The application is the applying date on July 18th, 2013, Application No. 201380073466.8, entitled " is used for
The divisional application of the application for a patent for invention of the CRUM chips and imaging device and its method of certification and communication ".
Embodiment
Reference will now be made in detail to embodiment, figure shows its example in the accompanying drawings, wherein, identical reference is logical
Identical key element is referred in.Embodiment is described below to explain the present invention by reference to figure.
Exemplary embodiment is discussed in detail below with reference to accompanying drawing.
In the following description, identical reference is used for similar key element.Such as detailed configuration and key element etc are provided
The event limited in the description, to help being fully understood by for exemplary embodiment.
Fig. 1 illustrates the configuration of the imaging device according to exemplary embodiment.As illustrated in figure 1, for example, imaging device
Including main body 100, the controller provided in main body 100 110 and can be installed in main body 100 can consumable unit 200.
Imaging device can be embodied in various types of equipment, such as printer, scanner, multifunctional equipment, facsimile machine or multiple
Print machine, it can form image on paper or in other various recording mediums.According to exemplary embodiment, main body 100 can
To be the main body of imaging device, and controller 110 can be master controller.
Controller 110 can be installed in the main body 100 of imaging device to control the function of imaging device.According to example
Property embodiment, controller 110 be control imaging device institute's functional master controller.
Can consumable unit 200 can be installed in the main body 100 of imaging device, and can be straight in an imaging device
One of ground connection or various types of units for being related to indirectly.For example, in the case of laser imaging apparatus, charhing unit, exposure
Light unit, developing cell, transfer printing unit, sedimentation unit, various types of rollers, transmission belt, and OPC drum can consume list
Member.In addition, can be defined as can consumable unit 200 for the various types of units that must be changed in using imaging device.
Each can consumable unit 200 can have the predetermined life-span.Therefore, can consumable unit 200 can include make
Can in due course between changed, micro- places of such as CRUM chips (customer's replaceable units monitor chip) 210 etc
Manage device and/or circuit.
CRUM chips 210, which can be installed in, in consumable unit 200 and to record various information.CRUM chips 210 wrap
Include memory.Therefore, with various terms CRUM chips 210 can be referred to, (customer can for such as memory cell or CRUM memories
Change monitoring units memory), but for the sake of the convenience of explanation, term " CRUM chips " will be used.
In memory provided in CRUM chips, can store on can consumable unit 200, CRUM chips in itself,
Or the various characteristic informations of imaging device, and also on the use information or program for carrying out imaging job.
The various programs being stored in CRUM chips can not only include common application, and including O/S (operation systems
System) program and encipheror.Can characteristic information include on can consumable unit 200 manufacturer information, on into
The title of information, installable imaging device as the manufacturer of equipment, the information on build date, sequence number, model name,
Electronic signature information, encryption key and encryption key indices.Use information can include following information:Such as so far
How many paper are have printed, how many paper can be printed from now on and are left how many toner.Characteristic information can also be instead
It is referred to as unique information.
According to exemplary embodiment, the information as illustrated in Table 1 below can be stored in CRUM chips 210.
Table 1
In the memory of CRUM chips 210, can store can consumable unit 200 approximate information and letter on the life-span
Breath, information and can consumable unit 200 setting menu.In addition to the main body of imaging device, it is provided for that list can be consumed
O/S in member can be stored in memory.
CRUM chips can include CPU (not shown), and it can manage memory, perform storage in memory various
Program, and perform the communication with the main body of imaging device or the controller of other equipment.
In addition to the initialization of imaging device, CPU can drive the O/S being stored in the memory of CRUM chips, and hold
Row can consumable unit 200 initialization of itself.When initialization has been completed or during initialization, CPU can perform imaging
Certification between the main body of equipment.Once initialization is completed, then the encrypted data communications with the main body of imaging device can be performed.
The various orders transmitted from the main body of imaging device and data can be encrypted and transmitted according to any AES.
In particular event, for example, such as when with can the electric power of imaging device of consumable unit 200 opened when, or
When can consumable unit 200 by demolition and when then being attached to the main body 100 of imaging device again, except controller 100 just
Begin outside the pale of civilization, CPU can perform the initialization of itself.Initialization includes various processing, such as initially drives can consumable unit 200
The middle various application programs used, the secrecy calculated required in communicate with the data of controller 110 upon initialization are believed
Cease, establish communication channel, initialization memory value, check when change itself, set can consumable unit 200 inside deposit
Device value and setting internal-external clock signal.
Register value, which is configured, can be defined as setting function register value that can be inside consumable unit 200 to cause
Can consumable unit 200 can be according to the predetermined various functions state of user to operate operation.Internal-external clock is set
Signal refers to the frequency of the external timing signal provided from the controller 110 of imaging device being adjusted to and can consumable unit
The consistent operation of internal clock signal that CPU inside 200 is used.
Check that it itself can be surplus, the expection for identifying toner or ink used to date when to change
When the operation of ink or toner and notification controller 110 will be finished.Once toner amount is determined in initialization procedure
Have run out, then can consumable unit 200 can be embodied in controller 110 and notify it to be in inoperable state.Because
Can consumable unit 200 itself there is O/S, it is possible to according to can consumable unit 200 type and characteristic perform all kinds
Initialization.
Once CPU is mounted and provides O/S, then when imaging device is opened, asked and unit in controller 110
200 communication before, can identify be stored in memory cell 210 can consumable unit surplus or refilling number.Cause
This, compared with before, can carry out earlier notice can consumable unit the short time.For example, when toner lacks, use
Family can be with power-on, and then carries out being transformed into the adjustment of toner save mode and then perform imaging.This is also fitted
Situation when lacking for only specific toner.
Untill being initialized and being then done, CPU can not respond to the order of controller 110.
Wait-for-response while periodically transmission order of controller 110, untill it response be present.
Therefore, when receiving the response as confirmation, certification can be performed between controller 110 and CPU.In the feelings
Under condition, because O/S is installed in CRUM chips 210 in itself, it is possible to by between CRUM units 210 and controller 110
Interaction perform certification.
Controller 110 will be encrypted for the data of certification or order and send it to CRUM chips 210.Transmitted
Data in, arbitrary value R1 can be included.Here, R1 can be the random value changed in each certification, or can be pre-
The fixed value first determined.The CRUM chips for receiving data generate part of key using arbitrary value R2 and the R1 received
(section key), and generated part of key is then used to generate MAC (message authentication code).
Controller 110 is sent to including the MAC generated and foregoing R2 signal.Controller 110 uses what is received
R2 and R1 generates part of key, uses generated part of key to generate MAC, and the then MAC by that will be generated
CRUM chips 210 are relatively proved compared with the MAC in received signal.According to each exemplary embodiment, electronic signature letter
Breath or key information can be transmitted in such authentication processing and used in the certification.
Once being successfully authenticated, then controller 110 and CRUM chips perform encrypted data communications for data management.
That is, when inputting user command or when imaging job has been initiated or is completed, controller 110 uses encryption
Algorithm encrypts order or the data for performing digital independent, write-in or additional function, and is then transferred to CRUM
Chip 210.
CRUM chips 210 can decode received order or data, and perform such as corresponding with the order of decoding
Digital independent or write-in etc operation.The AES used in CRUM chips 210 or controller 110 can be standard
Change AES.When encryption key has leaked or when needing to strengthen safe, such AES is variable.It can make
With the various AESs of such as RSA asymmetric key algorithms, ARIA, TDES, SEED, AES symmetric key algorithm etc.
As such, between CRUM chips 210 and controller 110, can be performed a plurality of times for the logical of certification and data exchange
Letter.In each communication, signal is transmitted from controller 110 to CRUM chips 210, and or vice versa.In this case, passed
The signal sent includes being used to detect the error detection data of the integrality for the data being included in corresponding signal.Such mistake
Detection data are by the accumulation to error detection data included in the signal for transmitting or receiving from earlier communication
And the data generated.
That is, between controller 110 and CRUM chips 210, multiple communications, such as certification 1, certification can be performed
2nd, certification 3 ..., certification n, data communication 1, data communication 2 ..., data communication m.According to exemplary embodiment, each
In the signal transmitted during communication or in some processing of communication, integrity check data can be included.In such integrality
Detect in data, be cumulatively reflected in the integrity check data used in previous communication.
The integrality of corresponding signal is detected using the integrity check data in signal in the side for receiving signal.Cause
This, when it is determined that corresponding data are complete, performs next operation or subsequent communication.Record is received if necessary
Data, then can temporarily it store including data in the signal and integrity check data.Can use will be sent to biography
Sent the subsequent data of the side of signal and received from earlier communication and integrity check data next life for being temporarily stored
Cheng Xin integrity check data.Therefore, the new integrity detection of signal can be added with to subsequent data transmission
Data.Between controller 110 and CRUM chips 210, it can be performed a plurality of times including the such of such integrity check data
Communication.When performing the communication including last integrity check data, can use in last letter received
Number integrity check data included performs final detection.If final detection has no problem, can record straight
All data being thitherto temporarily stored.
