentication process. It is possible to communicate with one communication device.

 [0012] A third wireless authentication method of the present invention is a wireless authentication method between a first communication device and a second communication device each having a radio signal transmission / reception function, wherein the first communication When the apparatus determines that the transmission signal level from the second communication device is equal to or higher than a predetermined value and receives identification information for identifying the second communication device from the second communication device, the received signal is received. The identification information is collated with the identification information stored in the internal storage means of the first communication device, a first authentication process is performed on the second communication device, and the first authentication process performs the first authentication process. After successful authentication of the second communication device, the behavior history information of the second communication device is further received from the second communication device, and the received behavior history information is stored in the internal storage means. Compared with history information, When the second authentication process is performed on the second communication device and the second authentication device is successfully authenticated by the second authentication process, the device whose use is restricted by the first communication device It is characterized by canceling the use restriction.

 In the third wireless authentication method, preferably, the second communication device determines that a transmission signal level from the third communication device is equal to or higher than a predetermined value, and the third communication device. When the identification information for identifying the third communication device is received from the third communication device, the received identification information is collated with the identification information stored in the internal storage means of the second communication device. And the second communication device communicates with the first communication device only while the third authentication device is successfully authenticated by the third authentication processing. It is possible.

 [0014] Preferably, in the second and third wireless authentication methods, the action history information includes history information related to communication of the second communication device with the first communication device. It is characterized by.

 [0015] Preferably, in the second third wireless authentication method, the action history information includes at least one of a time or a position at which the second communication device communicates with the first communication device. It is characterized by being information.

[0016] Preferably, in the second wireless authentication method, the second communication device creates the action history information at a predetermined timing, and stores the internal history of the second communication device. And the created action history information is transmitted to the certificate authority, and when the certificate authority receives the action history information, the action history information is stored in an internal storage unit of the certificate authority.

 [0017] Preferably, in the second wireless authentication method, the action history information includes history information related to communication of the second communication device with the first communication device, and the second communication device includes: The first action history information relating to communication with the first communication device is created and stored in the internal storage means of the second communication device, and the created first action history information is stored in the certificate authority. The first communication device creates second action history information related to communication with the second communication device, stores the second action history information in the internal storage means of the first communication device, and creates the creation The second action history information is sent to the certificate authority, and when the certificate authority receives the first action history information and the second action history information, it is determined whether or not the two information match. If it is determined and matches, the first action The gravel information or the second action history information, characterized in that to be stored in the internal storage unit of the authentication station.

 [0018] Preferably, in the second wireless authentication method, the action history information includes history information related to communication of the second communication device with the first communication device, and the first communication device includes: , Creating action history information related to communication with the second communication device, storing the action history information in the internal storage means of the first communication device, transmitting the created action history information to the certificate authority, and When the action history information is received, the action history information is stored in the internal storage means of the certificate authority.

 [0019] Preferably, in the third wireless authentication method, the second communication apparatus creates action history information related to communication with the first communication apparatus, and the action history information is stored in the second wireless authentication method. Action history information related to communication with the second communication device including information corresponding to the action history information created by the second communication device, which is stored in an internal storage unit of the communication device. And the action history information is stored in the internal storage means of the first communication device.

[0020] Preferably, in the second wireless authentication method, the second communication device creates the action history information at a predetermined timing, and transmits a transmission signal level from another communication device. Is determined to be greater than or equal to a predetermined value, the created action history information is transmitted to the other communication device, and the other communication device transfers the received action history information to the certificate authority, and the certificate authority Stores the received action history information as action history information of the second communication device in an internal storage unit of the certificate authority.

 [0021] The configuration of the first wireless authentication system of the present invention to achieve the above object is a wireless authentication system having a first communication device, a second communication device, and a certificate authority, The communication device includes first determination means for determining whether or not a transmission signal level from the second communication device is equal to or higher than a predetermined value, and identification information for identifying the second communication device as the second information A first receiving means for receiving from the communication device; a first storage means for storing identification information of the second communication device in advance;

 When the first determination unit determines that the value is equal to or greater than a predetermined value, the received identification information is collated with the identification information stored in the first storage unit to authenticate the second communication device. First authentication means for performing processing, and first transmission means for notifying the authentication station of an authentication result including the identification information upon successful authentication of the second communication device by the first authentication means; The second communication device stores the identification information of the second communication device in advance and transmits the identification information to the first communication device. The certificate authority stores the identification information of the second communication device in advance, and the certificate authority storage means stores the identification information included in the authentication result. The identification information stored in the means, and the second When the authentication of the second communication device by the certificate authority and the certificate authority authenticating means for performing authentication processing on the communication device succeeds, the first communication device uses the first communication device. And a certificate authority transmitting means for transmitting a release permission signal for releasing the use restriction of the device for which the device is restricted, and when the first communication device receives the release permission signal, It has the 1st cancellation | release means which cancels | releases use restrictions of this.

The first wireless authentication system preferably further includes a third communication device, and the third communication device stores identification information of the third communication device in advance. And a third transmission for transmitting the identification information to the second communication device And the second communication device further includes second determination means for determining whether or not a transmission signal level from the third communication device is equal to or higher than a predetermined value, and the third communication device. A fourth receiving means for receiving identification information for identifying the communication apparatus from the third communication apparatus; a fourth storage means for previously storing the identification information for the third communication apparatus; When the second determination means determines that it is greater than or equal to a predetermined value, the received identification information is checked against the identification information stored in the fourth storage means to authenticate the third communication device. And a second release for releasing the restriction on communication with the first communication device only while the authentication of the third communication device by the second authentication means is successful. Means.

A second wireless authentication system according to the present invention is a wireless authentication system having a first communication device, a second communication device, and a certificate authority, wherein the first communication device includes the second communication device. First determination means for determining whether or not the transmission signal level of the second communication apparatus is greater than or equal to a predetermined value, and first reception means for receiving identification information for identifying the second communication apparatus from the second communication apparatus And storing the identification information of the second communication device in advance, and determining that the first storage means and the first determination means are greater than or equal to a predetermined value, the received identification information First authentication means for performing authentication processing on the second communication device by comparing with the identification information stored in the first storage means, and authentication of the second communication device by the first authentication means If successful, authentication including the identification information First transmitting means for notifying the certificate authority of the result, and the second communication device stores identification information of the second communication device and action history information of the second communication device. A second storage unit, and a second transmission unit configured to transmit the identification information to the first communication device and transmit the action history information to the certificate authority. A certificate authority storage unit storing action history information of the second communication device; and requesting action history information from the second communication device; and receiving the action history information from the second communication device; The received action history information is checked against the action history information stored in the certificate authority storage means to perform authentication processing for the second communication device, and the certificate authority authentication means performs the authentication process. If the authentication of the second communication device is successful, the first communication device Against communication apparatus, control is used by said first communication device And a certificate authority transmission means for transmitting a release permission signal for releasing the use restriction of the limited device, and when the first communication device receives the release permission signal, the first communication device uses the device. It further has the 1st cancellation | release means which cancels | releases a restriction | limiting.

 [0024] Preferably, the second wireless authentication system further includes a third communication device, and the third communication device stores identification information of the third communication device in advance. Storage means and third transmission means for transmitting the identification information to the second communication device, wherein the second communication device further transmits a transmission signal level from the third communication device. Second determination means for determining whether or not is greater than or equal to a predetermined value; fourth reception means for receiving identification information for identifying the third communication apparatus from the third communication apparatus; When the fourth storage means for storing the identification information of the third communication device and the second determination means determine that the second determination means is greater than or equal to a predetermined value, the received identification information is stored in the fourth storage. The third communication device in comparison with the identification information stored in the means A second authentication unit that performs authentication processing on the second communication unit, and a second communication unit that cancels communication restrictions with the first communication device only while the second authentication unit succeeds in authenticating the third communication device. And a second release means.

[0025] A third wireless authentication system of the present invention is a wireless authentication system comprising a first communication device and a second communication device, wherein the first communication device is the second communication device. A first determination means for determining whether or not the transmission signal level from the second communication apparatus is equal to or higher than a predetermined value, and a first information receiving identification information for identifying the second communication apparatus from the second communication apparatus When it is determined that the receiving means, the first storage means storing the identification information and the action history information of the second communication device in advance, and the first determining means are equal to or greater than a predetermined value, The received identification information is collated with the identification information stored in the first storage means, the authentication process for the second communication device is performed, and the authentication of the second communication device by the authentication is performed. After the success, the action history information of the second communication device Information is received from the second communication device, the received action history information is collated with the action history information stored in the first storage means, and another authentication process is performed on the second communication device. The first authentication means, and when the second authentication device succeeds in the second authentication device by the first authentication means, the first communication device uses the first authentication device. A first canceling unit that cancels the use restriction of the device that is restricted, and the second communication device includes identification information of the second communication device and action history information of the second communication device. And a second transmission means for transmitting the identification information to the first communication device.

 The third wireless authentication system preferably further includes a third communication device, and the third communication device stores identification information of the third communication device in advance. Storage means and third transmission means for transmitting the identification information to the second communication device, wherein the second communication device further transmits a transmission signal level from the third communication device. Second determination means for determining whether or not is greater than or equal to a predetermined value; fourth reception means for receiving identification information for identifying the third communication apparatus from the third communication apparatus; When the fourth storage means for storing the identification information of the third communication device and the second determination means determine that the second determination means is greater than or equal to a predetermined value, the received identification information is stored in the fourth storage. The third communication device in comparison with the identification information stored in the means A second authentication unit that performs authentication processing on the second communication unit, and a second communication unit that cancels communication restrictions with the first communication device only while the second authentication unit succeeds in authenticating the third communication device. And a second release means.

 [0027] Preferably, in the second and third wireless authentication systems, the action history information includes history information related to communication of the second communication device with the first communication device. It is characterized by.

 [0028] Preferably, in the second and third wireless authentication systems, the behavior history information includes a time or position at which the second communication device communicates with the first communication device. Both of them are information including one of them.

 [0029] Preferably, in the second wireless authentication system, the second communication device creates the action history information at a predetermined timing and stores the behavior history information in the second storage unit. Action history information is transmitted to the certificate authority, and when the certificate authority receives the action history information, the certificate authority storage means stores the action history information.

[0030] Preferably, in the second wireless authentication system, the action history information is: The second communication device has history information related to communication with the first communication device, and the second communication device creates first action history information related to communication with the first communication device. The first communication history information is stored in the internal storage means of the second communication device and the created first action history information is transmitted to the certificate authority, and the first communication device communicates with the second communication device. Second action history information relating to communication is created and stored in the internal storage means of the first communication device, and the created second action history information is transmitted to the certificate authority. When the first action history information and the second action history information are received, it is determined whether or not the information matches, and if they match, the first action history information or the second action history information is determined. The action history information is stored in the certificate authority storage means. To.

 [0031] Preferably, in the second wireless authentication system, the action history information includes history information related to communication of the second communication device with the first communication device, and the first communication device includes: , Creating action history information related to communication with the second communication device, storing the action history information in the internal storage means of the first communication device, transmitting the created action history information to the certificate authority, When the behavior history information is received, the certificate authority storage means stores the behavior history information.

