To solve the problem that high-speed processing is difficult to be applied in a qualification authentication method, because unidirectional conversion function imposing a large processing load on a device at user side must be applied five times.

An authenticated device applies unidirectional conversion function X to a password information (S) and a random number N(n) to calculate a current mask information (A), and applies the unidirectional conversion function X to the generated random number N(n+1) and (S) to generate a next mask information (C), and applies unidirectional conversion function X, which does not employ (S), to (C) to calculate another next mask information (D), and specifies data where a constant is integrated into either of the current mask information and the like as a current mask information or a next mask information respectively, and transmits two data (α) and (β), which are exclusive OR of the next mask information and the current mask information, to an authenticating device. The authenticating device takes out the next mask information from the received (α) and (β) to verify relationship between the next mask information or relationship between the next mask information and the current mask information.

COPYRIGHT: (C)2003,JPO