Fig. 2 illustrates the example between controller 110 and CRUM chips 210 of the exemplary embodiment according to the disclosure
Property communication process.According to Fig. 2, controller 110 transmits the first signal 10 for including data 1 and integrity check data 1.Receive
The CRUM chips 210 of first signal 10 use integrity check data 1 and the next life of data 2 being included in the first signal 10
Into integrity check data 2.CRUM chips 210 transmit the secondary signal for including data 2 and integrity data 2 to controller 110.
As such, the signal of the integrity check data generated including the use of the integrity check data from earlier communication is performed a plurality of times
(30,...,N)。
To the data transmitted to be carried out to the end value of logic calculus, by predetermined public affairs in data applied mathematics
End value that formula is generated or the end value (that is, MAC) that data are encrypted are used as integrity check data.
Fig. 3 illustrates the detection method using integrity check data.According to Fig. 3, when receiving including data a and complete
Property detection data a signal when (S310), integrity check data a separates (S320) by CRUM chips 210.
CRUM chips 210 are using remainder data and in previous communication period communicated integrity check data next life
Into integrity check data a ' (S330).CRUM chips 210 then by therefore and generate integrity check data a ' with separating
Integrity check data a compare (S340), and if they are identicals, it is determined that be complete (S350).If
They are not identicals, then CRUM chips 210 determine that data are in error condition, and stop communicating (S360).To understand
For the sake of the convenience released, below, integrity check data a ' will be referred to as being subjected to the data compared.
When it is determined that corresponding data are complete, generated by using by the data transmitted b with detection data a
Whole property detection data b (S370).Therefore, being transmitted to controller 110 includes data b and integrity check data b signal
(S380)。
Fig. 3 illustrates the exemplary detection processing for example performed in CRUM chips 210, but can also be in controller
Identical processing is performed in 110.That is, when controller 110 receives the letter including data b and integrity check data b
Number when, it separates integrity check data b, and perform detection.The detection method is similar to S330 to S370, and therefore will
Omit the explanation and illustration repeated.
It can be matched somebody with somebody with all kinds to design the signal for transmitting between controller 110 and the CRUM chips 210 and receiving
Put.That is, the data included in the signal can include at least one of the following:Order, by the information being recorded, close
Object information in the operation according to order, the integrity detection on being related to previous received signal object information and
Notify the indicator information of the position of integrity check data.Can initially it be passed between controller 110 and CRUM chips 210
The object information on integrity detection is excluded in the signal for sending and receiving.Method for detecting integrity data can be used for
Each traffic operation in above-mentioned communication process, but can also be applied only for when necessary during whole communication process
Some or important traffic operation.
Fig. 4 illustrates using (for example, those forms different from Fig. 2) signal with different forms complete to detect
The exemplary embodiment of the processing of property.According to Fig. 4, controller 110 transmits the signal for including data and integrity check data 1
(S410).Here, data include reading order (CMD) data 1 and designator U1.Reading order (CMD) data 1 not only include
Order and including reading target or storage address.U1 refers to taking the indicator information after order (CMD) data 1.
Indicator information U1 refers to the symbol of the position of the parsing of the integrity check data in notification signal.Indicator information can be with
It is represented as the bit of fixed qty.For example, five bytes can be used for indicator information.On the other hand, reading order
(CMD) data 1 are variable according to the content of data, and therefore the size of integrity check data 1 is also variable.
Upon receipt of the signal, CRUM chips 210 use complete to perform including integrity check data 1 in the signal
Property detection (S415).CRUM chips 210 can use the data that will be transmitted and integrity check data 1 to generate integrality inspection
Data 2 are surveyed, and transmission includes these signal (S420).As illustrated in figure 4, by the signal transmitted, include
As according to reading order (CMD) data 1 from the reading number for providing the data read in memory that can be in consumable unit 100
Result data 2, designator U2 and the integrality of the result of the operation performed according to 1, instruction according to reading order (CMD) data 1
Detect data 2.
Integrity check data 2 is separated and performs integrity detection (S425) by controller 110 from received signal.
Then, if there is subsequent reading order (CMD) data 3, then controller 110 uses reading order (CMD) data 3 and complete
Property detection data 2 generate integrity check data 3, and it is several then to include reading order (CMD) to the transmission of CRUM chips 210
According to 3, designator U3 and the signal (S430) of integrity check data 3.
As illustrated in figure 4, for example, performing (S440, S450, S460, S470, S485) uses multiple integrity detection numbers
According to 4,5,6, T1 and T2 communication, behind be therefore integrity detection (S435, S445, S455, S465).When from CRUM chips
210 when receiving final signal of communication (S470), and CRUM chips 210 use the integrality included in final signal of communication
Data T1 is detected to detect the complete of data that are having transmitted and received in the communication process of whole and being temporarily stored
Property (S475).If determine that data are data storages that is complete, will being temporarily stored as the result finally detected
In nonvolatile memory (not shown) (S480).Similarly, when transmitting final signal of communication from CRUM chips 210,
Controller 110 also uses the integrity check data T2 included in final signal of communication to perform whole integrity detections
(S490).Therefore, if it is determined that data are complete (S495), then by the data storage being temporarily stored non-volatile
In memory.
Made by accumulating the integrity check data used in previous communication to generate in such communication process
Integrity check data.
According to exemplary embodiment, integrity check data can be handled as follows:
Integrity check data 1=E (read CMD data 1 | U1)
Integrity check data 2=E (read CMD data 2 | result data 2 | U2 | integrity check data 1)
Integrity check data 3=E (read CMD data 3 | U3 | integrity check data 2)
Integrity check data 4=E (read CMD data 4 | result data 4 | U4 | integrity check data 3)
Integrity check data 5=E (write-in CMD data 5 | U5 | integrity check data 4)
Integrity check data 6=E (read data 6 | U6 | integrity check data 5)
Integrity check data T1=E (write-in CMD data L1 | U-T1 | integrity check data T1-1)
Integrity check data T2=E (result data L2 | U-T2 | integrity check data T1).
In aforementioned formula, item " E () " indicates the predetermined formula of application to obtain the function of end value.As such, can
With according to by previous integrity check data with the whole data transmitted are added, using such as XOR (XOR) etc
Various logic calculate, according to data to be brought into the result of other known formula between controller 110 and CRUM chips 210
Obtained value, and the value obtained according to the result by being encrypted using various above-mentioned various AESs are complete to generate
Property detection data.
Fig. 5 illustrates can consumable unit 200200-1,200- according to the exemplary embodiment, plurality of of the disclosure
2 ..., 200-n is provided at the exemplary imaging device in main body 500.
As illustrated in Figure 5, imaging device includes controller 510, user interface section 120, interface unit 130, deposited
Storage unit 140 and it is multiple can consumable unit 200-1,200-2 ... 200-n.
User interface section 120, which performs, to be received various orders from user or shows and notify the role of various information.With
Family interface unit 120 can include LCD or light-emitting diode display, at least one button, or loudspeaker.It can also be according to environment
And including touch-screen.
Interface unit 130 refer to wired connection to be connected and/or wirelessly with main PC or various external equipments
Connect to perform the configuration of communication.Interface unit 130 can include various types of interfaces, and such as local interface, USB is (general
Universal serial bus) interface and radio network interface.
The role of various programs or data necessary to memory cell 140 performs storage driving imaging device.
Controller 510 performs the role of all operationss of control imaging device.Controller 510 is to passing through interface unit 130
The data of reception are handled, and processed data is converted to the form that can form image.
Controller 510 using it is multiple can the 200-1,200-2 of consumable unit 200 ..., 200-n is held to the data changed
Row imaging job.Depending on the type of imaging device, can provide in a variety of ways can consumable unit.
It is charhing unit, exposing unit, developing cell, transfer printing unit, sedimentation unit, each in the case of laser printer
Roller, transmission belt and the OPC drum of type can be can consumable unit.
It can include the first CRUM chips to n-th in consumable unit 200-1,200-2 ..., 200-n each
CRUM chip 2210-1,210-2 ..., 210-n.
Each CRUM chips can include memory and CPU etc..Crypto module, tampering detection device, interface can be included
Unit, the clock unit (not shown) for exporting clock signal generate the random value generation unit of random value for certification (not
Diagram) in it is at least one.
Password unit is (not shown) to support AES so that CPU (not shown) is able to carry out the certification with controller 510
Or coded communication.Password unit can support such as RSA, ECC asymmetric key algorithm and ARIA, TDES, SEED and AES couple
The algorithm of determination among multiple AESs of title key algorithm etc.Controller 510 can also support multiple AESs
Among corresponding algorithm.Therefore, controller 510 can identify can use in consumable unit 200, utilize for which kind of AES
The AES continues, and performs coded communication.
Therefore, even if when issuing key, regardless of applied to can consumable unit 200 AES species, it is close
Key can be easily installed in main body 100 and perform coded communication.
Tampering detection device (not shown) is the unit for being used to defend various physics hacker's behaviors to attempt (that is, distorting).Distort
The operating environment of detector monitors such as voltage, temperature, pressure, light and frequency etc, and when in the presence of such as decap's etc
During trial, wipe or physically prevent data.In this case, tampering detection device can have single electric power.