 [0032] Preferably, in the third wireless authentication system, the second communication device creates action history information related to communication with the first communication apparatus, and the action history information is transmitted to the second wireless authentication system. The first communication device creates action history information related to communication with the second communication device including information corresponding to the action history information created by the second communication device. The action history information is stored in the first storage means.

[0033] Preferably, in the second wireless authentication system, the second communication device creates the action history information at a predetermined timing, and a transmission signal level from another communication device is a predetermined value or more. If it is determined that there is, the created action history information is transmitted to the other communication device, the other communication device transfers the received action history information to the certificate authority, and the certificate authority receives the received action history information. Information is stored in the certificate authority storage means as action history information of the second communication device. Brief Description of Drawings

FIG. 1 is a diagram showing a first configuration example of a wireless authentication system in an embodiment of the present invention.

 FIG. 2 is an overall schematic block diagram of an example in which a use restriction device that executes wireless authentication is applied to a mobile phone.

 FIG. 3 is a schematic block diagram of an identification signal transmission / reception unit.

FIG. 4 is a schematic block diagram of a use restriction release unit.

 FIG. 5 is a diagram showing a specific implementation example of the transmission unit 10 and the release unit 20.

 [FIG. 6] is a detailed configuration example of a “match” adder circuit.

 FIG. 7 is an explanatory diagram of an identification signal and transmission timing.

 FIG. 8 is an explanatory diagram of the configuration content of an identification number.

 FIG. 9 is an explanatory diagram of a pulse compression signal and pulse compression processing.

 FIG. 10 is an explanatory diagram of the relationship between the detection waveform of the received signal and the confirmation signal.

 FIG. 11 is an explanatory diagram of a received signal level and a level determination section.

 FIG. 12 is a diagram showing an example of an ID management table managed by Certificate Authority D.

 FIG. 13 is a diagram showing a first authentication processing procedure in the first configuration example of the wireless authentication system shown in FIG. 1 (authentication processing procedure between wearable key unit C and portable terminal B).

 FIG. 14 is a diagram showing a first authentication processing procedure in the first configuration example of the wireless authentication system shown in FIG. 1 (authentication between mobile terminal B, automobile door lock device A, and certificate authority D). Processing procedure).

 FIG. 15 is a diagram showing a second authentication processing procedure in the first configuration example of the wireless authentication system shown in FIG. 1.

 FIG. 16 is a conceptual diagram showing a situation where the clone device authenticates with the door lock device A and the certificate authority D.

 FIG. 17 is a diagram showing an example of a database related to an action history of mobile terminal B.

FIG. 18 is a diagram showing a second configuration example of the wireless authentication system in the embodiment of the present invention. FIG. 19 is a diagram showing a third authentication processing procedure according to the second configuration example of the wireless authentication system shown in FIG. 17.

 FIG. 20 is a diagram for explaining a method of transmitting an action history via another mobile terminal that is a pair.

 FIG. 21 is a diagram illustrating action history transmission processing via another form terminal. BEST MODE FOR CARRYING OUT THE INVENTION

 Hereinafter, embodiments of the present invention will be described with reference to the drawings. However, the embodiment does not limit the technical scope of the present invention.

 [0036] Further, in the present embodiment, the automobile door lock device will be described as an example of a controlled device that is a security target, but of course the present invention is not limited to this. It can be applied to all objects that can be remotely monitored and operated, such as locks, cameras, PDAs (Personal Digital Assistants), computers, and mobile phones.

 FIG. 1 is a diagram showing a first configuration example of the wireless authentication system in the embodiment of the present invention. In Fig. 1, the wireless authentication system restricts the use of the door lock device A and door lock device A of the controlled device, the portable terminal B that can be used and the use restriction can be lifted, and the use of the portable terminal B. And a wearable key unit C that can lift its usage restrictions and a certificate authority D.

 The certificate authority D can communicate with the mobile terminal B and the controlled device A. When the mobile terminal B is a mobile phone, the mobile terminal B is connected to the certificate authority D via a mobile phone line, and the controlled device A is also connected to the certificate authority D via a communication line such as PHS. If the controlled device A is a device that does not move, such as a door lock device at home, it can be connected to the certificate authority D by wire.

 [0039] The main role of the certificate authority D is to associate the portable terminal B with the wearable key unit C, and further associate the controlled device A with the portable terminal B so that they can be used. In addition, when controlled device A is in a state where the restriction on use is released by mobile device B, communication is performed for confirmation of both, and authentication is performed to confirm that controlled device A can be released. It also has a role to give.

First, an outline of the authentication operation in the first configuration of FIG. 1 will be described. Wireless authentication is performed between wearable unit C and mobile device B, and usage restrictions on mobile device B are removed. In the removed state, the mobile terminal B and the controlled device A further perform wireless authentication. The detailed operation of wireless authentication will be described in detail next. Then, when the wireless authentication between the mobile terminal B and the controlled device A operates normally, the authentication result is sent to the certificate authority D. When the certificate authority D confirms the authentication result and determines that the authentication result is valid, the certificate authority D sends an unlocking permission signal to the door lock device A of the controlled vehicle, and the door lock device A receives it. As a result, the use restriction is released and the door lock is unlocked.

 [0041] The operation of wireless authentication will be described. Wireless authentication is realized by a use restriction device consisting of a pair of communication devices each having a unique ID. One communication device (hereinafter sometimes referred to as a base unit) is attached to a controlled device so that the use can be restricted. The other communication device (hereinafter sometimes referred to as a key unit) is attached to a portable terminal carried by the user. Both communication devices have unique IDs (identification information) and are associated with each other. When the distance between both communication devices is within a certain distance and a signal is received at a level equal to or higher than the predetermined value, IDs are sent to each other at regular intervals to confirm the ID of the partner device. While a valid ID is normally received, one communication device (base unit) makes the controlled device usable (full-time authentication). If the two devices are separated by a certain distance and cannot receive the signal from the other device at a certain level or more, the use restriction function of one communication device (base unit) makes the controlled device unusable. The other communication device (key unit) issues an alarm.

 [0042] In this embodiment, two wireless authentications are performed, and one is a wireless authentication between the wearable key unit C and the portable terminal B. In this wireless authentication, the wearable key unit C functions as a key unit, and the mobile terminal B functions as a base unit. The other is wireless authentication between the mobile terminal B and the car door lock device A. In this wireless authentication, the mobile terminal B functions as a key unit, and the automobile door lock device A functions as a base unit. That is, the portable terminal B functions as a base unit with the wearable key unit C, and functions as a base unit with the door lock device A of the automobile.

FIG. 2 shows an overall schematic block diagram of an example in which a use restriction device that performs wireless authentication is applied to a mobile phone. 10 is a small identification signal transmission / reception unit in card form, 20 Is a usage restriction release unit, and 30 is a mobile phone. The identification signal transmission / reception unit 10 (hereinafter abbreviated as “transmission unit 10”) is separated from the mobile phone 30 and is an independent card type. The use restriction release unit 20 (hereinafter abbreviated as “release unit 20”) is a mobile phone. Built in 30. However, the release unit 20 should be attached to the outside of the mobile phone 30 integrally.

 [0044] The mobile phone 30 is obtained by adding a use restriction circuit 30A as a use restriction means to a conventional general circuit. The transmission unit 10 is used by the owner or user of the mobile phone 30 in a chest pocket or the like and placed in a certain distance range together with the mobile phone 30. In addition to the card format, the transmission unit 10 can be any other format as long as it is convenient to carry keys.

 In correspondence with FIG. 1, wearable key unit C is a form of transmission unit 10, and mobile phone 30 is a form of mobile terminal B. Therefore, FIG. 2 illustrates wireless authentication between wearable key unit C and portable terminal B.

 [0046] The structure of the mobile phone 30 itself is also briefly described below. The mobile phone 30 is provided with a transmission system 30B, a reception system 30C, a telephone number input system 30D, and a power supply unit 38. In the transmission system 30B, the voice is converted into a voice signal by the microphone 33a, then amplified by the voice amplifier circuit 33b, modulated by the carrier wave signal by the modulation circuit 33c, and further, the modulated signal is amplified by the transmission amplifier 33d and transmitted / received. Antenna 3 Ox is sent to the central office. The transmission amplifier 33d is provided with a call switch 33k. When the call switch 33k is operated, a transmission mode is set. In the receiving system 30C, the incoming call signal is amplified by the receiving amplifier 3 la, the number is recognized by the number recognition circuit 32a, and then the ring tone is generated from the ring tone generation circuit 32b through the hook switch 31c and from the speaker 31d. When the hook switch 31c is switched based on this ringing tone, the voice input mode is set. The received signal amplified by the receiving amplifier 31a is demodulated as a voice signal by the voice demodulating circuit 3 lb. 31 Send to d and play as audio.

[0047] In the telephone number input system 30D, the operation input of the key operation disable switch 36b, the numeric keypad 'function key 37a, and the signal of the switch 37c are input to the AND gate 36a of the use restriction circuit 30A. The switch 37c is operated by the output of the alarm release circuit 37b based on the password entered with the numeric keypad function key 37a, and the signals from the switches 36b and 37c and the release unit 20 When the phone number input mode is set on condition that the use restriction release signal is established, the phone number input from the numeric keypad function key 37a is sent to the phone number input circuit 35 through the gate 36a, and the phone number generation circuit The signal is transmitted from the transmitting / receiving antenna 30x through the modulation circuit 33c and the transmission amplifier 33d via 34.

[0048] The power supply of the power supply unit 38 is operated by a power switch (not shown) of the mobile phone 30, and power for supplying power to the circuits of each of the above systems. The release unit 20 may be used in common, or the release unit 20 may be provided with another independent power source. When used in common, the power is always supplied to the release unit 20 even if the power switch of the mobile phone 30 is cut off. The reason will be explained later.

 FIG. 3 shows a configuration example of the transmission unit 10. The transmission unit 10 transmits a confirmation signal sent back from a transmitter 15b for transmitting an identification signal including a unique code signal set in advance from the transmission antenna 10T and a transmitter signal of the release unit 20 described later. A receiver 1 la for receiving via 10R is provided.

 [0050] The transmission system for transmitting the identification signal sends out the identification signal set in the identification code memory 13b by the command of the transmission / reception control timer 13a, and FSK modulation (250 MHz) is performed by the carrier wave in the FSK modulation circuit 15a. The transmission signal of the identification signal is sent out from the rear transmitter 15b.

 [0051] Reference numeral 14 denotes a power supply control circuit, and 18 denotes a power supply unit. The switch 18a is closed by a signal from the power supply control circuit 14 to supply power to each unit.

 [0052] In the receiving system that receives the confirmation signal, the following components are connected after the receiver 11a. First, the received confirmation signal (250 MHz) is FSK demodulated by the FSK demodulator circuit ib and sent to the coincidence / adder circuit 11c. The coincidence / adder circuit 11c reads the identification signal stored in advance in the identification code memory 13b and determines the coincidence point for each bit of the identification signal in order to determine whether the confirmation signal matches the identification signal. Addition process.

