Secure encrypted data communication system having physically secure IC cards and session key generation based on card identifying information

摘要

A secure encrypted data communication system between IC cards inserted in respective terminals. In order to encrypt plain text sent from a first terminal to a second terminal, a first IC card (51) receives a random number (r1) generated by a second IC card (52), and uses the number together with a secret key (ka) to generate a session key (ks1). The second IC card receives identification information (IDa) from the first IC card, and uses that information together with a master key (km) to obtain the secret key (ka), which is then used together with the random number to generate the same session key (ks1). Encryption of plain text sent from the second terminal to the first terminal can be done in a similar manner using a random number (r2) generated by the first IC card, and the identification information (IDb) of the second IC card.