O/S memories, nonvolatile memory or volatibility can be included by providing the memory inside CRUM chips 210
Memory.O/S memories (not shown) can store for drive can consumable unit 200 O/S.Nonvolatile memory is (not
Diagram) it can with non-volatile store various data.In the nonvolatile memory, various information, such as electronics label can be stored
Name information, various cryptography informations, on can consumable unit 200 state information (for example, remaining toner amount, when
Exchange volume residual etc. of toner, printing paper), unique information is (for example, manufacturer's information, build date information, sequence
Number, the model name of product etc.) and A/S information.Received data can be stored in during being communicated with controller
In nonvolatile memory.
Volatile memory (not shown) may be used as operating required temporary memory space.In volatile memory
In, it can be stored temporarily in communication every time and be confirmed as complete data and the integrity detection number used in each determine
According to.
Interface unit (not shown) play connection CPU and controller role and can be embodied in serial line interface or
Wave point.Because compared with parallel interface, serial line interface uses the signal of lesser amt, so it has cost-effective effect
Fruit, and in addition, in it the operating environment of much noise be present --- such as in printer, it is appropriate.
CRUM chips may be provided in it is each can be in consumable unit.Each CRUM chips can perform and controller and its
The communication of his CRUM chips.In communication period, generated by accumulating the integrity check data used in previous communication
New integrity check data transmitted.
Fig. 6 illustrates the imaging device of the exemplary embodiment according to the present invention.As illustrated in Figure 6, for example, imaging
Equipment includes controller 610 and interface unit 630, and controller 610 include data processing unit 111, generation unit 112,
Detection unit 113 and control unit 114.
Data processing unit 111 generate by be sent to installed in can be mounted on an imaging device can consumable unit
On CRUM chips data.Data include order and will be at least one in the information by command process.That is, reading
In the case of taking order, the address for the memory that will be read can be transmitted together or on by the information for the object being read.
In case of a write command, the information that will be recorded can be transmitted together.Data processing unit 111 can be by data as it is
Output can export with encryption data and then.The order such as certification can be generated in data processing unit 111
Etc various orders and the information relevant with those orders.Can before imaging job is performed, during it, or its it
After frequently generate these order and information.For example, when imaging device is opened, or when can consumable unit 200 be disassembled simultaneously
And when being then attached again, or when have input the initialization command on imaging job, controller 110, which can transmit, to be used for
Can consumable unit 200 certification authentication command or reading order.Therefore, controller 610 can be identified can consumable unit 200
The various information of management in itself, or can store it in the memory cell 140 of main body of imaging device 100.
Complete perform imaging job during or after which, data processing unit 111 can pair can consumable unit 200 give birth to
The information on consuming item is recorded into writing commands and corresponding information, i.e. on ink or toner, number of print pages
Amount, the information of print point quantity, and the historical information of the user on performing printing.
Generation unit 112 generates integrity check data using the data exported from data processing unit 111.Generation is single
Logical calculated that the data exported from data processing unit 111 can simply be added up, performed such as XOR etc by member 112,
Predetermined mathematical formulae is updated to, or carrys out encryption data using AES, and output result value is used as integrality
Detect data.If there is the integrity check data used in previous communication, then generation unit 112 is even accumulated together
The previous integrity check data with reflection, and generate integrity check data.
The integrity check data generated in generation unit 112 is added to what is generated in data processing unit 111
Data and it is sent to interface unit 630.In figure 6, it is illustrated that be as the output of data processing unit 111 is merely provided
Output to generation unit 112, but data processing unit 111 can be provided directly to interface unit 630 or be provided
Give multiplexer (not shown).In the case where providing multiplexer, the output of generation unit 112 is also provided to multiplexer, and
The output of generation unit 112 can be sent to interface wherein to include the signal form of data and integrity check data together
Unit 630.
Interface unit 630 transmits the signal for including data and the first integrity check data to CRUM chips 210.
Interface unit 630 can receive response signal from CRUM chips 210.For the sake of the convenience of explanation, from interface list
The signal of member transmission will be referred to as the first signal, and will be referred to as secondary signal from the signal of CRUM chips transmission.
It is that wherein the first integrity check data has been tired out in the second integrity check data that secondary signal includes
Product and the data being reflected.
Detection unit 113 separates the second integrity detection included in the secondary signal received by interface unit 630
Data, and detect the integrality of the data included in secondary signal.More specifically, detection unit 113 is complete in separation second
Applied and CRUM chips on remainder data after the integrity check data that whole property detection data and controller 610 had previously transmitted
Known method between 210, and generate integrity check data.
The second integrity detection that detection unit 113 separates the integrity check data of therefore generation with from secondary signal
Data compare, and determine whether they are identicals.If they are identicals, corresponding to the determination of detection unit 113
Data are complete, and if they are not identicals, then data corresponding to the determination of detection unit 113 are in error condition
In.
Control unit 114 performs subsequent communication according to the testing result made by detection unit 114.That is,
If it is determined that secondary signal includes the data being in error condition, then control unit 114 can stop subsequent communication or enter
Another trial of row.If it is determined that secondary signal is in normal condition --- i.e., in complete state, then control unit 114 is held
The subsequent communication of row.
According to exemplary embodiment, once it is determined that corresponding data are in complete state, then control unit 114 can incite somebody to action
Corresponding data directly store memory cell 140.
According to exemplary embodiment, control unit 114 can be stored temporarily in the data and integrality that communication obtains every time
Data are detected, and once complete final communication, then the data being temporarily stored are recorded in memory cell 140.
Fig. 7 illustrates the imaging device according to exemplary embodiment.As illustrated in fig. 7, except including data processing list
Outside member 711, generation unit 712 and the controller 710 of detection unit 713 and control unit 714, it is single that main body 700 includes storage
Member 740 and interface unit 730.Memory cell 740 includes interim memory cell 741 and memory cell 742.
Therefore, in interim memory cell 741, it can temporarily store and be confirmed as complete data and integrity detection number
According to.The integrity check data being temporarily stored can be used during integrity detection in subsequent communication process.
That is, after CRUM chips 210 are sent in the first signal including the first integrity check data
When transmitting the secondary signal on the first signal, detection unit 713 separates the second integrity check data from secondary signal, and
New integrity check data is generated using remaining data and the integrity check data being stored in interim memory cell 741,
It is subjected to the data compared.Thereafter, detection unit 713 is by newly-generated integrity check data and interim memory cell 741
The second integrity check data compare, and the complete of secondary signal or the data included in secondary signal can be determined
Property.
If the subsequent data of CRUM chips 210 will be sent to by existing in secondary signal is complete state,
Generation unit 712 can for example generate the 3rd integrity detection number based on subsequent data and the second integrity check data
According to.Therefore, interface unit 730 transmits the 3rd integrity check data to CRUM chips 210 and includes the 3rd of subsequent data
Signal.That is, as illustrated in Fig. 2 into Fig. 4, communication is performed a plurality of times in controller and CRUM chips.
Detection unit 713 can use final integrity detection number included in the signal received in communication process
Final detection is performed according to the integrality come to whole signals in received during communications.That is, as it was previously stated, by tired
Previous integrity check data is accumulated and checked to generate in communication period transmission and the integrity check data received, and because
This final integrity check data is including the first integrity check data since most to just in current integrity detection
All data before data.Therefore, if determining that data are complete using final integrity check data, based on institute
It is reliably to judge to have Content of Communication, and when performing the communication for needing to record, all data temporarily stored are stored in storage
In memory cell 742 in unit 740.
In the first communication period, controller 710 and CRUM chips 210 include notifying that this is the designator of the first communication, and
And signal is then transported on, and in final communication period, including notify that this is the designator finally to communicate, and be then transported on
Signal.Therefore, when determining this point from the signal received from counterparty, controller 710 and CRUM chips 210 perform foregoing
Final detection, and store data into memory cell 742.
According to exemplary embodiment, when completing an imaging job, or each unit with the predetermined period,
It is able to carry out such final detection.Also can be in user command of the input for data storage, in input on imaging
In certification imaging device and it can perform during the shutdown command of equipment or during consumable unit.
Fig. 6 and Fig. 7 is illustrated includes example data processing unit, generation unit, detection unit and control in the controller
Unit processed, but it may be not necessarily limited to such embodiment.That is, in addition to controller, data processing list can be provided
It is at least one in member, generation unit, detection unit and control unit.In this case, with Fig. 1 into Fig. 4 it is illustrated not
Together, controller can only perform original function, and can pass through data processing unit, generation unit, detection unit and control
Unit processed performs the communication with CRUM chips 210.
Fig. 8 illustrates the configuration of the CRUM chips 810 according to the exemplary embodiment of the disclosure.Go out as illustrated in fig. 8
, CRUM chips 810 include interface unit 811, detection unit 812, generation unit 2813, data processing unit 814, control list
Member 815, interim memory cell 816 and memory cell 817.
Interface unit 811 receives from the main body (especially, the controller in main body) of imaging device includes first
First signal of data and the first integrity check data.
Detection unit 812 detects the integrality of the first signal from first the first integrity check data of Signal separator.