[0053] The output signal after the above addition processing (pulse compression signal, which will be described later) is a threshold value. Output to the value processing unit l id, the threshold processing unit l id compares the output signal with a threshold value (threshold value) set in advance by the threshold setting unit l id ′, and the output signal exceeds the threshold value. Then, a timing signal is sent to the signal presence / absence determination unit 12b.

 On the other hand, the confirmation signal received by the receiver 11a described above is also sent to the signal level detection circuit 12a, and a signal indicating the signal level detected by this circuit is sent to the signal presence / absence determination unit 12b. In addition to the above, the confirmation signal from the aforementioned FSK demodulating circuit 1 lb and the identification code signal from the identification code memory 13b are also input to the signal presence / absence determination unit 12b.

 [0055] The signal presence / absence determination unit 12b determines whether the confirmation signal matches the identification code signal, and receives the timing signal from the threshold processing unit id and receives the confirmation signal within a predetermined time t. It is determined whether the signal level of the signal is equal to or higher than a certain value, and an output signal is not generated as long as both of the above two determinations are established. An alarm signal is output to the alarm circuit 16.

 FIG. 4 shows a configuration example of the release unit 20. As shown in the figure, the basic structure of the release unit 20 is almost the same as that of the transmission unit 10 in FIG. 3, and the force is partially different, and the following description will focus on the different parts.

 [0057] The presence / absence of a signal is determined by the signal presence / absence determination unit 22b based on the identification signal transmitted from the transmission unit 10, and the signal presence / absence determination unit 22b does not output any signal as long as the identification signal is received. Is the same as the transmission unit 10, but if there is no output signal, the use restriction release signal generation unit 26 always generates a use restriction release signal, and if no identification signal is received, the output signal from the signal presence / absence determination unit 22b The difference is that transmission of the release signal from the signal generator 26 is stopped.

 [0058] In addition, the power of the power supply unit 28 is not controlled by the transmission / reception control timer 23a, and is always sent to each component, and the power switch is used regardless of whether the power supply of the mobile phone is shared or not. Do not shut off the power supply.

[0059] As described later, when an identification signal is transmitted from the transmission unit 10, the transmission power S is always received by the release unit 20 at any time, and the presence or absence of the identification signal is determined based on the signal. In order to send back a confirmation signal from the transmission system of the release unit 20 at a constant interval after the judgment by the transmission / reception control timer command, the release unit 20 must always be turned on. Because there is.

 Other constituent members are basically the same as those of the transmission unit 10 of FIG. 3, and the same constituent members are numbered in the 20s with the same suffix numbers and description thereof is omitted.

 [0061] In the description of each component above, the identification signal from the transmission unit 10 is a signal including a preset unique code signal. As shown in FIG. null sequence) signal, followed by a unique code signal of the mobile phone number (hereinafter simply called the phone number). The reason why M-sequence signals are included in the identification number other than the telephone number is that, as will be explained later, when the identification number is received, the received signal is that of the own mobile phone. This is to make the signal convenient for circuit processing.

 It should be noted that this identification signal is transmitted as an intermittent signal that repeats every arbitrary time interval S seconds (for example, 2000 ms) in units of an M-sequence signal and a telephone number signal. This is to save power and to prevent the battery from being exhausted and to enable stable long-time transmission. The M series signal may be a CZA code, P code, linear FM signal, or the like. In addition, the telephone number as the unique code signal may be a signal indicating other ID numbers, other owners, and administrator information for devices other than mobile phones.

 [0063] The M-sequence signal is a kind of binary pseudo-random signal, and consists of 1 and 0 having a length obtained by subtracting 1 from 2 to the power of n, that is, a length of (2 "-1). For example, if n = 5, this is a 31-bit signal, and if this M-sequence signal is sent to the coincidence and adder circuit 11c, the pulse compression signal shown in Fig. 9B is obtained. In this pulse compression, the M-sequence signal that is the input signal is compressed by 1/31.

[0064] The unique code signal is required for the number of mobile phones sold. If the code length is m bits, there are 2 ^m types. For example, if m = 30, about 10 Billion kinds of unique code signals are possible. In this embodiment, the unique code signal may be a telephone number or other ID number. If the M-sequence signal and the unique code signal are stored in the identification code memory in advance as identification signals, unauthorized use in the event of misplacement or theft can be effectively prevented.

[0065] The above-described identification signal is transmitted from the transmission unit 10 and received by the release unit 20, FIG. 7 shows the details of the configuration in which the same signal is sent back as a confirmation signal after a lapse of a certain time from the release unit 20, and the signal received by the transmission unit 10 is subjected to pulse compression processing by the coincidence adder circuit 11c of the transmission unit 10. Shown in When the received signal that has received the confirmation signal is demodulated by the FSK demodulator circuit ib, the first M-sequence signal of the confirmation signal is temporarily stored in the shift register l is not shown in FIG. Remembered.

[0066] The M-sequence signal written in the shift register l is matches and sent to the adder circuit 11c, where the M-sequence signal is called out of the stored data stored in the identification code memory 13b in advance. The M-sequence signal is compared for each bit and the number of matching bits is added.

 [0067] The signal subjected to the coincidence and addition process is output as a pulse compression signal. In this example, the shift register 11 s has a 31-bit storage capability, but the identification code memory 13b stores both the M-sequence signal (31 bits) and the unique code signal (29 bits), so it stores 60 bits. Therefore, when processing both M-sequence signals, the data part of the M-sequence signal shall be called up.

 FIG. 5 is a diagram illustrating a specific implementation configuration example of the transmission unit 10 and the release unit 20. Both the transmission unit 10 and the release unit 20 are realized by a communication module 100 centered on an MCU (Micro Controller Unit). The communication module 100 configured as shown in Fig. 5 is connected to the multitask communication module (Multi

Task Communication Module: MTC module). The correspondence between each part in FIG. 5 and each part in FIGS. 3 and 4 will be described. 5 corresponds to the transmitter 15b of the transmission unit 10 of FIG. 3 and the transmitter 25b of the release unit 20 of FIG. 5 corresponds to the receiver 11a of the transmission unit 10 of FIG. 3 and the receiver 21a of the release unit 20 of FIG. Although not shown in FIGS. 3 and 4, the cipher generation unit 104 in FIG. 5 performs a process of encrypting the identification codes and the like of the transmission unit 10 and the release unit 20 respectively. The identification code is transmitted and received in an encrypted state. The ID storage unit 105 in FIG. 5 corresponds to the identification code memory 13b in the transmission unit 10 in FIG. 3 and the transmitter 23b in the release unit 20 in FIG. Although not shown in FIGS. 3 and 4, the data storage unit 106 is necessary for an action history that is a communication history between the transmission unit 10 and the release unit 20 as described later. Store information. The external output 107 and the LED display unit 108 in FIG. 5 operate as the alarm circuit 16 in the transmission unit 10 in FIG. The release unit 20 may or may not be used for another purpose. EXT-IF 109 in FIG. 5 is an interface with an external device, and operates as a use restriction release signal generator 26 in release unit 20 in FIG. Then, the MCU 101 in FIG. 5 executes processing performed by each part other than the parts described above, in the transmission unit 10 in FIG. 3 and the release unit 20 in FIG.

 [0069] The operation of the use restriction device applied to the mobile phone of the embodiment having the above-described configuration will be described below separately for the operation of the transmission unit 10 and the operation of the release unit 20. First, when transmitting an identification signal from the transmission unit 10, when a power switch (not shown) is turned on, the transmission / reception control timer 13a is immediately set, the switch 18a is closed via the power control circuit 14a, and power is supplied from the power supply unit 18 to each unit. Supplied.

 [0070] As shown in (a) and (b) of the time chart of FIG. 7, when 2 ms elapses after the power supply is turned on, the identification signal is read from the identification code memory 13b by the command of the control timer 13a. After modulation by the FSK modulation circuit 15a, transmission is performed from the transmitter 15b via the transmission antenna 10T.

 [0071] As described above, the identification signal is transmitted by FSK-modulating a 31-bit M-sequence signal followed by a 29-bit unique code signal indicating a unique telephone number.

 [0072] When the transmission signal of the identification signal from the transmission unit 10 is received by the cancellation unit 20 at a predetermined level or higher and the identification signal is recognized as its own, the transmission from the cancellation unit 20 is the same as the identification signal. A signal is sent back and received as a confirmation signal. The transmission and reception timings are as shown in Fig. 7 (a)-(c). The power supply of the transmission unit 10 is activated (2ms) + transmission (6ms) + lag time (2ms) + return ( 6ms) + lag time (2ms) = ON for a total of 18ms.

[0073] Thereafter, the transmission timing is controlled by the control timer 13a so that the power is turned on at a constant time of, for example, 2000 ms from the first power-on after a certain time has elapsed. Even if the signal transmitted by the transmission unit 10 is received by the receiver 11a of the transmission unit 10 at the same time, the subsequent processing will not be performed, so an alarm signal is sent to the alarm circuit 16 based on the received signal. It does not act as the original received signal, and is distinguished from the confirmation signal On the other hand, when the confirmation signal sent back from the release unit 20 at a predetermined timing is received by the receiver 11a, it is demodulated by the FSK demodulator circuit ib and then subjected to pulse compression processing by the coincidence adder circuit 11c. This has already been explained with reference to FIG. In this pulse compression processing, the M-sequence signal of symbol A shown in (a) of Fig. 9 is pulse-compressed in the confirmation signal. The signal to be matched is added to the shift register l is as shown by symbol B. Because the data for each bit partially matches the value of each corresponding bit in the M-sequence signal storage data of the identification code memory before or after the pulse train of the M-sequence signal is completely written. The value of the pulse compression signal always varies.

 [0075] When data matching the M-sequence signal stored in its own identification code memory 13b is written to the shift register l is, the number of bits subjected to the coincidence addition processing by the coincidence addition circuit 11c is shifted. If all 31 bits in register 13s are satisfied, the pulse compression signal is 31 and the M-sequence signal is completely coincident or at least coincides' If the number of added bits is 24 or more, both M-sequence signals are coincident. Can be considered.

 [0076] Therefore, the threshold processing unit l id determines whether the pulse compression processing signal is a threshold (threshold value) preset by the threshold setting unit l id ', for example, 24 or more (Fig. 9 (b) If it is determined that the threshold is exceeded, the timing signal shown in Fig. 9 (c) is output to the signal presence / absence determination unit 12b.

 [0077] As described above, the signal level of the received signal received by the receiver 1 la is detected by the signal level detection circuit 12a, and the signal presence / absence determination unit 12b determines whether the signal level is greater than a certain value. To do. This signal level is determined by setting a certain voltage threshold for the received signal of the detection waveform shown in Fig. 10 (a), and if it is higher than this level, it is determined that a signal of a certain level or higher has been received.

