Key management system, communication device and key sharing method

The invention claimed is: 1. A key management system for communicating between a master station having a key management apparatus and a slave station having a plurality of terminal devices connected thereto via a network and the slave station sharing keys with the plurality of terminal devices, wherein the key management apparatus comprises: a receiving unit for receiving a key request including communication device identification information identifying a communication device of the slave station, multiple pieces of terminal device identification information respectively identifying the plurality of terminal devices communicating with the communication device, a challenge generated by the communication device, and a response respectively generated by the plurality of terminal devices using the respective terminal device unique keys with respect to the challenge; a device key generation unit for generating a communication device unique key of the communication device using the communication device identification information included in the key request, and generating the terminal device unique keys for the plurality of terminal devices using the multiple pieces of terminal device identification information included in the key request; an authentication information verification unit for verifying the challenge and the response using the generated terminal device unique keys; a common key generation unit for generating a common key shared by the communication device and the plurality of terminal devices when verification is successful by the authentication information verification unit; an encrypted common key generation unit for generating an encrypted common key obtained by encrypting the common key with the communication device unique key and encrypting the common key with the terminal device unique keys for the plurality of terminal devices; a key response generation unit for generating a key response including the encrypted common key; and a transmitting unit for transmitting the key response to the communication device. 2. The key management system according to claim 1 , wherein the key management apparatus and the plurality of terminal devices are manufactured by a plurality of manufacturers and the key management system is configured by combining the devices, and the common key generation unit generates a first manufacturer reproduction key using first manufacturer identification information identifying a manufacturer of the terminal device included in the key request, generates the communication device unique key using the first manufacturer reproduction key and the communication device identification information included in the key request, generates a plurality of manufacturer reproduction keys using multiple pieces of manufacturer identification information for respectively identifying the manufacturers of the plurality of terminal devices included in the key request, and generates the terminal device unique keys for the plurality of terminal devices using the plurality of manufacturer reproduction keys and the multiple pieces of terminal device identification information included in the key request. 3. The key management system according to claim 1 , wherein in the response, the first terminal device generates a first response by encrypting the challenge with a first terminal device unique key, the second terminal device generates a second response by encrypting the first response with a second terminal device unique key, further, the same process is sequentially performed by the plurality of terminal devices until an N-th terminal device generates an N-th response by encryption with an N-th terminal device unique key, and the N-th response is transmitted to the master station. 4. The key management system according to claim 2 , wherein in the response, the first terminal device generates a first response by encrypting the challenge with a first terminal device unique key, the second terminal device generates a second response by encrypting the first response with a second terminal device unique key, further, the same process is sequentially performed by the plurality of terminal devices until an N-th terminal device generates an N-th response by encryption with an N-th terminal device unique key, and the N-th response is transmitted to the master station. 5. The key management system according to claim 3 , wherein the authentication information verification unit generates a challenge by decrypting the response included in the key request by sequentially using the N-th terminal device unique key to the first terminal device unique key which are generated by the common key generation unit, and verifies whether the generated challenge matches the challenge included in the key request. 6. The key management system according to claim 1 , wherein in the response, the first terminal device generates a first authentication code for the challenge with the first terminal device unique key, the second terminal device generates a second authentication code for the first authentication code with the second terminal device unique key, further, the same process is sequentially performed by the plurality of terminal devices until an N-th terminal device generates an N-th authentication code with an N-th terminal device unique key, and the N-th authentication code is included in the response. 7. The key management system according to claim 6 , wherein the authentication information verification unit generates an authentication code by sequentially using the first terminal device unique key to the N-th terminal device unique key which are generated by the common key generation unit, and verifies whether the generated authentication code matches the response included in the key request. 8. A communication device sharing a key between first to N-th terminal devices provided in a product, wherein the communication device has configuration information storing network information of each of the first to N-th terminal devices, and comprises: an information request unit for generating an information request and transmitting the information request to the first terminal device with reference to the configuration information; a receiving unit for receiving an information response to the information request from the N-th terminal device; a common key request unit for generating a key request from the information response and transmitting the key request to a key management apparatus; a receiving unit for receiving an encrypted common key to the key request from the key management apparatus; a common key decryption unit for decrypting a first encrypted common key included in the encrypted common key using a communication device unique key of the communication device and obtaining the common key; and a common key distribution unit for transmitting other encrypted common keys included in the encrypted common key to the first to N-th terminal devices with reference to the configuration information. 9. The communication device according to claim 8 , wherein the information request includes a challenge generated by the communication device and the configuration information, the information response includes first to N-th pieces of terminal device identification information for respectively identifying the first to N-th terminal devices, and a response respectively generated by the first to N-th terminal devices using the respective terminal device unique keys with respect to the challenge, and the key request includes the challenge, the response, communication device identification information for identifying the communication device, and the first to N-th pieces of terminal device identification information.