The detection method of detection unit 812 is similar in the detection method shown in above figure, and therefore will omit the explanation repeated.
When it is determined that the first signal is complete, interim memory cell 816 temporarily stores the first data and the first integrality
Detect data.
When the second data of the main body that must be communicated to imaging device be present, the generation of data processing unit 814 second
Data.
Generation unit 813 uses the second generated data and the first integrity check data to generate the inspection of the second integrality
Survey data.
Main body transmission of the control interface unit of control unit 815 to imaging device includes the second data and the second integrality is examined
Survey the secondary signal of data.In addition, control unit 815 controls all operationss of CRUM chips.That is, as it was previously stated, work as
When CRUM chips have O/S in itself, control unit 815 can use O/S driving CRUM chips.Once store initialization journey
Sequence, then it can dividually perform initialization with the main body of imaging device.
Control unit 815 performs each orders corresponding operation with what the main body from imaging device received.Namely
Say, upon receiving the reading command, control unit 815 reads the data being stored in memory cell 817 according to the order, and
Imaging device is transferred data to by interface unit 811.In managing in this place, integrity check data can be added.
Meanwhile when the 3rd signal includes the 3rd integrality by accumulating and the second integrity check data of inspection is generated
When detecting data, detection unit 812 performs integrity detection to the 3rd signal.
Upon communication completion, detection unit 812 uses included final in the signal received during the communication
Integrity check data detects the whole signals received during imaging job is performed.It is logical when being completed in good working condition
During letter, if necessary, then interim memory cell 816 by the data storage being temporarily stored in memory cell 817.
That is, upon communication completion, control unit 815 controls detection unit 812 to use final integrity detection
Data perform final detection.Therefore, data corresponding to being determined when the result as final detection in detection unit 812
When being complete, if necessary, control unit 815 exists the data storage being stored temporarily in interim memory cell 816
In memory cell 817.
The operation of CRUM chips 810 in Fig. 8 is similar to the operation of the imaging device in Fig. 7.That is, such as in Fig. 1
It is illustrated into Fig. 4, the controller of imaging device and can consumable unit CRUM chips perform correspond similarly to it is mutual
Operation.Therefore, both sides should generate integrity check data, and should have and use generated integrity check data
Carry out the algorithm of perform detection.
Fig. 9 illustrates the communication means of the exemplary embodiment according to the disclosure.Can in the main body of imaging device institute
In the controller of offer, or the communication means illustrated in Fig. 9 is performed in CRUM chips that can be provided in consumable unit.
As illustrated in Fig. 9, as data (S910) that generation will be transmitted, generated using the data of generation complete
Property detection data (S920).
Thereafter, generated integrity check data and the signal (S930) including data are transmitted.
Therefore, the response signal corresponding with the signal transmitted (S940) is received from counterparty.In response signal,
Including by accumulating and checking the new integrity check data generated from the integrity check data of S930 transmission.
Integrity detection (S950) is performed using integrity check data included in response signal.
Therefore, according to exemplary embodiment, cumulatively can be determined every time using previous integrity check data
The integrality of communication.
Figure 10 illustrates the communication means according to exemplary embodiment.As illustrated in Figure 10, when generation will be transmitted
During data (S1010), integrity check data (S1020) is generated based on the data.Thereafter, transmission includes data and integrality
Detect the signal (S1030) of data and receive the response signal (S1040) on the signal.Therefore, divide from response signal
From integrity check data (S1050).
It can be come using the remaining data and existing integrity check data for therefrom separating integrity check data
Determine whether data are complete (S1060).
If determining that data are complete, temporary transient data storages (S1070) as the result determined, and if it is determined that should
Data are in error condition, then stop communication (S1100) or can perform another trial.
If there is the subsequent data (S1080) in temporary transient storage state, then foregoing rank can be repeatedly carried out
Section.If there is no subsequent data, then store what is be temporarily stored according to the integrity detection result of received signal
Data (S1090).
In foregoing exemplary embodiment, from the control of imaging device during being initialized first except what is communicated in data
Outside the integrity check data of device transmission, by accumulating and checking the integrity check data next life in previous communication period
Into integrity check data.As a result, the integrity check data in final communication period is included in (for example, important)
All integralities inspection data used in communication process.Therefore, it is possible to record accurate data.
Therefore, can safely protect on the information of controller and CRUM chips exempt from such as noise, faulty contact point,
The abnormal change of running stores, intentional modification and the external action of hacker's behavior etc.
According to exemplary embodiment, can be based on imaging device and used in imaging device can consumable unit
On CRUM chips, but foregoing communication means can also be applied to other kinds of equipment.For example, exemplary implement bag
Include the communication that can be applied to be produced between CRUM chips rather than the equipment to be communicated with imaging device
Situation, and may be applied to logical between the memory on normal electronic device and the component that uses in a device of installation
The situation of letter.
For example, integrity check data can be used only for some processing of certification.That is, in various events
In --- such as when be provided with CRUM chips can consumable unit be replaced when, when starting imaging device, when data renewal be
When required, when predetermined amount of time reaches, etc., the master controller being provided in the main body of imaging device can perform with
Can consumable unit CRUM chips certification.
CRUM chips can be designed as performing the certification with imaging device, and only when confirmation CRUM chips are suitable for
The operation for such as reading or writing data etc from CRUM chips is just performed during corresponding imaging device.There may be being capable of basis
The selected various types of certifications of environment.For example, due to can consumable unit startup or replacing and can not use previous
In the case of the information of CRUM chips, it can use with high level encryption but spend what the relatively longer time performed
Authentication method.In the case of needing certification in print procedure in order to update some data, it can perform faster and simpler
Certification.Although the certification performed in print procedure is relatively easy, it is strong authentication method for encrypting, and this is
Because it is based on the data generated during the previous certification using high level encryption.
Figure 11 illustrate imaging device main body and installed in can be in consumable unit CRUM chips between exemplary recognize
Card processing.With reference to figure 11, the main body 100 of imaging device and CRUM chips 210 undergo multiple authentication processings (Auth-1~4) it
Final certification is performed afterwards.In each exemplary embodiment, the quantity and order of authentication processing (Auth-1~4) can not
Together.The main body 100 and CRUM chips 210 of imaging device can perform authentication processing for generating session key and for examining
The compatible authentication processing of CRUM chips, and can before authentication processing, after an authentication process or in authentication processing
Between perform one or more authentication processings.
As illustrated in fig. 11, certification can be divided into Basic Authentication and Additional Verification.Basic Authentication includes being used for
The first authentication processing (Auth-1) of internal authentication is performed, and Additional Verification includes such as Auth-2, Auth-3 and Auth-4
Etc multiple operations.
First authentication processing (Auth-1) performs the certification between imaging device 100 and CRUM chips 210, and performs wound
Build the operation of common session key.Imaging device 100 and CRUM chips 210 are by using such as symmetric key or unsymmetrical key
Etc AES all or part of data exchanged between them in communication period are encrypted so that cause can not be from
Outside sees data come with communicating with each other.
Imaging device 100 and CRUM chips 210 are created using the data exchanged during the first authentication processing (Auth-1)
Common session key is built, and the data for subsequent communication are encrypted using the session key.
Second authentication processing (Auth-2) is referred to the combination form (C- forms) of imaging device 100 and CRUM chips
The synchronous operation of 210 combination form (C- forms).C- forms be used to making imaging device 100 and the certification of CRUM chips 210 that
This information.That is, the wherein record that C- forms refer to has the form of the value to be operated when sending inquiry code, and
The first form can be referred to as.
When performing startup in imaging device 100, or when the C- forms and CRUM chips 210 that determine imaging device 100
C- forms it is inconsistent when, the second authentication processing can be performed so that the C- forms of imaging device 100 and CRUM chips 210 is same
Step.It can determine whether the C- forms of imaging device 100 are consistent with the C- forms of CRUM chips 210 in imaging device 100.
Figure 12 is the chronological view for illustrating exemplary second authentication processing.As illustrated in fig. 12, imaging device 100
PRT data and REQUEST_CMD (request command) (S1110) can be generated, and are transferred to CRUM chips 210.Can be with
REQUEST_CMD is provided in various formats.For example, REQUEST_CMD can be CMDE (PRT data)MAC(circulation is superfluous by CRC
Remaining verification) or EDC (EDC error detection and correction bit)." E () " expression cryptographic algorithm, and "" represent predetermined operator
Number, i.e. add character.
When receiving REQUEST_CMD, CRUM chips 210 generate CRUM data (S1230), and use what is generated
CRUM data and the PRT data that are received generate C- forms (S1240).CRUM chips 210 can be by for CRUM data
C- forms are generated with the predetermined configuration function of PRT data applications.
CRUM chips 210 can generate the RESPONSE (S1250) of the CRUM data including being generated, and be set to imaging
The generated RESPONSE (S1260) of standby 100 transmission.E (CRUM data) can be usedMACCMD resultsCRC or EDC side
Method generates RESPONSE.