[0078] As shown in FIG. 10 (a), the above determination is performed when the distance R between the transmission unit 10 and the release unit 20 increases when a signal transmitted with a constant strength is received. The threshold value is determined according to a predetermined distance (e.g., lm) as one judgment method, and the received signal level falls below the threshold value. If this is the case, it is possible to detect that both are separated by a predetermined distance or more. Figure 10 (a) is expressed in logarithmic scale.

 [0079] Instead of the determination method described above, the level of the received signal may be known by AZD converting the detected waveform of the received signal and measuring the voltage level of the received signal.

 [0080] The determination of the signal level is performed by a fixed time t (example shown in the figure) corresponding to the unique code signal received after the timing signal after threshold processing for the M-sequence signal is sent from the threshold processing unit lid. Then, only 2.9ms) is performed symmetrically. The reason is to prevent detection of noise and signal levels from other telephones, and the determination can be made accurately by setting the fixed time specified by the timing signal as the determination section. It is.

 In addition to the determination of the signal level, the determination in the signal presence / absence determination unit 12b includes a unique code signal received after the timing signal is input and subjected to FSK modulation and stored in the identification code memory. It is done even if you agree with. Therefore, the signal presence / absence determination unit 12b receives a timing signal, receives a predetermined level of received signal after a certain period of time, and the received unique code signal matches the own unique code signal. If it is determined, the transmission unit 10 to the release unit 20 exist within a certain distance, and the signal presence / absence determination unit 12b outputs no signal.

 [0082] However, even if there is a timing signal input and the unique code signal matches that of its own, if the signal level is below a certain level, the release unit 20 is separated from the transmission unit 10 by a certain distance or more. In this case, an output signal is output and the alarm circuit 16 is activated.

 [0083] In the alarm circuit 16, for example, when the transmitter unit 10 is put in the pocket by generating a voice message "don't leave" with a voice generator (not shown) to give a warning, A warning sound is given to indicate that the release unit 20 has been lost due to misplacement or theft.

[0084] Note that the warning by the alarm circuit 16 is not only a method of giving the above voice message, but also a beeping sound, or a sound with it, and the display is displayed with a display, "Tekana! /," Any system can be used as long as the warning is given by some means, and even if a signal other than the confirmation signal of the identification code signal is received, the above-mentioned 3 Needless to say, since either or some of the two conditions are not satisfied, the signal presence / absence determination unit 12b does not output the output signal and does not affect the reception operation of the transmission unit.

 Next, the operation of the release unit 20 is as follows. As described above, in this unit 20, power is always supplied from the power supply unit 28 to each component regardless of whether the power switch of the mobile phone 30 is ON, OFF, or misaligned. At the same time as the signal is transmitted, it is received by the receiver 21a of the release unit 20.

 [0086] The received discrimination signal power is demodulated by the SFSK demodulator circuit 21b, sent to the coincidence and adder circuit 21c, and the timing signal based on the M-sequence signal is sent from the threshold processing unit 21d to the signal presence / absence judgment unit 22b. It is. Further, the signal level of the received signal is detected by the signal level detection circuit 22a, and it is determined whether the signal level is equal to or higher than a certain level within a certain judgment time t when the timing signal is sent to the signal presence / absence judgment unit 22b. The determination is the same.

 In addition, the signal presence / absence determination unit 22b during the determination time also determines whether the transmitted signal matches its own unique code signal stored in advance in the identification code memory 23b. Same as 10 However, the signal presence / absence determination unit 22b of the release unit 20 outputs any output signal when the above timing signal and the three conditions that the signal level is equal to or higher than the fixed signal level in both determinations and the unique code signal match. Is not output

[0088] Unless there is an output signal, the use restriction release signal is always output from the use restriction release signal generation unit 26, assuming that the release unit 20, and thus the mobile phone 30, is at the owner or user's hand without leaving the transmission unit. Has been. Therefore, the mobile phone 30 is always ready for use.

 [0089] When a certain time (2 ms in this example) elapses in the signal presence / absence determination unit 22b after receiving the identification signal, the signal from the signal presence / absence determination unit 22b is transmitted and received at that moment. The control timer 23a is set, and the same signal as the received identification signal is read from the identification code memory 23b and transmitted via the FSK modulation circuit 25a and the transmitter 25b. This signal is received as a confirmation signal by the transmission unit 10 as described above.

[0090] However, in the unlikely event that it is left behind or stolen, the release unit 20 will transmit with the mobile phone 30. When the signal level is more than a certain distance from the base 10, the signal level becomes equal to or less than a certain level in the detection of the signal level, and the signal presence / absence determination unit 22b determines that it has received the identification signal. When this determination is made, an output signal is output from the signal presence / absence determination unit 22b, and the output of the cancellation signal generator 26 is stopped, so that the cellular phone 30 cannot be used.

 [0091] As described above, the use restriction device of this embodiment is configured such that the owner or the user puts the transmission unit 10 in a pocket or the like and incorporates the release unit 20 into the mobile phone 30 at hand. Since the mobile phone 30 together with the release unit 20 is separated from the transmitter unit 10 by a certain distance or more, the use of the mobile phone 30 is restricted to prevent unintentional use, etc. Was given a warning by voice or the like so that the mobile phone 30 could immediately recognize that it was out of hand.

 [0092] In the above example, the same code signal (telephone number) is transmitted and received as the identification signal and the confirmation signal, but a unique ID is given to each of the transmission unit 10 and the release unit 20, and they are transmitted and received. A configuration that does this will not help. That is, the transmission unit 10 stores the ID of the release unit 20 in addition to its own ID, and the release unit 20 also stores the ID of the transmission unit 10 in addition to its own ID. 10 transmits its own ID to the canceling unit 20, and the canceling unit 20 compares the received ID with the stored ID of the transmitting unit. It may be determined whether or not there is. Similarly, the cancellation unit 20 also transmits its own ID to the transmission unit 10, and the transmission unit 10 makes a pair of itself by comparing the received ID with the stored ID of the cancellation unit 20. Determine whether it is a release unit.

 Further, in the above-described embodiment, a mobile phone has been described as an example of a device subject to restriction of use. In addition to this, various devices such as a word processor, a personal computer, various game machines, an automobile, and a safe are included. is there. In addition, the case where radio waves are used as a signal transmission medium has been described above.

[0094] By using the wireless authentication operation as described above, in the present embodiment, wireless authentication between the wearable key unit and the mobile terminal, and between the mobile terminal and the door lock device of the automobile are performed. Wireless authentication is performed. However, in wireless authentication between a mobile terminal and a car door lock device, not only between the mobile terminal and the car door lock device. Wireless authentication by three parties including certificate authority will be implemented.

 FIG. 12 is a diagram showing an example of an ID management table managed by the certificate authority D. As shown in FIG. 12, the certificate authority D has information associated with the IDs of the wearable key unit C, the portable terminal B, and the controlled device (automobile door lock device) A.

 FIGS. 13 and 13 are diagrams showing a first authentication processing procedure in the first configuration example of the wireless authentication system shown in FIG. FIG. 13 shows an authentication processing procedure between wearable key unit C and mobile terminal B, which includes wearable key unit C force identification signal transmission / reception unit (transmission unit) 10 and functions as a key unit. Use restriction release unit (release unit) 20 and functions as a base unit. FIG. 14 shows an authentication processing procedure between the mobile terminal B, the automobile door lock device A, and the certification authority D. In this case, the mobile terminal B includes the transmission unit 10 and functions as a key unit. The door opening device A has a release unit 20 and functions as a base unit. That is, the mobile terminal B includes both the transmission unit 10 and the use restriction release unit 20.

 First, in FIG. 13, the transmission unit 10 of the wearable key unit C sends M-sequence data (M-sequence) to the release unit 20 of the mobile terminal B at a predetermined time interval (for example, every 2 seconds) as a 4-power signal. Signal) by radio signal. When receiving the M-sequence data transmitted from the transmission unit 10, the release unit 20 of the portable terminal B compares it with the M-sequence data stored in its own internal memory (for example, a flash memory). This comparison is performed, for example, by a coincidence / adder circuit. As a result of the comparison, a numerical value indicating the number of matched bits of both M series data is output as a pulse signal. If the number of matched bits is equal to or greater than a predetermined threshold (e.g., threshold 24 for 31-bit M-sequence data) and the M-sequence data reception level is greater than or equal to a predetermined value, that is, wearable key When the unit C and the mobile terminal B are within a predetermined range (for example, several meters), the release unit 20 of the mobile terminal B receives an acknowledgment (ACK) for the call and the mobile terminal B stored in the internal memory. Identification information (terminal identification information) IDb is transmitted by radio signal.

On the other hand, when the number of matched bits is less than the predetermined threshold value or the reception level is less than the predetermined value, the release unit 20 of the mobile terminal B does not transmit the ACK signal and the terminal identification information IDb. In this case, as described above, the release unit 20 restricts the use of the mobile terminal B. The mobile device B is unusable. Further, the release unit 20 can display the fact on the display unit of the mobile terminal B.

 [0099] Upon receiving the ACK signal and the terminal identification information IDb, the transmission unit 10 of the wearable key unit C receives the received terminal identification information IDb and the terminal identification information IDb stored in its own internal memory (for example, flash memory). Are matched (step S11).

 [0100] If both terminal identification information IDb is found as a result of collation, the transmission unit 10 recognizes that the release unit 20 is a release unit that makes a pair with itself, and stores it in its own internal memory. Identification information (key identification information) IDc of the wearable key unit C is transmitted. On the other hand, if both terminal identification information IDb is not matched as a result of the collation, it is recognized that the cancellation unit 20 is not a usage restriction cancellation unit paired with itself, and the key identification information IDa is not transmitted.

 [0101] Upon receiving the key identification information IDc transmitted from the transmission unit 10 of the wearable key unit C, the release unit 20 of the portable terminal B receives the received key identification information IDc and the key stored in its own internal memory. The identification information IDc is collated (step S12).

 [0102] If the two key identification information IDc is found as a result of the verification, the release unit 20 recognizes that the transmission unit 10 is a transmission unit paired with itself, and uses the mobile terminal B. The restriction is released, and the portable terminal B is made communicable with the door lock device A (step S13). On the other hand, if the two-key identification information IDa does not match, the transmission unit 10 recognizes that it is not a pair with itself and does not lift the restrictions on the use of the mobile terminal B. Cannot communicate with A.

 [0103] In this way, when the key identification information IDc and the terminal identification information IDb are exchanged and match each other, the user of the mobile terminal B is authenticated as a valid user, and the mobile terminal B is in the usable state. It becomes.

 Next, the processing procedure of FIG. 14 will be described. In FIG. 14, it is assumed that the mobile terminal B is in a usable state according to the processing procedure of FIG. Further, in FIG. 14, the transmission unit 10 of the portable terminal B and the use restriction release unit 20 of the door lock device A of the automobile are inspected, and the certification authority D also participates in the authentication processing procedure.

