CN100583060C

CN100583060C - Access method, device and information machine

Info

Publication number: CN100583060C
Application number: CN200480001007A
Authority: CN
Inventors: 高木佳彦; 菊地隆文
Original assignee: Matsushita Electric Industrial Co Ltd
Current assignee: Panasonic Holdings Corp
Priority date: 2003-07-16
Filing date: 2004-07-15
Publication date: 2010-01-20
Anticipated expiration: 2024-07-15
Also published as: CN1701310A

Abstract

A command specifying an access region from a terminal is separated from a command performing access and the argument of the command performing access contains terminal verification data when transmitted. Thus, it is possible to verify that the terminal application which has issued the command specifying the access region, the terminal application which has issued the command performing access, and the terminal application holding the authentication key are the same.

Description

Access method, access device and information machine

Technical field

The invention relates to the storage card of terminals such as a kind of PC of insertion and portable phone, and to the access method of storage card.

Background technology

In the past, the purposes of storage card is to be to insert terminal, makes terminal can store data.Below enumerate existing storage card an example (as, special be willing to the 2003-91704 communique).

Jig is accepted various command and the command terminals (CMD row) of response is made in order from terminal fully, and the go forward side by side data terminal (DAT row) of line data output of the input of accepting data.

In the example of the existing storage card shown in the 1st figure, terminal 4602 is the CMD row, and

terminal

4607,4608,4609 is to be respectively DAT0, DAT1, DAT2 by the DAT row.And terminal C2-01 to be dual-purpose be that the data I/O detects the CD/DAT3 of usefulness (CD) with (CD) and card.At DAT0～DAT3, the pattern of only using DAT0 is arranged, and use DAT0～3 simultaneously and realize the pattern of transmission speed high 4 times when only using DAT0.

Then, use the 2nd figure that the card inner module structure of existing card is described.

The card inner module is made of following parts: processing command receiving-member 4701, be connected with CMD row 4602, and be used for receiving order and send response; Data transmission/receiving-member 4702 is connected with

DAT row

4607,4608,4609, C2-01, carries out the transmission/reception of data; Storage area 4704; And storage area access unit 4703, according to the order that receives storage area 4704 is carried out data write.

Next processing action when the reading and writing data of existing storage card is described.Here the output of tentation data is to be set at the pattern of only using DAT0 terminal 4607, merges the pattern of using DAT1 terminal 4608, DAT2 terminal 4609, DTA3 terminal 4610 but also can be.

At first, terminal sends data read command to the CMD row 4602 of card.This reading order is the form for as shown in Figure 7, is made of 6 command codes 401 and 32 s' order independent variable 402.Start address is read in order independent variable storage in the data read command.

Receive process of commands command reception section 4701 from terminal and identify it for data read command with reference to command code 401.

Whether processing command receiving-member 4701 is correct with reference to the address of order independent variable 402 inquiry agency appointments then, and whether the address of just investigating appointment is positioned at the corresponding scope of card, means wrong answer code if the address was then returned when being wrong.If address right then returns and means normal answer code.

Processing command receiving-member 4701 reads request for storage area access unit 4703 to the address of appointment after sending response back to terminal.

Storage area access unit 4703 sends to data transmission/receiving-member 4702 from the assigned address reading of data of storage area 4704.

Data transmission/receiving-member 4702 carries out the output of reading of data to terminal by DAT0 row 4607.

The read-write that can freely block by the terminal assigned address as the storage card as above-mentioned.

As above-mentioned card in, limit to come as the safeguard protection zone at the specific region of flash memory setting access, when the particular terminal of thinking only to make grand access can be carried out access, the card in the above-mentioned document can use the flexible authentication of IC-card order.Yet, the APDU of the standard commands form of IC-card (Applicationprotocol data unit, Application Protocol Data Unit) only can carry out the data transmission/reception of 256 bytes, and because be to be the half-duplex agreement, so when main frame carries out the order transmission, must respond reception, and be difficult to carry out high speed data transfer.Therefore after can considering to use the IC-card order to carry out authentication processing in the mode of flexible cooperation safety policy, use the storage card order to carry out data transmission manner, but whether the application on the main frame that this mode is difficult to confirm IC-card order publisher and issue the storage card order is identical.

Therefore, the information that will generate in the authentication processing process of using the IC-card order is when consistent verification msg is included in the storage card order as the publisher of checking IC-card order and storage card order, that is to say, the verification msg of accessing zone appointed information (wanting the address of access etc.) and authentication usefulness is included in the order independent variable, and the size of the order independent variable 402 of data read command is as being fixed as 32 as above-mentioned, therefore increase the size of authentication if improve security, the length of accessing zone appointed information is shortened and the possible zone of access is restricted with verification msg.Relatively, if reduce the size of verification msg, then can reduce security.