Imaging device 100 uses received CRUM data and PRT data to generate C- forms (S1270).Imaging device
100 can also generate C- forms by the predetermined configuration function of application.Therefore, imaging device 100 and CRUM chips 210
There can be identical C- forms respectively.
When completing the second authentication processing (Auth-2), the 3rd authentication processing (Auth-3) can be performed.3rd authentication department
Reason (Auth-3) can be the processing of wherein imaging device 100 and the synchronous query form of CRUM chips 210 (Q- forms).Q- forms
The wherein record referred to has the form for the data for certification for such as inquiring about code etc, and can also be referred to as the second table
Lattice.
Figure 13 illustrates exemplary 3rd authentication processing.As illustrated in Figure 13, when completing the second authentication processing, into
Determine whether the version (that is, PRT versions) of the Q- forms in main body is more than the Q- in CRUM chips 210 as the main body of equipment 100
The version (S1310) of form.If it is determined that PRT versions are more than CRUM versions, then the main body of imaging device 100 is to CRUM chips
210 provide the information on Q- forms.Therefore, CRUM chips 210 update CRUM versions to match the Q- of the main body of imaging device
Table version (S1320).
On the other hand, if PRT versions are less than CRUM versions (S1330), CRUM chips 210 are to imaging device 100
Main body provides the information on Q- forms.Therefore, imaging device 100 updates PRT versions to match the Q- forms of CRUM chips 210
Version (S1340).
As such, when the Q- forms of both sides have been changed to consistent by renewal, or if they are consistent without more
Newly, then the operation (S1350) for checking inquiry code, the value being recorded in Q- forms is performed.Check the such of inquiry code
Operation can be the 4th authentication processing.
Figure 14 illustrates the exemplary process of the Q- form synchronization Q- forms using the main body of imaging device.Such as institute in Figure 14
Diagram, the REQUEST_CMD1 (S1410) of the generation request CRUM data of imaging device 100, and REQUEST_CMD1 is passed
Give CRUM chips 210 (S1415).As the response to REQUEST_CMD1, CRUM chips 210 generate RESPONSE 1
(S1420), and to imaging device 100 RESPONSE 1 (S1425) is transmitted.Can use E1 (E2 (PRT Q DATA indexes) |
| CRUM data) | | MAC | | CMD1 results | | CRC or EDC method generates RESPONSE 1.Here, E1 refers to that encryption is calculated
Method, and E2 (PRT Q DATA indexes) can be defined as by obtaining Q data simultaneously to Q- forms application Q- table index
And encrypt Q data using arbitrary first AES.
When receiving RESPONSE 1, imaging device 100 compares received Q- data (S1430).That is, into
As equipment 100 detected from the Q- forms of storage the Q- data corresponding with the index for having been transferred to CRUM chips 210 and
It is whether consistent with each other that the Q- data with the Q- data transmitted from CRUM chips 210 are compared to determine them.If it is determined that
They are inconsistent, then imaging device 100 generates REQUEST_CMD2 (S1435), and transmits REQUEST_ to CRUM chips 210
CMD2(S1440).Can using E1 (E5 (PRT Q TBL) | | MAC | | CRC or EDC method generates REQUEST_CMD2.
Here, E5 refers to the second AES different from E1 and E2.
When receiving REQUEST_CMD2, CRUM chips 210 are by the Q- table versions of imaging device and CRUM chips 210
Q- table versions compare, and if it is determined that their inconsistent (S1445) or apply Q- forms with CRUM chips 210
Regular different rule (S1450), then generation error respond.Therefore, CRUM chips 210 update its Q- form with PRT Q-
Table match (S1455), generation RESPONSE 2 (S1460), and transmit RESPONSE 2 (S1465) to imaging device 100.
It can use CMD2 results | | CRC or EDC method generates RESPONSE 2.
Figure 15 is the chronological view using the exemplary process of the Q- form synchronization Q- forms of CRUM chips 210.Such as Figure 15
In it is illustrated, imaging device 100 generates REQUEST_CMD (S1510), and sends REQUEST_CMD to CRUM chips
210(S1520).CRUM chips 210 generate RESPONSE (S1530) according to the order of reception, and are transmitted to imaging device 100
RESPONSE(S1540).Can by using E1 (E2 (CRUM Q DATA) | | E5 (CRUMQ TBL) | | MAC | | CMD results | |
CRC or EDC method generates RESPONSE.When receiving RESPONSE, imaging device 100 checks what is received
RESPONSE CRUM Q DATA, and CRUM Q DATA are compared (S1550) with RESPONSE CRUM Q DATA.Such as
Fruit determines that they are inconsistent each other, it is determined that it is error condition.Whether imaging device 100 checks received CRUM Q forms
Meet the rule for Q- forms, and if it is determined that Q- forms are not effective, it is determined that it is error condition (S1560).
If it is determined that Q- forms are inconsistent, then imaging device 100 updates Q- forms according to received data
(S1570).Therefore, the Q- forms of both sides are synchronized with each other.
Second and the 3rd authentication processing (Auth-2, Auth-3) be by imaging device 100 and can consumable unit 200 information
Synchronous processing is to analyze the data exchanged during the 4th authentication processing (Auth-4).If available data has been identical
, then it can not perform the 3rd authentication processing (Auth-3).
4th authentication processing (Auth-4) is to confirm the authentication processing of compatibility.In the 4th authentication processing, imaging device
100 and can consumable unit 200 recognize using the session key generated by the first authentication processing (Auth-1) and in second and the 3rd
Shared information is come confirm can consumable unit 200 or installed in can be in consumable unit 200 during card processing (Auth-2,3)
CRUM chips 210 are appropriate for imaging device 100.
Figure 16 is the chronological view for illustrating the illustrative methods for performing the 4th authentication processing (Auth-4).Such as Figure 16
In it is illustrated, imaging device 100 selects Q indexes, C indexes etc., generates the REQUEST_CMD for including selected index
(S1610), and to CRUM chips 210 REQUEST_CMD (S1620) is transmitted.CRUM chips 210 use what is received
REQUEST_CMD generates CRUM data, and generation includes the RESPONSE of CRUM data, and should to the transmission of imaging device 100
RESPONSE(S1640)。
When receiving RESPONSE, imaging device 100 generates RPT Q datas (S1650) and PRT Q datas exists
The CRUM data that RESPONSE includes compare (S1660).If it is determined that they are consistent with each other, it is determined that CRUM chips 210
Appropriate and certification complete.
Imaging device 100 and can consumable unit 200 can create session key the first authentication processing (Auth-1) phase
Between and during the 4th authentication processing (Auth-4) of compatibility is confirmed transmission/reception include the signal of integrity check data.
Integrity check data refer to by be cumulatively reflected in integrity check data that previous received signal includes and
The data of generation.If previously do not receive the signal including integrity check data also --- it is i.e., secondary if necessary to first
Into integrity check data, then it can only be used only and the data transmitted are generated into integrity check data.
Influence to be used as the 4th certification in the communication data that second and the 3rd are exchanged during authentication processing (Auth-2, Auth-3)
Handle next communication process of (Auth-4).Therefore, integrity check data is not used in the authentication processing of centre, when
When second and the 3rd have problem in authentication processing (Auth-2, Auth-3), the 4th authentication processing (Auth-4) may also be lost
Lose, thus ultimately result in the failure of certification.It is, therefore, not necessary to the authentication processing in whole includes integrity check data, and
And only it can include integrity check data in the Auth-1 and Auth-4 as important authentication processing.However, this is only
Only it is example, and can be in each authentication processing or at least one middle transmission/reception in second and the 3rd in authentication processing
Integrity check data.
According to exemplary embodiment, certification can be performed between main body 100 and CRUM chips 210, but can pacify
Authentication operation as being performed between master controller 110 and CRUM chips 210 in main body 100.With reference to figure 17 and Figure 18
To explain that the illustrative authentication between master controller 110 and CRUM chips 210 is handled.
Figure 17 illustrates exemplary first authentication processing for generating session key during multiple authentication processings
(Auth-1).For the sake of for convenience of explanation, generating the authentication processing of session key can be defined as in the exemplary embodiment
First certification, but other authentication processings can be performed before the authentication processing for generating session key.
As illustrated in fig. 17, the first authentication processing (Auth-1) can be divided into com-1 and com-2.Com-1's
Processing is for transmitting data so that main controller 100 can perform the processing of authentication operation using CRUM chips 210.
The signal transmitted during com-1 processing includes CMD1, DATA1, CRC1, symbol, VC1 etc..CMD1 represents order, and can
With including the option relevant with certification or on by the information of the size of the data transmitted.DATA1 is included necessary to certification
Random data, with the relevant data value of encryption for certification, the customizing messages stored in imaging device, etc..First
In the case of authentication processing, not only above-mentioned random data (R1) can be transmitted to DATA1, and also have such as on
The data relevant with session key of the information of keys sizes, the various keys used in asymmetric key algorithm etc., with
And it is stored in the other information in the main body of imaging device 100.According to exemplary embodiment, it is convenient to omit some are above-mentioned
Information is replaced with other information.