[0105] First, according to the same processing procedure as in FIG. Authentication processing is performed. That is, the transmission unit 10 of the mobile terminal B transmits M-sequence data (M-sequence signal) as a call signal to the release unit 20 of the door lock device A of the vehicle at a predetermined time interval (for example, every 2 seconds). And then. When receiving the M-sequence data transmitted from the transmission unit 10, the release unit 20 of the automobile door lock device A compares it with the M-sequence data stored in its own internal memory (for example, a flash memory). This comparison is performed, for example, by a coincidence adder circuit. As a result of the comparison, a numerical value indicating the number of matched bits of both M series data is output as a pulse signal. If the number of matched bits is equal to or greater than a predetermined threshold (for example, threshold 24 for 31-bit M-sequence data) and the reception level of M-sequence data is greater than or equal to a predetermined value, in other words, When the door lock device A and the mobile terminal B are within a predetermined range (for example, several meters), the limit release unit 20 of the car door lock device A receives an acknowledgment (ACK) to the call and the internal memory. The door lock device identification information (door lock device identification information) IDa stored in is transmitted as a radio signal.

 On the other hand, when the number of matched bits is less than a predetermined threshold value or the reception level is less than a predetermined value, the release unit 20 of the door lock device A transmits an ACK signal and door lock device identification information IDa. do not do. In this case, as described above, the release unit 20 restricts the release operation of the door lock device A, and the door lock device can be kept locked.

 [0107] Upon receiving the ACK signal and the door lock device identification information IDa, the transmission unit 10 of the mobile terminal B receives the received door lock device identification information IDa and the door lock stored in its own internal memory (for example, a flash memory). The device identification information IDa is collated (step S21).

 [0108] If the door lock device identification information IDa is found as a result of the collation, the transmitting unit 10 of the mobile terminal B recognizes that the release unit 20 is a release unit that makes a pair with itself, It transmits its own identification information (terminal identification information) IDb stored in its internal memory, and further transmits to the certification authority D coincidence information (including IDc and IDb information) to the effect of matching. On the other hand, if the door lock device identification information IDa does not match as a result of the verification, it is recognized that the release unit 20 of the door lock device A of the car is not a release unit paired with itself, and the terminal identification information IDb is Do not send. Of course, the matching information is not transmitted.

[0109] The release unit 20 of the door lock device A of the automobile is When the transmitted terminal identification information IDb is received, the received terminal identification information IDb is collated with the terminal identification information IDb stored in its own internal memory (step S22).

 [0110] If both terminal identification information IDb is found as a result of the collation, the release unit 20 recognizes that the transmission / reception unit 10 is a transmission unit that is paired with itself, and the matching information (IDc) And IDb information) to certificate authority D. On the other hand, if the two terminal identification information IDb does not match, the transmitting unit 10 recognizes that it is not a pair with itself and does not transmit the matching information to the certificate authority D. Mobile terminal B remains unusable.

 [0111] The certificate authority D is a computer device that can communicate with the transmission unit 10 of the portable terminal B and the release unit 20 of the door lock device A and that stores the management table of FIG. When the certificate authority D receives the matching information from the transmission unit 10 of the mobile terminal B and the release unit 20 of the automobile door lock device A, it confirms the contents of the matching information from the management table (FIG. 12) (step 23). ). For example, whether the two IDs included in the two matching information are the same, whether the two IDs of each matching information are the same as those associated in the management table, and so on. Furthermore, the management table has flag information indicating that use restriction can be released and Z cannot be used. For example, if a theft report has been sent to the mobile terminal B, “No” is set. Since all the IDs are managed centrally in the certificate authority, security can be further improved by determining whether the use restriction is released or not. If wearable key unit C and mobile device B are stolen together, it is possible to prevent a malicious third party from impersonating a legitimate user and making mobile device B usable.

[0112] The certificate authority D confirms the received match information in the management table. If no abnormality is detected, the certificate authority D determines that it is a valid authentication operation by a valid user and sends an unlock permission signal to the door lock device A of the car. Send. When the unlocking unit 20 of the door lock device A of the automobile receives the unlock permission signal, the use restriction of the door lock device A is canceled and the door is unlocked (step S24). The certificate authority D also sends an unlocking permission notification that the unlocking of the door lock device A is permitted to the mobile terminal B, and when the mobile terminal B receives the unlocking permission notification, Display on the display (step S25). If an abnormality is detected, such as a theft report, the unlocking signal is not sent, so the door lock device A remains locked. In addition, an unlocking disapproval notice indicating that unlocking is not permitted is transmitted to mobile terminal B, and when mobile terminal B receives it, it displays that effect. As a result, the user can confirm whether or not the door lock device is unlocked.

As described above, in the wireless authentication system in the present embodiment, in addition to the authentication process between the transmission unit 10 of the mobile terminal B and the release unit 20 of the door lock device A, the authentication by the certification authority D By processing the certificate authority D and determining the final use restriction release, even if the wearable key unit C and the mobile terminal B are stolen together, the certificate authority D is immediately notified of the theft. By doing so, unauthorized use by malicious third parties can be prevented.

 [0114] In the above processing procedure, the matching information is transmitted from both the vehicle door lock device A and the mobile terminal B to the certificate authority D. The power of the vehicle door lock device A or the mobile terminal B V However, it is also possible to send the matching information to Certificate Authority D with only one force. Authentication by the above management table is possible by matching information with only one of V and deviation.

 FIG. 15 is a diagram showing a second authentication processing procedure in the first configuration example of the wireless authentication system shown in FIG. In the second authentication processing procedure, even when the clone device of the portable terminal B is used, a process for preventing unauthorized use using the clone device will be described. If wearable key unit C and mobile device B are stolen together, the legitimate user will not be able to find them by looking for them. Accordingly, by contacting the certificate authority D, unauthorized use can be prevented by the first authentication processing procedure described above. However, if a clone device having the same function as the mobile terminal B is created, a legitimate user does not notice its existence until the unauthorized use using the clone device is performed. Therefore, the authentication process may be normally performed by the certificate authority D, and the door lock device A of the automobile may be unlocked by the clone device.

FIG. 16 is a conceptual diagram showing a situation in which the clone device performs authentication with the door lock device A and the certificate authority D. When a clone device of an authentic mobile terminal B is created and the door lock device A of an automobile is unlocked, when the clone device and the door lock device A are within a certain distance, the clone device is wirelessly connected to the door lock device A. After authentication, door lock device A determines that the ID sent by the clone device is the correct ID. Even in the certificate authority, the existence of clone devices Since there is no power, even if the ID etc. is confirmed in the management table, the unauthorized use cannot be found and the unlocking is permitted, so the door lock device A is unlocked. Note that the clone device is manufactured so that it can be used even if the wearable key unit C is not nearby, and the release unit 20 of the portable terminal B in FIG. 14 is operated. Note that the authentication processing procedure between wearable queue C and portable terminal B is the same as that in FIG. 13, and therefore its illustration and description are omitted.

 [0117] In FIG. 15, it is assumed that the mobile terminal B is ready for use in accordance with the processing procedure of FIG. 13, and the transmission unit 10 of the mobile terminal B and the door lock of the vehicle are the same as in the processing procedure of FIG. This is the authentication process between the cancellation unit 20 of device A and the certificate authority.

 First, an authentication process between the mobile terminal B and the door lock device A of the automobile is performed. In other words, the transmission unit 10 of the portable terminal B transmits M-sequence data (M-sequence signal) as a call signal to the release unit 20 of the door lock device A of the automobile by a radio signal at a predetermined time interval (for example, every 2 seconds). ing. When the release unit 20 of the door lock device A of the automobile receives the M-sequence data transmitted from the transmission / reception unit 10 of the mobile terminal B, the release unit 20 compares it with the M-sequence data stored in its own internal memory (for example, flash memory). To do. This comparison is performed, for example, by a coincidence adding circuit. As a result of the comparison, a numerical value indicating the number of matched bits of both M series data is output as a pulse signal. When the number of matched bits is equal to or greater than a predetermined threshold (for example, threshold 24 for 31-bit M-sequence data) and the reception level of M-sequence data is greater than or equal to a predetermined value, that is, a door lock device When A and mobile device B are within a certain range (for example, several meters), the release unit 20 of the car door lock device A is acknowledged to the call (ACK) and stored in the internal memory. The door lock device A identification information (door lock device identification information) IDa is transmitted by radio signal.

 On the other hand, when the number of matched bits is less than a predetermined threshold value or the reception level is less than a predetermined value, the release unit 20 of the door lock device A transmits an ACK signal and door lock device identification information IDa. do not do. In this case, as described above, the release unit 20 can restrict the use of the door lock device A, and the door lock device A can be kept locked.

[0120] Upon receiving the ACK signal and the door lock device identification information IDa, the transmission unit 10 of the mobile terminal B receives the received door lock device identification information IDa and its own internal memory (for example, flash memory). The door lock device identification information IDa stored in the memory is collated (step S31).

 [0121] If the two door lock device identification information IDa is found as a result of the collation, the transmitting unit 10 recognizes that the release unit 20 is a release unit that makes a pair with itself. Send the identification information (terminal identification information) IDb of mobile terminal B stored in the internal memory, and send the matching information (including IDa and IDb information) to the certificate authority D. . On the other hand, if the two-door lock device identification information IDa does not match as a result of the collation, the release unit 20 recognizes that it is not a pair with itself and does not transmit the terminal identification information IDb. Of course, no matching information is sent.

 [0122] When the release unit 20 of the door lock device A of the automobile receives the terminal identification information IDb transmitted from the transmission unit 10 of the portable terminal B, the received terminal identification information IDb and the received terminal identification information IDb are stored in its own internal memory. The terminal identification information IDb is collated (step S32).

 [0123] If both terminal identification information IDb is found as a result of the collation, the canceling unit 20 recognizes that the transmitting unit 10 is a transmitting unit paired with itself, and the matching information (I (Including Da and IDb). On the other hand, if both terminal identification information IDb does not match, the transmitting unit 10 recognizes that it is not a transmitting / receiving unit paired with itself, and does not transmit matching information to the certificate authority.

 [0124] When the certificate authority D receives the matching information from the transmission unit 10 of the portable terminal B and the release unit 20 of the door lock device A of the automobile, it manages the contents of the matching information as described above. Confirm with the table (step S33). The certificate authority D confirms the received match information with the management table, and if no abnormality is detected, requests the mobile terminal B for an action history.

 [0125] The action history is history information related to the operation of the mobile terminal B, and is preferably information related to the door lock device A communication. For example, the communication time with the unlocking unit 20 of the door lock device A in the past, more specifically, information on the unlocking time (access time) and the communication with the releasing unit 20 Information about the place of time.

[0126] The mobile terminal B accumulates information related to its own action history and transmits it to the certificate authority D periodically or every access. Certificate Authority D registers the information related to the received action history as an action history database. The action history sent from mobile device B is at least the previous time Includes newly created action history (unsent action history) after sending.

 [0127] The certificate authority D confirms, for example, whether the action history power sent to register with the certificate authority D is from a genuine portable terminal by one of the following two confirmation methods.

