An object of the present invention is to provide a technology to improve security against spoofing in a method of authentication using a challenge and response system.In the method of authentication of the present invention, the piece of challenge data is transmitted from the sever 10 to the terminal 20 (S104), and then the piece of response data, which is the decrypted challenge data (S105), is transmitted from the terminal to the server (S107). Further, whether the piece of response data is the piece of challenge data decrypted or not is judged based on encryption performed in the server 10 (S109). When the result of judgment is affirmative, the parameter used both for encryption and decryption is renewed to a parameter to be used in the next authentication (S111, S112).