Random data can be the value that master controller 110 is randomly generated for certification.Therefore, random data is for each
Certification can change, but can transmit a value being temporarily set rather than random data sometimes.CRC1 represents mistake
Detection code.CRC1 is transmitted to check the mistake in CMD1 and DATA1.In addition to CRC1 or substitute it, can use and such as examine
(Checksum) or MAC etc other error-detecting methods.
Symbol in com-1 specifies integrity check data.Figure 17 illustrates that SECU1 is used as can be from other data
Identify integrity check data and show the situation of the symbol of the action type of integrity data.Use in fig. 17
SECU1 is the symbol to be communicated using integrity check data function representation first.VC1 is the integrity detection number of generation for the first time
According to.VC1 generates the content being made up of CMD1, DATA1, CRC1 and SECU1 string according to specific formulation.Because VC1 is for the first time
The integrity check data of generation, so only being made by cumulatively reflecting the integrity check data of previous receipt
VC1 is generated with remaining data.The method for disclosing generation VC1.
Once CRUM chips 210 receive com-1, then CRUM chips 210 just transmit include DATA2, SW2, CRC2,
SECU2, VC2 etc. com-2.If the first authentication processing refers to the authentication processing for generating session key, com-2
Data can include the first random data (R1), the second random data (R2), chip serial number (CSN), on for non-right
Claim information, part of internal information of CRUM chips of the key of key algorithm, etc..First random data (R1) be
The value that com-1 is received, and the second random data (R2) is the value generated from CRUM chips 210.It can be omitted in com-2 and wrap
The information that includes is replaced with other information.
In addition, SW2 represents result data, it shows the operation performed according to com-1 order in CRUM chips 210
As a result.Because CRC2 and SECU2 is operated in a manner of with CRC1 the and SECU1 identicals in com-1, so will omit on CRC2
With SECU 2 description.VC2 is complete and what is generated by cumulatively reflecting the VC1 of the integrity check data as com-1
Property detection data.CRUM chips 210 can by according to predetermined Combination of Methods by be sent to com-2 DATA2,
SW2, CRC2 and SECU2 and VC1 generate VC2, and this point will be explained in further detail later.
If as illustratively performed the first authentication processing in Figure 17, the first random data generated by master controller 110
(R1) the second random data (R2) and in CRUM chips 210 generated can be shared each other.Master controller 110 and CRUM chips
210 respectively can generate session key using R1 and R2.
As illustrated in fig. 11, final certification is performed after multiple authentication processings are undergone.Among throughout managing, the
Four authentication processings be check CRUM chips 210 or in CRUM chips 210 can consumable unit 200 compatibility.
Between one certification and the 4th certification, at least another authentication processing can be added and think that the 4th certification is prepared.
Figure 18 illustrates the illustrative authentication processing for confirming compatibility.In fig. 11, among multiple authentication processings, finally
Once authentication processing of the execution as the confirmation compatibility of the 4th certification, but order not limited to this.
As illustrated in Figure 18, the 4th authentication processing (Auth-4) includes com-3 and com-4.Com-3 is referred to wherein
Master controller 110 transmits the processing of signal to CRUM chips 210, and com-4 refers to that wherein CRUM chips 210 are to main control
Device 110 transmits the processing of signal.In com-3, CMD3, DATA3, SECT1 and VC3 are transmitted.CMD3 is the life for representing com-3
Order, and DATA3 represents data necessary to performing Auth-4 operations.
The master controller 110 can be previously stored confirm CRUM chips 210 or can consumable unit 200 compatible table
Lattice.If for example, being stored with multiple forms, DATA3 can include any first index information (index 1) and table of form 1
Any second index information (index 2) of lattice 2.Master controller 110 can use the session generated by the first authentication processing
Key encrypts DATA3.SECT1 is symbol string of the notice using last operation of the communication of integrity check data, and
And VC3 is integrity check data.Master controller 110 can use CMD3, DATA3, CRC3, SECT1 to go here and there and as so far
Untill the VC1 and VC2 of the integrity check data that have generated generate VC3.Com-3 CRUM chips 210 are received to master
Controller 110 transmits com-4.Com-4 can include DATA4, SW4, CRC4, SECT2, VC4 etc..DATA4 can include making
Generated with corresponding with the first and second index informations received from com-3 respectively the first value (value 1) and second value (value 2)
The 3rd value.Master controller 110 can by first, second, and third value that will be confirmed by com-4 compared with form relatively come
Confirm CRUM chips 210 or can consumable unit 200 be appropriate for imaging device 100.Disclose SW4, CRC4 and SECT2 letter
Number.VC4 is the integrity check data generated by cumulatively reflecting VC1, VC2 and VC3.
Can during at least certain part of multiple authentication processings transmission/reception integrity check data.In this case,
If there is the integrity check data being previously used, then it can cumulatively reflect corresponding integrity check data.Also
It is to say, can be as summarized integrity check data in equation 1:
[formula 1]
SECU (n) VCn=CMD (+) DATA (+) SW (+) CRC (+) symbol (+) VC (n-1)
SECT (n) VCn=CMD (+) DATA (+) SW (+) CRC (+) symbol (+) VC (1) (+) VC (2) (+) ... (+) VC
(n-2)(+)VC(n-1)
In equation 1, (+) can represent such as XOR etc logical operation formula or other AES formula.Root
, can be by combining in the VC (n-1) of the data transmitted and the integrity check data for being used as previous receipt according to [formula 1]
Each generate as the integrity check data used in the authentication processing in addition to final authentication processing
SECU (n) VCn.On the other hand, it can transmit or connect by the data transmitted and in previous authentication processing by combining
Each in whole integrity check datas of receipts generates as the integrity detection number for final authentication processing
According to SECT (n) VCn.For example, in the case of n-th of integrity check data, it can reflect that 1,2 ..., n-1's is complete
Property detection data.Therefore, if mistake during certification be present, mistake can be found in final authentication processing simultaneously
And certification can be completed, or authentification failure can be determined.
Figure 19 illustrate it is according to exemplary embodiment, in authentication processing use integrity check data CRUM chips
Exemplary configuration.CRUM chips 1400 can be installed in and various can be used in consumable unit and then.In Figure 19
Illustrated, CRUM chips 1400 include interface unit 1410, test cell 1420, generation unit 1430 and controller 1440.
Interface unit 1410 may be connected to the component of the main body 100 of imaging device.Interface unit 1410 can use various interfaces
Method.It is, for example, possible to use interaction integrated circuit (I2C).
If it happens the event of certification is needed, then interface unit 1410 can receive various signals.For example, interface unit
1410 can receive the first integrity check data included for the first data of certification and on the first data from main body 100
Signal.First data represent the data in addition to the first integrity check data among received signal.Figure 17's
First data represent CMD1, DATA1, CRC1 and SECU1.DATA1 can include the various numbers of such as first random data etc
According to.
Test cell 1420 can by by the first integrity check data (that is, VC1) from received signal separation come
The integrality of test signal.According to Figure 17 the first authentication processing, test cell 1420 can pass through computing CMD1 (+) DATA1
(+) CRC1 (+) SECU1 calculates VC1.The VC1 that text unit 1420 can be calculated by the VC1 separated from com-1 and directly
Compare, and determine that com-1 is complete if they are consistent with each other.
If it is determined that com-1 is complete, then controller 1440 can temporarily store some necessary numbers including VC1
According to.Controller 1440 controls generation unit 1430 to perform the first authentication processing.
Generation unit 1430 uses the second data and the first integrity detection number being used for the main body certification of imaging device
According to generating the second integrity check data.Generation unit 1430 can generate the second random number using random value generating algorithm
According to.According to the exemplary embodiment using formula 1 recited above, the second integrity check data can be calculated as DATA2
(+) SW2 (+) CRC2 (+) SECU2 (+) VC1 end value.
Controller 1440 can use the data received from main body 100 to perform the first authentication operation.Controller 1440 can
With using the first random data (R1) received from main body 100 and the second random data (R2) generated by generation unit 1430 Lai
Generate session key.
Controller 1440 transmits the second integrality for including calculating by interface unit 1410 to the main body 100 of imaging device
Data are detected together with the second data, the i.e. signal of DATA2, SW2, CRC2 and SECU2.The main body 100 of imaging device can also be from
The first and second random data are detected in received signal and generate session key using the data of detection.
Certification includes multiple certification.That is, controller 1440 can use the generation session of the first and second data
Multiple subsequent authentication processings are performed after key.
Multiple subsequent authentication processings can include being used for compatibility test as described above for described in the 4th authentication processing
Authentication processing.During the authentication processing, the integrality inspection for cumulatively reflecting and being transmitted and received can be transmitted and received
Survey the new integrity check data of data.
Interface unit 1410 can receive from the main body 100 of imaging device includes the 3rd data and the 3rd integrity detection number
According to signal.3rd integrity check data is represented using so far by the main body 100 and master controller of imaging device
The data that 110 integrity check datas used and the 3rd data are generated.If the 4th authentication processing is final authentication department
Reason, then can reflect all first and second integrity check datas to generate the 3rd integrity check data.
If receiving the 3rd data and the 3rd integrity data, controller 1440 controls test cell 1420 to test this
Data.Method of testing is as described above.