 [0128] First, the mobile terminal B transmits to the certificate authority D together with the past action history (for example, the previous time) in addition to the unsent action history. The certificate authority D collates the transmitted past action history with the action history already accumulated in the certificate authority D, and determines whether there is a matching action history. If there is a matching action history, it is determined that the mobile terminal power is authentic, and if there is no matching action history, it is determined that the transmission is based on some fraud, such as transmission of clone device power. Certificate Authority D registers a new action history only when it is judged as an action history from a genuine mobile terminal.

 [0129] Second, in addition to transmitting an action history (at least not transmitted) from the mobile terminal B, the door lock apparatus A also transmits an action history to the certificate authority D. As described above, since the action history is history information related to communication between the mobile terminal B and the door lock device A, the door lock device A can create the same history information as the mobile terminal B and store it. Then, the action history (at least not yet sent) is sent to Certification Authority D periodically or every access. The certification authority D collates the action history transmitted from the mobile terminal B with the action history transmitted from the door lock device A, and determines whether or not they match. If both behavior histories match, it is determined that the transmission is from a genuine mobile terminal, and if they do not match, it is determined that the transmission is based on some injustice such as transmission of clone device power. Certificate Authority D registers a new action history only when it is determined to be an action history from a genuine mobile terminal.

 [0130] Of course, a confirmation process combining the first and second confirmation methods may be performed. In this case, both the mobile terminal B and the door lock device A transmit the past action history that has already been transmitted together with the newly created action history. The certificate authority D collates the newly created action history from the mobile terminal B and the door lock device A, and compares the past action histories of both of them against the database registered in its own database. , Double check process.

[0131] Alternatively, since the behavior history of the mobile terminal B is a history related to communication with the door lock device A, the door lock device A should also create the same behavior history as the behavior history created by the mobile terminal B. Can do. Therefore, the mobile terminal B may transmit the action history created by the door lock device A to the certificate authority D without transmitting the action history to the certificate authority. Since the purpose of the wireless authentication system of the present invention is to prevent unauthorized access to the door lock device A, it is not assumed in the present invention that the door lock device A is accessed and the action history is wiretapped. Therefore, the action history transmitted from the door lock device A can be determined to be authentic, and can be registered in the certificate authority D without performing the confirmation process as described above.

 FIG. 17 is a diagram showing an example of a database related to the action history of the mobile terminal B. In the example shown in Fig. 17, the action history information includes the telephone number, the self ID number (terminal identification information IDb), the door lock device ID number (IDa), the access time to the car (the communication with the door lock device release unit). Start time or end time), and position information (latitude / longitude information) at that time. The position information may not be other identification information such as an identification number of the base station. The information related to the action history is not limited to these. For example, when the portable terminal has a built-in thermometer, it may be the temperature at the time of communication with the door lock device.

 [0133] Each time the mobile terminal B communicates with the release unit 20 of the door lock device A, the mobile terminal B creates and accumulates information related to the action history. In addition, information on the accumulated action history is transmitted to Certification Authority D periodically (for example, about once a day) or each time. Therefore, Certificate Authority D also has a database having the same information as in FIG. 17 for each mobile terminal.

[0134] Although the clone device has the same function as a genuine portable device, it cannot be used by a legitimate user, and therefore cannot perform the same action as a genuine portable device. Therefore, the behavior history is different from that of a genuine portable device, and the same behavior history as that of a genuine portable device cannot be created. In addition, since the clone device cannot create an action history until the door lock is successfully released, it cannot register the action history of the clone device with the certification authority. If the action history cannot be registered, the door lock cannot be released successfully, so that the clone device cannot release the door lock device after all. Since the clone device has not succeeded in releasing the door lock device in the past, even if an action history is created, it is artificial, and it is exactly the same as the actual action history. I can't imagine doing it. Therefore, malicious third parties When attempting to release the door lock device using the device, the certificate authority requests the action history from the clone device, receives the action history from the clone device, and stores the action history in the certificate authority database. By comparing with, unauthorized use by a clone device can be detected.

 Returning to FIG. 15, the transmission unit 10 of the mobile terminal B transmits the requested action history.

 The requested action history may be, for example, one recent action history or a plurality of action histories.

 [0136] The certificate authority D collates with the received action history! And matches it (step S34). If there is a match, it is assumed that the authentication operation is performed by the authentic mobile device B with a valid user power. Send the unlocking permission signal to the door lock device A of the car. When the unlocking unit 20 of the door lock device A of the automobile receives the unlocking permission signal, it cancels the use restriction of the door lock device A and unlocks the door (step S35). Certificate Authority D also sends an unlock permission notification to the mobile terminal B that the unlocking of the door lock device A is permitted, and when the mobile terminal B receives the unlock permission notification, Is displayed on the display device (step S36). In addition, when an abnormality is detected such that the action histories do not match, the unlocking permission signal is not transmitted, so that the door lock device A remains locked. In addition, an unlocking disapproval notification indicating that unlocking has been permitted is transmitted to mobile terminal B, and when mobile terminal B receives it, it displays that effect.

 [0137] Thus, according to the second authentication processing procedure, in addition to the first authentication processing procedure, the illegal use by the clone device is further performed by performing processing for checking the action history of the mobile terminal B. Can be prevented.

 FIG. 18 is a diagram showing a second configuration example of the wireless authentication system in the embodiment of the present invention. In FIG. 18, the wireless authentication system includes a door lock device A of a controlled vehicle, a portable terminal B that can restrict use and unlock the door lock device A, and a wearable key unit that can restrict use of the portable terminal. C force is also configured. In other words, in comparison with Fig. 1, the configuration does not have certificate authority D.

FIG. 19 is a diagram showing a third authentication processing procedure according to the second configuration example of the wireless authentication system shown in FIG. The third authentication processing procedure is the same as that of the second authentication processing procedure shown in Fig. 15. Is Umono. Note that the authentication processing procedure between the wearable key unit C and the portable terminal B is the same as that shown in FIG.

 [0140] In FIG. 19, it is assumed that the mobile terminal B is ready for use in accordance with the processing procedure of FIG. 13, and the transmission unit 10 of the mobile terminal B and the door lock of the vehicle are the same as in the processing procedure of FIG. This is the authentication process between the release units 20 of device A.

 First, an authentication process between the mobile terminal B and the door lock device A of the automobile is performed. In other words, the transmission unit 10 of the portable terminal B transmits M-sequence data (M-sequence signal) as a call signal to the release unit 20 of the door lock device A of the automobile by a radio signal at a predetermined time interval (for example, every 2 seconds). ing. When the release unit 20 of the door lock device A of the automobile receives the M-sequence data transmitted from the transmission unit 10, it compares it with the M-sequence data stored in its own internal memory (for example, a flash memory). This comparison is performed by, for example, a coincidence / calo arithmetic circuit, and as a result of the comparison, a numerical value indicating the number of matched bits of both M series data is output as a pulse signal. If the number of matched bits is equal to or greater than a predetermined threshold (for example, threshold 24 for 31-bit M-sequence data) and the reception level of M-sequence data is greater than or equal to a predetermined value, that is, a door lock device When A and the mobile terminal B are within a predetermined range (for example, several meters), the release unit 20 of the car door lock device A receives an acknowledgment (ACK) for the call and is stored in the internal memory. Identification information of the door lock device A (door lock device identification information) IDa is transmitted by radio signal.

 [0142] On the other hand, when the number of matched bits is less than the predetermined threshold value or the reception level is less than the predetermined value, the release unit 20 of the door lock device A transmits the ACK signal and the door lock device identification information IDa. do not do. In this case, as described above, the release unit 20 can restrict the use of the door lock device a, and the door lock device A can be kept locked.

 [0143] Upon receiving the ACK signal and the door lock device identification information IDa, the transmission / reception unit 10 of the portable terminal B receives the received door lock device identification information IDa and the door lock device stored in its own internal memory (for example, a flash memory). The identification information IDa is collated (step S41).

[0144] If both door lock device identification information IDa is correct as a result of the collation, the transmitter 10 recognizes that the release unit 20 is a release unit that makes a pair with itself, and The mobile terminal B identification information (terminal identification information) IDb stored in the internal memory is transmitted. On the other hand If the door lock device identification information IDa is not correct, the release unit 20 recognizes that it is not a use restriction release unit that makes a pair with itself, and does not send the terminal identification information IDb.

 [0145] Upon receiving the terminal identification information IDb transmitted from the transmission unit 10 of the mobile terminal B, the release unit 20 of the automobile door lock device A receives the received terminal identification information IDb and the internal identification information stored in its own internal memory. The terminal identification information IDb is collated (step S42).

 As a result of the collation, when both terminal identification information IDb matches, the release unit 20 recognizes that the transmission unit 10 is a transmission unit paired with itself. On the other hand, if both terminal identification information IDb does not match, the transmitting unit 10 recognizes that it is not a transmitting / receiving unit paired with itself, and the portable terminal B remains unusable.

 [0147] When the terminal identification information IDb matches, the release unit 20 of the automobile door lock device A requests an action history from the portable terminal B. The contents of the action history have been described above with reference to FIG. In the third authentication processing procedure, the release unit 20 of the door lock device A accumulates the action history of the mobile terminal B. Since the action history is history information regarding communication between the mobile terminal B and the door lock device A as described above, the door lock device A and the mobile terminal B can create the same history information. Therefore, the door lock device A creates the same action history corresponding to the action history created by the mobile terminal B and stores it.

 [0148] The transmission unit 10 of the mobile terminal B transmits the requested action history. The unlocking unit 20 of the door lock device A collates with the received action history! (Step S43), and if it matches, the authenticating operation by a genuine mobile terminal with a legitimate user power is performed. If there is, the use restriction of the door lock device A is released, and the door lock is unlocked (step S44). At this time, the door lock device A sends an unlock notification to the mobile terminal B indicating that the door lock device A has been unlocked, and when the mobile terminal B receives the unlock notification, the mobile terminal B displays that notification. It may be displayed on the device (step S45). In addition, when an abnormality is detected such that the behavior histories do not match, the door lock device A remains locked and is not unlocked. In addition, an unlocking disapproval notice indicating that the mobile terminal B has not been unlocked is transmitted to the mobile terminal B, and when the mobile terminal B receives it, the mobile terminal B may display that fact.

[0149] As described above, according to the third authentication processing procedure, the certificate authority is collated with the action history! Since the action history is collated by the door lock device A, unauthorized use by the clone device can be prevented even without a certificate authority.

