Client device, key device, service providing apparatus, user authentication system, user authentication method, program, and recording medium

Assignee

• NIPPON TELEGRAPH AND TELEPHONE CORPORATION · JP

Inventors

• Yukio Tsuruoka · Tokyo, JP
• Shingo Orihara · Musashino, JP
• Kei Karasawa · Tokyo, JP
• Kenji Takahashi · Kaisei, JP

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/76
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

At user registration, a client device obtains a signature for a user ID, a password, and a public key by using a private key, and sends user information that includes the signature and the above-described information items to a service providing apparatus. The service providing apparatus verifies the signature by using the public key and stores the user information by which the password and the public key are associated with each other. When a request for a service is made, the client device allows authentication processing by sending to the service providing apparatus an authentication response that includes the user ID together with password authentication information, a signature for a challenge sent from the service providing apparatus, or a signature for the password and the challenge, irrespective of whether the authentication method for the service is password authentication, public key authentication, or public-key-and-password combination authentication.