Determining the 3rd data if based on test result, there is no problem, then controller 1440 controls generation unit 1430 to give birth to
Into the 4th integrity check data.Generation unit 1430 can by formula 1 described above together with the 4th data it is anti-
First, second, and third integrity check data is reflected to generate the 4th integrity check data.
If the 4th integrity check data of generation, main body 100 transmission of the controller 1440 to imaging device includes the
The signal of four data and the 4th integrity check data.
If the 4th authentication processing is the authentication processing of test compatibility, the 3rd data can include being pre-stored in imaging dress
The index information of form in putting, and the 4th data may be implemented as the data that include the value corresponding with index information.
Interface unit 1410 may be implemented as contact-type unit or connecting-type unit.Interface will be explained in further detail later
The contact type or communication means of unit 1410.
As described above, exemplary embodiment is depended on, can be partially or completely in certification or data communication process
Use integrity check data.
Figure 20 illustrate imaging device or can be in consumable unit the communication scenario that is not required of record in using complete
Property detection data illustrative methods.Integrity check data can be used in a part for authentication processing.
As illustrated in Figure 20, master controller 110 and CRUM chips 210 perform 8 communication altogether for certification, and
4 integrity check datas of transmission and inspection during managing in this place.
Final integrity test is completed in the last authentication processing as the 8th processing, and is read as data
Take in the subsequent processing of write-in processing and do not use the final integrity test further.That is, only certification 1,
2nd, integrity test processing is performed in 7 and 8, and general integrity test is carried out in certification 7 and 8.In fig. 20, transmit/
The processing of reception signal can be referred to as an authentication processing.For example, S1510 and S1530 can be the first authentication processing,
S1550 and S1560 can be that the second authentication processing, S1570 and S1580 can be the 3rd authentication processings, and S1590 and
S1620 can be the 4th authentication processing.
As illustrated in Figure 20, master controller 110 transmits the signal com-1 for including data and integrity check data 1
(S1510).Data include certification initiation command data 1 (authentication command (CMD) data 1), certification DATA1 and designator SEC
U1.Certification initiation command data 1 not only include order, and including data necessary to performing certification.SEC U1 are represented
Indicator information after certification initiation command data 1.Indicator information SEC U1 represent the integrality inspection in notification signal
Survey the symbol of the parsing position of data.Indicator information can be represented as the byte of fixed qty.For example, believe for designator
Breath can use 5 bytes.On the other hand, the size of authentication data 1 can change according to the content of data, and therefore complete
The size of whole property detection data 1 can also change.
Once receiving com-1, then CRUM chips 210 are performed using the integrity check data 1 included in the signal
Integrity test (S1520).Then, CRUM chips 210 have generated using by the data transmitted and integrity check data 1
Whole property detects data 2, and then, transmission includes the signal com-2 (S1530) of data above.CRUM chips 210 are according to certification
Initiation command data 1 come perform can consumable unit function and by collect therefore and generate random data and perform other
Data necessary to function configure authentication data 2.The configuration of CRUM chips 210 represents to be held according to certification initiation command data 1
The result data 2 of the result of capable operation.The transmission of CRUM chips 210, which is used as, includes authentication data 2, result data 2, designator
The com-2 (S1530) of the signal of SEC U2 and integrity check data 2.
Once receiving com-2, integrity check data 2 is separated and held from the com-2 received by master controller 110
Row integrity test (S1540).
If it is determined that integrity test described above operation in it is at least one it is middle exist mistake (S1520,
S1540), then master controller 110 or CRUM chips 210 can stop authentication processing and determine authentification failure.In this case,
Master controller 110 can notify the failure of certification by forming the user interface section 120 on master controller 100.
On the other hand, if it turn out that integrality, then master controller 110 and CRUM chips 210 are sequentially performed subsequent
Authentication processing.
In fig. 20, second and the 3rd in authentication processing without using integrity check data.In this case, even if depositing
In subsequent certification work data 3, then master controller 110 is used as to the transmission of CRUM chips 210 includes authentication command 3 and certification number
According to the com-3 of 3 signals without further generation integrity check data 3 (S1550).
When receiving com-3, CRUM chips 210 perform operation without performing integrity test.Specifically, CRUM chips
210 transmit as the com-4 (S1560) including authentication data 4 and the signal of authentication result data 4 to master controller 110.
Master controller 110 is also transmitted as the com-5 including authentication command 5 and the signal of authentication data 5 without having performed
Whole property tests (S1570), and the transmission of CRUM chips 210 is as the signal including authentication data 6 and authentication result data 6
com-6(S1580).Can perform second and the 3rd authentication processing without integrity check data.
Master controller 110 performs integrity check data again in final authentication processing.That is, master controller
110 use the integrity check data 1 and 2 as all existing integrity check datas together with authentication command 7, authentication data
7 and SECT 7 is transmitted as the signal including data above to generate integrity check data 7 to CRUM chips 210
com-7(S1590)。
CRUM chips 210 finally test the communication process for running through whole by transmission/reception using integrity check data 7
And the data (S1600) being temporarily stored.If confirming integrality according to final test result, CRUM chips 210 are true
Determining certification is successful (S1610) and performs and such as generate and will be sent to the ensuing place of the data of imaging device etc
Reason.If the anything of record in memory being not present in authentication processing --- this instruction, which is not present, temporarily to be stored
Data, then can be omitted in the operation of data storage in nonvolatile memory (not shown).
CRUM chips 210 to master controller 110 transmission as include authentication data 8, authentication result data 8, SEC T8 and
The com-8 (S1620) of the signal of integrity check data 8.In order to generate integrity check data 8, using as so far
By the integrity check data 1,2 and 7 of all data of transmission/reception.
Master controller 110 also uses the integrity detection number included in the signal of communication of certification 8 received from CRUM chips
Whole integrity tests (S1630) are performed according to SECT8.If confirming integrality (S1640) according to integrity test, become
For certification success status, and master controller 110 performs the subsequent operation for such as generating session key etc.Similarly, if
The anything of record in memory is not present in authentication processing --- the data being temporarily stored are not present in this instruction, then
The operation of data storage in nonvolatile memory (not shown) can be omitted in.
The integrity check data being previously used with cumulatively reflecting uses to generate in such communication process
Integrity check data.
For example, integrity check data can be handled as follows:
Integrity check data 1=E (certification CMD/ authentication data 1/SEC U1)
Integrity check data 2=E (the authentication result 2/SEC U2/ integrity check datas 1 of authentication data 2/)
Integrity check data T1=E (the integrity detection numbers of 7/ authentication datas of certification CMD, 7/ integrity check data 1/
According to 2)
Integrity check data T2=E (the integralities of 8/ authentication result 8/SEC T2/ integrity check datas of authentication data 1/
Detect the integrity check data T1 of data 2/).
In above-mentioned formula, E () represents to obtain the function of end value by the predetermined formula of application.Such as Figure 17 and
Illustrated in Figure 18, being represented as the data of authentication data or authentication result can include stably being used for independent communication
Such as verification and/or MAC etc inspection data.
The integrity check data of some authentication processings can be configured to as illustrated in Figure 21-24 with going out.
Figure 21 illustrates the first integrality that master controller 110 transmits to CRUM chips 210 during the first authentication processing
Detect data.As illustrated in Figure 21, master controller 110 is by by the byte of beginning 8 of communication data and ensuing 8 byte
Specific formulation or AES are applied to generate 8 new byte values, and 8 byte values by making to be newly generated with next
8 bytes carry out computing and generate ensuing value.Using this method, master controller 110 can be by untill SECU 1
Identical formula or algorithm are generated to generate integrity check data and temporarily store generated integrity check data.Such as
The amount total of the data of 8 final bytes of fruit can then fill up such as 0x00 particular value to complete 8 bytes not up to 8 bytes,
And the computing of the byte of deficiency can be omitted.
When generating integrity check data (VC), if integrity check data is SECU, should use just at it
Integrity check data used in preceding.However, it is possible to the integrity check data illustrated for the first time in transmission Figure 21, and
In the absence of previous integrity check data.In such a case it is possible to use the particular value for being initialized to such as 0x00 etc
Integrality primary data, or computing can be performed without including previous integrity data.If imaging device and CRUM cores
Piece may not applied to using identical method generation integrity data, then such situation.
If receiving com-1 during the first authentication processing, CRUM chips test CMD and DATA values using CRC
To check for problem.CRUM chips use the above communication data for including the strings of SECU 1 according to the use explained in figure 21
Value is generated in the method for generation integrity check data and by the value and in the first authentication processing in received signal
Included VC1 compares.That is, CRUM chips 210 generate and than more complete in a manner of with the identical of master controller 110
Property detection data.
If problem in check continuity data be present, CRUM chips do not perform next authentication processing.In the situation
Under, imaging device can check the mistake of CRUM chips, and therefore can stop or resume operations.If inspecting
Had no problem during integrity data, then imaging device temporarily stores VC1 and performs next operation.