[0150] In ID verification between the door lock device A and the portable terminal B, the ID is encrypted and transmitted / received to prevent unauthorized acquisition of the ID due to wiretapping of the ID (IDa and IDb). . Since the ID encryption key and its decryption key impose a heavy load on a computing device such as a CPU, a high-performance CPU is required to transmit and receive the ID encryption key. On the other hand, in the third authentication processing procedure, it is not necessary to encrypt the ID. Therefore, there is an advantage that the burden on the CPU is greatly reduced. The reason is as follows. In the third authentication processing procedure, the action history is collated between the door lock device A and the portable terminal B in addition to the ID. As described above, this behavior history is the behavior of the genuine mobile terminal itself, and the clone device cannot imitate the behavior of the genuine mobile terminal itself. The action history is newly created every time the mobile terminal B and the door lock device A normally communicate, and the action history used for collation is updated as needed. In other words, the action history becomes information for identifying the mobile terminal B, which changes as needed, and thus has an effect substantially equivalent to encryption of the identification information of the mobile terminal B. Even if an action history is eavesdropped, the action history for verification is changed immediately thereafter, and unauthorized access based on the action history is impossible. Even if the ID of door lock device A or mobile terminal B is eavesdropped and received in plain text without being encrypted, the third authentication processing procedure does not match the action history. Unauthorized access is not allowed because it is necessary.

 [0151] As described above, the authentication based on the action history has substantially the same effect as encrypting information for identifying the mobile terminal. However, if the normal encryption created according to the prescribed encryption law is used, it may be decrypted, but the action history is the action of the mobile terminal itself, and it is encrypted according to some kind of law. However, since it has its own character like encrypted information, there is no risk of decryption. Also, since encryption and decryption processes are unnecessary, the load on the arithmetic device is reduced.

[0152] By the action history verification in the second and third authentication procedures described above, it is considered that illegal use by the clone device can be almost completely eliminated. The malicious third party is always near the authentic mobile terminal, and in the second authentication processing procedure, the action history transmitted by the authentic mobile terminal to the certificate authority is intercepted, and the action history data is sent to the clone device. It is also possible to incorporate. For example, a person acting together like an SP (malicious third party) escorting the president (a legitimate user) is definitely not impossible. Even in the third authentication processing procedure, no action history is eavesdropped because no action history is transmitted to the other party.

 [0153] In the following embodiment, a means is provided that is not intercepted by a malicious third party in the transmission of the action history from the mobile terminal to the certificate authority for storing (registering) the action history in the certificate authority. . Specifically, using another mobile terminal that is paired with the authentic mobile terminal, the action history of the authentic mobile terminal is transmitted to the certificate authority via another mobile terminal that is paired with the mobile terminal.

FIG. 20 is a diagram for explaining a method for transmitting an action history via another mobile terminal that is paired. When the authentic mobile terminal B and another mobile terminal E that is paired with each other fall within a predetermined range (several meters), wireless authentication is performed, and the authentic mobile terminal B goes to another mobile terminal E that is paired. Send a motion history. When another mobile terminal E receives the action history, it sends it to the certificate authority. Since the range in which a genuine mobile terminal B and another mobile terminal E paired with each other can communicate is very narrow (several meters), a malicious third party who has a clone device is close to a legitimate user. It is impossible to intercept it. In addition, since a malicious third party has no power to identify another mobile terminal E that is a pair of the authentic mobile terminal B, it is also necessary to intercept transmitted radio waves from another mobile terminal E. I can't. Therefore, the action history to the certificate authority can be transmitted without being intercepted by a malicious third party, and the production of a clone device with the same action history can be prevented.

FIG. 21 is a diagram for explaining the action history transmission processing via another form terminal. The identification signal transmission / reception unit 10 of the authentic mobile terminal B receives the M-sequence data as a four-signal signal to the identification signal transmission / reception unit 10 of another mobile terminal E paired at a predetermined time interval (for example, every 2 seconds). (M-sequence signal) is transmitted by radio signal. When the identification signal transmission / reception unit 10 of another mobile terminal E that is paired receives the M-sequence data transmitted from the genuine mobile terminal B, the M-sequence stored in its own internal memory (for example, flash memory) Compare with the data. This comparison is performed, for example, by a coincidence / adder circuit, and as a result of the comparison, a numerical force pulse signal representing the number of bits that coincide in both M series data is output. If the number of matched bits is equal to or greater than a predetermined threshold (e.g. threshold for 31-bit M-sequence data, value 24) and the reception level of M-sequence data is equal to or higher than a predetermined value, in other words, authenticity If the mobile terminal B and another mobile terminal E paired with each other are within a predetermined range (for example, several meters), the identification signal transmission / reception unit 10 of the other mobile terminal E paired will respond to the call. An acknowledgment (ACK) and door lock device identification information (terminal identification information) IDe stored in the internal memory are transmitted by radio signals.

 [0156] On the other hand, when the number of matched bits is less than a predetermined threshold value or the reception level is less than a predetermined value, the identification signal transmission / reception unit 10 of another portable terminal E that is paired with the ACK signal and the terminal Do not send IDe IDe.

 [0157] Upon receiving the ACK signal and the terminal identification information IDe, the transmitting unit 10 of the authentic mobile terminal B receives the received terminal identification information IDe and the terminal identification information IDe stored in its own internal memory (for example, a flash memory). Are matched (step S51).

 [0158] If both terminal identification information IDe is found as a result of the collation, the transmitting unit 10 of the mobile terminal B recognizes that the mobile terminal E is a mobile terminal paired with itself, and The mobile terminal identification information (terminal identification information) stored in the internal memory IDb and the action history accumulated are transmitted to another mobile terminal E as a pair. On the other hand, if the terminal identification information IDe is not correct as a result of the collation, the mobile terminal E recognizes that it is not a mobile terminal paired with itself, and does not transmit the terminal identification information IDb and the action history.

 [0159] Upon receiving the terminal identification information IDb and the action history transmitted from the mobile terminal B, the transmission unit 10 of another mobile terminal E that is paired with the mobile terminal B stores the received terminal identification information IDb and its own internal memory. The terminal identification information IDb is checked (step S52).

 [0160] If the terminal identification information IDb is matched as a result of the collation, the transmitting unit 10 of another paired mobile terminal E recognizes that the signal is a genuine mobile terminal B signal. The received action history is transferred to Certificate Authority D. On the other hand, if both terminal identification information IDb does not match, it is determined that the signal is not a genuine mobile terminal B, and the action history is not transmitted.

[0161] The certificate authority D has a correspondence table between the authentic mobile terminal B and another mobile terminal E paired with it. When the certificate authority D receives the action history from another paired mobile terminal E, the certificate authority D determines that the corresponding table power is the action history of the authentic mobile terminal B, and the authenticity of the authentic mobile terminal B Accumulated as an action history (step S53).

[0162] Since another mobile terminal E as a pair itself is a genuine mobile terminal and performs the same function as the function of mobile terminal B described above, mobile terminal E also stores its action history. Must be sent to Certificate Authority D. In this case, the mobile terminal B is not selected as the mobile terminal that is paired with the mobile terminal E, and another mobile terminal is selected. In other words, mobile terminal B and mobile terminal E are not in a paired relationship with respect to the transmission of the action history. This is because when a malicious third party manufactures a clone device for mobile terminal B, the mobile terminal E may happen to receive a call signal from mobile terminal E, which may identify the paired mobile terminal.

 [0163] Further, another mobile terminal E to be paired needs to come within a communicable range periodically, and it is preferable that communication is performed at least once a day, but once a week, 1 It does not matter even once a month. Furthermore, in order to prevent any other portable terminal E as a pair from being identified, it is preferable that the other portable terminal as a pair is changed as needed. Further, the other mobile terminal to be paired is not limited to the mobile terminal of another user, and may be, for example, another communication terminal owned by itself. For example, the charger of his / her portable terminal may be provided with a communication function capable of executing the authentication process of the above embodiment.

 Industrial applicability

The present invention relates to a wireless authentication system that performs personal authentication using radio waves, and can be used as a personal authentication means for a device that requires security.

[0165] Even if a clone device of a portable device that is a key of the controlled device is created and used illegally, access to the controlled device can be prevented. Therefore, identity authentication can be performed reliably and safely.