Change existing data read command form if address the above problem, then might cause and to carry out access to existing storage card.

In addition, if make existing data read command and to the data read command independence of the storage card that is provided with the safeguard protection zone and deposit, then must look the kind of storage card and switch in end side, make the access of storage card complicatedly, unfavorable terminal is used.Therefore; though must be defined as the order that sends verification msg respectively and for carrying out the storage card order of reading or writing of data; two command in combination are carried out access to the safeguard protection zone, but can't confirm between two orders whether order publisher is consistent.

Summary of the invention

The objective of the invention is to address the above problem; and this purpose is reached by following manner: be accessed in the storage card order of using when not having limited-access regional in the storage card by above-mentioned data read command representative; then at first send the accessing zone appointed information to storage card for the safeguard protection zone that is provided with limited-access by the storage card order of specifying accessing zone; be sent between main frame and the storage card to storage card then and use the IC-card order to carry out flexibly authentication processing time to share or prior cipher key shared information; and the reading or write and use the storage card order of safeguard protection zone; reading or write with the storage card order of this safeguard protection zone comprises the verification msg of using the authentication usefulness that above-mentioned accessing zone appointed information generates; thus; making imperative structures is that data to the safeguard protection zone write and from two stages of the data read in safeguard protection zone; do not need to change the form of storage card order; even the order independent variable is less security is reduced, thereby a kind of access method that can carry out access to the safeguard protection zone is provided.

According to one embodiment of present invention, access method is the access method that a kind of machine carries out memory storage, and this method comprises: described machine is carried out the step that sends the appointed information of specifying accessing zone to described memory storage; And the step that sends together of the authorization information that will be sent to the processing command of described accessing zone and relevant described appointed information; And described memory storage is carried out the step that receives described appointed information; Receive described processing command and described authorization information, and the step of described appointed information being verified with described authorization information; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and this method comprises: described machine is carried out: but but with the step of described memory storage with sharedization of area information of relevant accessing zone to this memory storage; But, send the step of the appointed information of the accessing zone of specifying described memory storage with reference to described area information; And the step that sends together of the authorization information that will be sent to the processing command of described accessing zone and relevant described appointed information; And described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described authorization information, and the step of described appointed information being verified with described authorization information; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and this method comprises: described machine is carried out: and described memory storage will be verified the step with sharedization of key; Send the step of the appointed information of the accessing zone of specifying described memory storage; And will be sent to the processing command of described accessing zone and the authorization information of relevant described appointed information is encrypted with key with described checking after the step that sends together of verification msg; And described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described verification msg, the step of using described verification msg and described checking described appointed information to be verified with key; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and this method comprises: described machine is carried out: but but with the step of described memory storage with sharedization of area information of the accessing zone of relevant this memory storage; But with described memory storage will be corresponding with described accessing zone checking with the step of sharedization of key; But, send the step of the appointed information of the accessing zone of specifying described memory storage with reference to described area information; And the step that sends together of the processing command that will be sent to described accessing zone and the verification msg of with key the authorization information of relevant described appointed information being encrypted with described checking; And described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described verification msg, the step of using described verification msg and described checking described appointed information to be verified with key; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, this method comprises: described machine is carried out: use the first disposal system order, but but with the step of described memory storage with sharedization of area information of the accessing zone of relevant this memory storage; But, use the second disposal system order to send the step of the appointed information of the accessing zone of specifying described memory storage with reference to described area information; And the step that sends together of the authorization information of using the described second disposal system order will be sent to the processing command of described accessing zone and relevant described appointed information; And described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described authorization information, the step of using described authorization information that described appointed information is verified; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and this method comprises: described machine is carried out: use the first disposal system order and described memory storage will verify step with sharedization of key; Use the second disposal system order to send the step of the appointed information of the accessing zone of specifying described memory storage; And use the described second disposal system order will be sent to the processing command of described accessing zone and the authorization information of relevant described appointed information is encrypted with key with described checking after the step that sends together of verification msg; And described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described verification msg, the step of using described verification msg and described checking described appointed information to be verified with key; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and described memory storage comprises: the first area that the access from described machine is provided with the anti-channeling modification of restriction; Access from described machine is provided with the second area of the non-anti-channeling modification of restriction; And described machine can access the 3rd zone; And possesses the function that to differentiate the first disposal system order and the second disposal system order, this first disposal system order is the processing command to described first area at least, and this second disposal system order is the processing command to described the 3rd zone at least; This method comprises: described machine is carried out: use the first disposal system order, but but with the step of described memory storage with sharedization of area information of the accessing zone of relevant this memory storage; But, use the second disposal system order to send the step of the appointed information of the accessing zone of specifying described second area with reference to described area information; And the step that sends together of the authorization information of using the described second disposal system order will be sent to the processing command of described accessing zone and relevant described appointed information; Described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described authorization information, the step of using described authorization information that described appointed information is verified; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and described memory storage comprises: the first area that the access from described machine is provided with the anti-channeling modification of restriction; Access from described machine is provided with the second area of the non-anti-channeling modification of restriction; And described machine can access the 3rd zone; And possesses the function that to differentiate the first disposal system order and the second disposal system order, this first disposal system order is the processing command to described first area at least, and this second disposal system order is the processing command to described the 3rd zone at least; This method comprises: described machine is carried out: use the first disposal system order and described memory storage will verify step with sharedization of key; Use the second disposal system order to send the step of appointment to the appointed information of the accessing zone of described second area; And use the described second disposal system order will be sent to the processing command of described accessing zone and the authorization information of relevant described appointed information is encrypted with key with described checking after the step that sends together of verification msg; Described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described verification msg, the step of using described verification msg and described checking described appointed information to be verified with key; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, memory storage is a kind of memory storage of being read and write by machine, comprise: the processing command receiving-member when receiving the appointed information of specifying accessing zone, receives authorization information and read or write command based on described appointed information together; The appointed information verification component uses described authorization information that described appointed information is verified processing; Storage area, the storage data; The storage area access unit when described checking is handled successfully, reads or writes the described appointed area of described storage area according to described processing command; Data unit, the data that described storage area access unit is read send to described machine; And the Data Receiving parts, write data from described machine reception.