CRUM chips 210 perform the operation for encrypting certification according to DATA content, and generate that have will be
The data of the encryption correlation used in imaging device, specific data, the sequence of CRUM chips being stored in CRUM chips 210
Number and the com-2 of random data be used as DATA.DATA all or part of conduct can be used symmetrical or asymmetric
Key, using encryption method encrypt CRUM chips 210.Com-2 content includes DATA, instruction is made according to the order received
SW, the CRC as error-detecting code, symbol, VC1 and VC2 through success or failure already.In the case of com-2, symbol quilt
It is arranged to SECU2 strings.Integrity check data 2 (that is, VC2) can be generated using the method illustrated in Figure 22.
As illustrated in Figure 22, DATA2, SW2, CRC2, SECU2, and VC1 are classified by 8 bytes, and
Each in sorted data is sequentially calculated using specific formulation or AES.The length of data can be depended on
Filled up to use, thus generate VC2.The VC2 generated is temporarily stored in CRUM chips 210.
Figure 23 and 24 illustrates the exemplary side for being used to generate integrity check data used in the 4th authentication processing
Method and configuration.
For example, in fig. 20, master controller 10 uses integrity check data, and CRUM chips when transmitting com-7
210 use integrity check data when transmitting com-8.
Com-7 includes DATA, CRC and symbol string necessary to representing com-7 CMD, Auth-4 operation and utilized
The VC3 of the end of whole property detection data instruction communication.In this case, encrypted using the session key generated in Auth-1
DATA.Com-7 symbol string is SECT1.
As illustrated in Figure 23, gone here and there using CMD3, DATA3, CRC3, SECT1, and be used as and generated so far
The VC1 and VC2 of all integrity check datas generate VC3.Master controller 110 temporarily stores generated VC3.Work as reception
During to com-7, CRUM chips 210 generate integrity check data in a manner of illustrated identical in such as Figure 23.Due in Auth-
VC1 and VC2 is temporarily stored in CRUM chips 110 during 1 processing, it is possible to generation integrity detection identical with VC3's
Data.If problem in check continuity data be present, CRUM chips do not perform next authentication processing.In this case,
Imaging device can check the mistake of CRUM chips, and therefore can stop or resume operations.
If check continuity data be not present it is out of question, CRUM chips 210 by DATA decryption be session key, execution
Operated necessary to Auth-4, and generate com-8 data to be responded to imaging device.Com-8 include DATA, SW,
SECT2 strings and the VC4 as final integrity data necessary to CRC, Auth-4.DATA is encrypted as session key.
Figure 24 illustrates the illustrative methods and configuration for generating VC4.As illustrated in Figure 24, CRUM chips 210
VC4 can be generated by calculating DATA4, SW4, CRC4, SECT2 string and VC1, VC2, VC3 by 8 byte orders.
When receiving com-8, the master controller 110 of imaging device uses the main body 100 for being stored temporarily in imaging device
In DATA4, SW4, CRC4, SECT2 string and VC1, VC2, VC3 generate VC4 and compare them, to confirm integrality.Such as
Fruit has no problem in integrity test, then DATA is decrypted as session key to perform final authentication operation.Therefore, when
CRUM chips 210 or be wherein provided with CRUM chips 210 can consumable unit 200 when being identified compatible with imaging device 100, really
Fixed final certification is successful and can perform subsequent traffic operation.
Can consumable unit 200 can be can be dismountable from the main body 100 of imaging device.When can consumable unit 200 pacified
During dress, it may be electrically coupled to main body 100.Such connection can be realized with contact-type or connecting-type, and can made
With I2C methods come perform can be between consumable unit 200 and main body 100 communication.
Figure 25 illustrates the example of the exterior arrangement of the interface unit 1410 of contact-type.As illustrated in figure 25, can disappear
Consuming unit 200 includes being used for the osculating element 2010 to communicate.The main body 100 of imaging device includes osculating element.When list can be consumed
When member 100 is installed in main body 100, the contact of interface unit 1410 forms the osculating element in the main body 100 of imaging device
2010 to be electrically connected.
Figure 26 illustrates the exemplary connection shape that can be between consumable unit 200 and the main body 100 of imaging device of contact-type
State.Figure 26 illustrate osculating element 2020, the mainboard 2040 that can wherein arrange the various parts including master controller 110 and
The connection cable 2030 that mainboard 2040 is connected with osculating element 2020.When can the illustrated ground quilt such as in Figure 26 of consumable unit 200
When in main body 100, formed can be in consumable unit 200 osculating element 2010 contact main body 100 to be electrically connected to each other.
When osculating element illustrated in such as Figure 25 and Figure 26 is contact-type, a fixed touched side is not related
's.Therefore, if vibration in imaging device be present, osculating element 2010,2020 temporarily may each other be separated, caused logical
The problem of letter.If that is, installation on an imaging device can consumable unit contact point separation, may exchange not just
True data.However, using integrity check data when performing certification and data communicate if as discussed above, then can solve
The problem of such.That is, master controller 110 or CRUM chips 210 can be by checking when contact point normally attaches to
The integrity check data of received previous data and connect when each other when contact point attaches to each other astatically
The data of receipts determine authentification failure or communication mistake.Therefore, the operation read or write data can not be performed, to prevent mistake
Information is recorded in by mistake can be in consumable unit 200.
Figure 27 illustrates the exemplary external configuration of the interface unit 1410 as connecting-type.With reference to figure 27, list can be consumed
Member 200 includes the connector 2210 for communicating.Connector 2210, which is connected to, to be located in the main body 100 of imaging device
Port 2220.In connecting-type, when interface unit 1410 is connecting-type as illustrated in figure 27, if for example, impurity enters
Enter between connector 2210 and port 2220 or if fixed cell damages, be then likely to occur contact problems.In such case
Under, exemplary embodiment of the invention can be by performing certification according to each exemplary embodiment using integrity check data
Or data communicate to prevent to perform incorrect operation.
Serial communication method can be used for the communication that can be between consumable unit 200 and main body 100 of imaging device.For example,
I2C communication means can be used.
Figure 28 illustrates be able to can pass according to I2C communication means between consumable unit 200 and the main body 100 of imaging device
The exemplary various waveforms for the signal for sending and receiving.I2C communication means includes VCC and GND to slave unit supply electric power, is used for
There is provided the synchronous clock between master controller 110 and CRUM chips 210 SCL, as I2C interface data wire SDA, etc.
Deng.As such, I2C communications are with simple structure and multiple nodes can be connected to a bus.
I2C communication means can be prepared for the communication between the IC in the circuit of veneer, and therefore in communication period
Between check mistake be not present configuration.However, during communication process that can be between consumable unit and imaging device, various communications are wrong
Mistake may occur.
Unpredictable resistance may occur, for example, electrical noise interference is likely to occur on contact surface, communication may be by
The influence of dust, toner power, etc., or the contact point on contact surface may be separated due to vibration.In addition, with clock
(SCL) incorrect communication data may be transmitted in I2C communication means by being changed into inconsistent, and transmit data (SDA) generation
Change.
Figure 29 illustrates the SDA and SCL of the amplification in Figure 28 I2C signals.As illustrated in Figure 29, SCL signal one
It is secondary that there are 8 consistent high/low signals, and the data of 1 byte are therefore represented when using SDA to generate high/low signal.
That is, a high/low signal represents 1 bit SCL or SDA.
According to I2C methods, if gone wrong in communication period, i.e. if there is the distortion of the only signal of 1 bit,
It then cannot normally transmit data.If for example, transmitting 4 byte datas 00,000,000 00,000,000 00000000
Problem when 00000000 (decimal numeral " 0 ") be present, and therefore only 1 bit of most leading digit changes, then may deposit
In sizable difference because its to be changed into 10,000,000 00,000,000 00,000,000 00000000 (decimal numeral
“2147483648”)。
However, according to the exemplary embodiment of the present invention, even in mistake as communication period appearance, can also use
The integrity check data for previously having been transmitted or having been received carrys out test data immediately, and can also use integrity detection number
According to the integrality that total data is checked in final operation.Therefore, even if interface unit 1410 is with contact-type or connecting-type quilt
Be connected to main body, or according to I2C communication means executive agent 100 and can be between consumable unit 200 communication, be also possible to prevent by
In the data of the misregistration caused by incorrect certification or incorrect communication.
Software can be respectively encoded to according to the method for being used for certification and communicating of exemplary embodiment and remembered
Record is in the recordable medium of nonvolatile type.The recordable medium of nonvolatile type can be installed in imaging device, can consume list
In member, or in CRUM chips, and/or in various types of devices, and therefore, can be realized in various device devices more than
The certification of description and communication means.
The recordable medium of nonvolatile type refers to can semi-permanently data storage rather than short time data storage
Medium, such as register, cache and memory, and can be read by device.Above-mentioned various applications or program
Such as CD, DVD, hard disk, blu-ray disc, USB, storage card, and the recordable matchmaker of ROM etc nonvolatile can be stored in
In Jie and it is located at wherein.While there has been shown and described that some embodiments of the present invention, but those people in the art
Member is it will be appreciated that can be in the principle without departing substantially from the present invention (its scope is defined in claim and their equivalent)
Be changed in this embodiment in the case of spirit.