Claims

 The scope of the claims  [1] A wireless authentication method between a first communication device and a second communication device each having a radio signal transmission / reception function,  The first communication device determines that the transmission signal level from the second communication device is equal to or higher than a predetermined value, and receives identification information for identifying the second communication device from the second communication device. Then, the received identification information is collated with the identification information stored in the internal storage means of the first communication device, and the first authentication process for the second communication device is performed,  When the first communication device succeeds in the authentication of the second communication device by the first authentication process, the first communication device notifies the authentication result including the identification information to a remote certificate authority, and the certificate authority Collating the identification information included in the authentication result with the identification information stored in the internal storage means of the certificate authority, and performing a second authentication process on the second communication device;  When the certificate authority succeeds in authenticating the second communication device by the second authentication process, the use of the first communication device is restricted by the first communication device. Send a release permission signal to release the device usage restriction,  The wireless authentication method according to claim 1, wherein when the first communication device receives the release permission signal, the first communication device releases the use restriction of the device.  [2] In claim 1,  The second communication device determines that the transmission signal level of the third communication device power is equal to or higher than a predetermined value, and receives identification information identifying the third communication device from the third communication device. The received identification information is collated with the identification information stored in the internal storage means of the second communication device, and a third authentication process is performed on the third communication device. The wireless authentication method can communicate with the first communication device only while the third communication device is successfully authenticated by the third authentication process. [3] Between a first communication device and a second communication device each having a wireless signal transmission / reception function A wireless authentication method,  The first communication device determines that the transmission signal level from the second communication device is equal to or higher than a predetermined value, and receives identification information for identifying the second communication device from the second communication device. Then, the received identification information is collated with the identification information stored in the internal storage means of the first communication device, and the first authentication process for the second communication device is performed,  When the first communication device succeeds in the authentication of the second communication device by the first authentication process, the first communication device notifies the remote authentication station of the authentication result,  When the certificate authority requests action history information from the second communication device and receives the action history information from the second communication device, the certificate authority stores the received action history information in the internal storage unit of the certificate authority. A second authentication process is performed on the second communication device by collating with the action history information  When the certificate authority succeeds in authenticating the second communication device by the second authentication process, the use of the first communication device is restricted by the first communication device. Send a release permission signal to release the device usage restriction,  The wireless authentication method according to claim 1, wherein when the first communication device receives the release permission signal, the first communication device releases the use restriction of the device.  [4] In claim 3,  The second communication device determines that the transmission signal level of the third communication device power is equal to or higher than a predetermined value, and receives identification information identifying the third communication device from the third communication device. The received identification information is collated with the identification information stored in the internal storage means of the second communication device, and a third authentication process is performed on the third communication device. The wireless authentication method can communicate with the first communication device only while the third communication device is successfully authenticated by the third authentication process. [5] A wireless authentication method between a first communication device and a second communication device each having a wireless signal transmission / reception function, wherein the first communication device includes: When it is determined that the transmission signal level from the second communication device is equal to or higher than a predetermined value and the identification information for identifying the second communication device is received from the second communication device, the received identification information is In comparison with the identification information stored in the internal storage means of the first communication device, the first authentication process for the second communication device is performed,  After successful authentication of the second communication device by the first authentication process, the behavior history information of the second communication device is further received from the second communication device, and the received behavior is Collating history information with action history information stored in the internal storage means, and performing a second authentication process for the second communication device,  A wireless authentication method, wherein when the second communication device is successfully authenticated by the second authentication process, the use restriction of the device whose use is restricted by the first communication device is released.  [6] In claim 5,  The second communication device determines that the transmission signal level of the third communication device power is equal to or higher than a predetermined value, and receives identification information identifying the third communication device from the third communication device. The received identification information is collated with the identification information stored in the internal storage means of the second communication device, and a third authentication process is performed on the third communication device. The wireless authentication method can communicate with the first communication device only while the third communication device is successfully authenticated by the third authentication process. [7] In any one of claims 3 to 6,  The wireless authentication method, wherein the action history information includes history information related to communication of the second communication device with a first communication device. [8] In any one of claims 3 to 6,  The wireless history authentication method, wherein the action history information is information including at least one of a time and a position when the second communication device communicates with the first communication device. [9] In claim 3 or 4, The second communication device creates the action history information at a predetermined timing, stores the action history information in the internal storage unit of the second communication device, and transmits the created action history information to the certificate authority.  When the certificate authority receives the action history information, the certificate authority stores the action history information in an internal storage unit of the certificate authority.  [10] In claim 3 or 4,  The action history information includes history information related to communication of the second communication device with the first communication device,  The second communication device creates first action history information related to communication with the first communication device, stores the first action history information in the internal storage unit of the second communication device, and creates the created first Send action history information to the certificate authority,  The first communication device creates second action history information related to communication with the second communication device, stores the second action history information in the internal storage unit of the first communication device, and creates the second Send action history information to the certificate authority,  When the certificate authority receives the first action history information and the second action history information, the certificate authority determines whether or not both pieces of information match, and if they match, the first action history information Alternatively, the second action history information is stored in an internal storage unit of the certificate authority. [11] In claim 3 or 4,  The action history information includes history information related to communication of the second communication device with the first communication device,  The first communication device creates action history information related to communication with the second communication device, stores the action history information in an internal storage unit of the first communication device, and stores the created action history information in the first communication device. To the certificate authority,  When the certificate authority receives the action history information, the certificate authority stores the action history information in an internal storage unit of the certificate authority. [12] In claim 5 or 6, The second communication device stores action history information related to communication with the first communication device. Creating and storing the action history information in the internal storage means of the second communication device, wherein the first communication device includes information corresponding to the action history information created by the second communication device. A wireless authentication method, characterized in that action history information relating to communication with a second communication device is created, and the action history information is stored in an internal storage unit of the first communication device.  [13] In claim 3 or 4,  When the second communication device creates the behavior history information at a predetermined timing and determines that the transmission signal level of another communication device power is equal to or higher than a predetermined value, the second communication device transmits the created behavior history information to the another communication history information. To the communication device,  The another communication device transfers the received action history information to the certificate authority,  The certificate authority stores the received action history information as action history information of the second communication device in an internal storage unit of the certificate authority. [14] A wireless authentication system having a first communication device, a second communication device, and a certificate authority,  The first communication device is:  First determination means for determining whether or not a transmission signal level from the second communication device is equal to or higher than a predetermined value;  First receiving means for receiving identification information for identifying the second communication device from the second communication device;  When the first storage unit that stores the identification information of the second communication device in advance and the first determination unit determines that the value is equal to or greater than a predetermined value, the received identification information is First authentication means for performing authentication processing for the second communication device in comparison with the identification information stored in the storage means,  A first transmission unit for notifying the certification authority of an authentication result including the identification information when the second communication device is successfully authenticated by the first authentication unit;  Have  The second communication device is Second storage means for storing identification information of the second communication device in advance; A second transmission unit configured to transmit the identification information to the first communication device;  A certificate authority storage unit that stores identification information of the second communication device in advance; and the identification information included in the authentication result is collated with the identification information stored in the certificate authority storage unit; A certificate authority authenticating means for performing an authentication process on the communication apparatus; and when the second communication apparatus is successfully authenticated by the certificate authority means, the first communication apparatus uses the first communication apparatus. And a certificate authority transmitting means for transmitting a release permission signal for releasing the use restriction of the device for which the device is restricted, and the first communication device further receives the release permission signal, and receives the release permission signal. A wireless authentication system comprising a first releasing means for releasing the restriction.  [15] In claim 14,  Furthermore, a third communication device is provided,  The third communication device is:  A third storage means for storing the identification information of the third communication device in advance; a third transmission means for transmitting the identification information to the second communication device; The device further  Second determination means for determining whether or not a transmission signal level from the third communication device is equal to or higher than a predetermined value;  A fourth receiving means for receiving identification information for identifying the third communication device from the third communication device;  A fourth storage means for storing the identification information of the third communication device in advance; and if the second determination means is determined to be greater than or equal to a predetermined value, the received identification information is received as the fourth identification information. A second authentication means for performing authentication processing on the third communication device by collating with the identification information stored in the storage means;  And a second canceling unit that cancels the restriction on communication with the first communication device only while the authentication of the third communication device by the second authentication unit is successful. Wireless authentication system. [16] A wireless authentication system having a first communication device, a second communication device, and a certificate authority About The first communication device is: First determination means for determining whether or not a transmission signal level from the second communication device is equal to or higher than a predetermined value; First receiving means for receiving identification information for identifying the second communication device from the second communication device; When the first storage unit that stores the identification information of the second communication device in advance and the first determination unit determines that the value is equal to or greater than a predetermined value, the received identification information is First authentication means for performing authentication processing for the second communication device in comparison with the identification information stored in the storage means, A first transmission means for notifying the certificate authority of an authentication result including the identification information when the second communication device is successfully authenticated by the first authentication means; The second communication device is Second storage means for storing identification information of the second communication device and action history information of the second communication device; A second transmission means for transmitting the identification information to the first communication device and transmitting the action history information to the certificate authority; The IJ certificate authority A certificate authority storage unit that stores action history information of the second communication device in advance; and requesting action history information from the second communication device, and receiving the action history information from the second communication device. A certificate authority authenticating means for performing authentication processing on the second communication device by comparing the received action history information with the action history information stored in the certificate authority storage means; When the authentication of the second communication device by the certificate authority authentication means is successful, the use restriction of the device whose use is restricted by the first communication device is removed from the first communication device. A certificate authority transmitting means for transmitting the release permission signal, and the first communication device further comprises a first release means for releasing the restriction on use of the device when the release permission signal is received. A featured wireless authentication system. [17] In claim 16,  Furthermore, a third communication device is provided,  The third communication device is:  A third storage means for storing the identification information of the third communication device in advance; a third transmission means for transmitting the identification information to the second communication device; The device further  Second determination means for determining whether or not a transmission signal level from the third communication device is equal to or higher than a predetermined value;  A fourth receiving means for receiving identification information for identifying the third communication device from the third communication device;  A fourth storage means for storing the identification information of the third communication device in advance; and if the second determination means is determined to be greater than or equal to a predetermined value, the received identification information is received as the fourth identification information. A second authentication means for performing authentication processing on the third communication device by collating with the identification information stored in the storage means;  And a second canceling unit that cancels the restriction on communication with the first communication device only while the authentication of the third communication device by the second authentication unit is successful. Wireless authentication system. [18] A wireless authentication system comprising a first communication device and a second communication device, wherein the first communication device comprises:  First determination means for determining whether or not a transmission signal level from the second communication device is equal to or higher than a predetermined value;  First receiving means for receiving identification information for identifying the second communication device from the second communication device;  First storage means for storing identification information and action history information of the second communication device in advance; When the first determination unit determines that the value is equal to or greater than a predetermined value, the received identification information is collated with the identification information stored in the first storage unit to authenticate the second communication device. And successfully authenticate the second communication device by the authentication. Thereafter, the behavior history information of the second communication device is received from the second communication device, and the received behavior history information is collated with the behavior history information stored in the first storage means. A first authentication means for performing another authentication process for the second communication device; When the second authentication to the second communication device is successfully performed by the first authentication means, the use restriction of the device whose use is restricted by the first communication device is canceled. Have The second communication device is Second storage means for storing identification information of the second communication device and action history information of the second communication device; A wireless authentication system comprising: a second transmission unit configured to transmit the identification information to the first communication device.  In claim 18,  Furthermore, a third communication device is provided,  The third communication device is: A third storage means for storing the identification information of the third communication device in advance; a third transmission means for transmitting the identification information to the second communication device; The device further Second determination means for determining whether or not a transmission signal level from the third communication device is equal to or higher than a predetermined value; A fourth receiving means for receiving identification information for identifying the third communication device from the third communication device; A fourth storage means for storing the identification information of the third communication device in advance; and if the second determination means is determined to be greater than or equal to a predetermined value, the received identification information is received as the fourth identification information. A second authentication means for performing authentication processing on the third communication device by collating with the identification information stored in the storage means; And a second release means for releasing the restriction on communication with the first communication device only while the authentication of the third communication device by the second authentication means is successful. Wireless authentication system.  [20] In any one of claims 16 to 19,  The wireless authentication system, wherein the action history information includes history information related to communication of the second communication device with a first communication device. [21] In any one of claims 16 to 19,  The wireless history authentication system, wherein the action history information is information including at least one of a time and a position when the second communication device communicates with the first communication device.  [22] In claim 16 or 17,  The second communication device creates the action history information at a predetermined timing, stores the action history information in the second storage unit, and transmits the created action history information to the certificate authority.  When the certificate authority receives the action history information, the certificate authority is stored in the certificate authority storage unit. [23] In claim 16 or 17,  The action history information includes history information related to communication of the second communication device with the first communication device,  The second communication device creates first action history information related to communication with the first communication device, stores the first action history information in the internal storage unit of the second communication device, and creates the created first Send action history information to the certificate authority,  The first communication device creates second action history information related to communication with the second communication device, stores the second action history information in the internal storage unit of the first communication device, and creates the second Send action history information to the certificate authority,  When the certificate authority receives the first action history information and the second action history information, the certificate authority determines whether or not both pieces of information match, and if they match, the first action history information Alternatively, a wireless authentication system, wherein the second action history information is stored in the certificate authority storage means. [24] In claim 16 or 17, The action history information includes history information related to communication of the second communication device with the first communication device,  The first communication device creates action history information related to communication with the second communication device, stores the action history information in an internal storage unit of the first communication device, and stores the created action history information in the first communication device. To the certificate authority,  When the certificate authority receives the action history information, the certificate authority is stored in the certificate authority storage unit.  [25] In claim 18 or 19,  The second communication device creates action history information related to communication with the first communication device, stores the action history information in the second storage means,  The first communication device creates behavior history information related to communication with the second communication device including information corresponding to the behavior history information created by the second communication device, and the behavior history information is stored in the behavior history information. A wireless authentication system, characterized by being stored in a first storage means. [26] In claim 16 or 17,  When the second communication device creates the behavior history information at a predetermined timing and determines that the transmission signal level of another communication device power is equal to or higher than a predetermined value, the second communication device transmits the created behavior history information to the another communication history information. To the communication device,  The another communication device transfers the received action history information to the certificate authority,  The wireless certification system, wherein the certification authority stores the received behavior history information in the certification authority storage unit as behavior history information of the second communication device.