According to other embodiments of the invention, information machine is a kind of information machine that can read and write memory storage, comprising: appointed information decision parts, and the zone that decision is read or write, and the appointed information in described zone is specified in decision; Authorization information generates parts, carries out the generation of described authorization information based on described appointed information and handles; The processing command transmit block sends described appointed information, and the processing command that sends described authorization information together and read or write; Data unit, fashionable when described processing command for writing, send data to described memory storage; The Data Receiving parts, when described processing command when reading, receive data from described memory storage; And data storage part, storage is transferred to the data of described memory storage or the data that receive from described memory storage.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and this method comprises: described machine is carried out: send the step of appointment to the appointed information of the accessing zone of described memory storage; And will be sent to the processing command of described accessing zone and the step that sends together with the verification msg of key after with checking with the encryption of the authorization information of relevant described appointed information; And described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described verification msg, the step of using described verification msg and checking described appointed information to be verified with key; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and this method comprises: described machine is carried out: but but use the step of the first disposal system order with sharedization of area information of relevant accessing zone to described memory storage; But use checking that the first disposal system order will be corresponding with described accessing zone step with sharedization of key; Use the second disposal system order to send the step of appointment to the appointed information of the accessing zone of described memory storage; And use the described second disposal system order will be sent to the processing command of described accessing zone and the authorization information of relevant described appointed information is encrypted with key with described checking after the step that sends together of verification msg; And described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described verification msg, the step of using described verification msg and described checking described appointed information to be verified with key; And the step of when described being proved to be successful, carrying out described processing command.

According to other embodiments of the invention, access method is the access method that a kind of machine carries out memory storage, and described memory storage comprises: the first area that the access from described machine is provided with the anti-channeling modification of restriction; Access from described machine is provided with the second area of the jumbo non-anti-channeling modification of restriction; And described machine can access jumbo the 3rd zone; And possesses the function that to differentiate the first disposal system order and the second disposal system order, this first disposal system order is the processing command to described first area at least, and this second disposal system order is the processing command to described the 3rd zone at least; This method comprises: described machine is carried out: use the first disposal system order, but but with the step of described memory storage with sharedization of area information of relevant accessing zone to this memory storage; Use the first disposal system order, but checking that will be corresponding with described accessing zone is with the step of sharedization of key; Use the second disposal system order to send the step of appointment to the appointed information of the accessing zone of described second area; And use the second disposal system order will be sent to the processing command of described accessing zone and the authorization information of relevant described appointed information is encrypted with key with described checking after the step that sends together of verification msg; In addition, described memory storage is carried out: the step that receives described appointed information; Receive described processing command and described verification msg, the step of using described verification msg and described checking described appointed information to be verified with key; And the step of when described being proved to be successful, carrying out described processing command.

Description of drawings

Fig. 1 is the terminal structure figure that shows existing storage card;

Fig. 2 shows mould in the existing storage card structural drawing of determining;

Fig. 3 is the internal module structural drawing that shows storage card in the embodiments of the invention 1;

Fig. 4 is the terminal structure figure that shows storage card in the embodiments of the invention 1;

Fig. 5 is the cut-away view that shows terminal in the embodiments of the invention 1;

Fig. 6 shows the processing synoptic diagram that carries out in the embodiments of the invention 1 between card and terminal;

Fig. 7 is the synoptic diagram that shows the order of transmission/method of reseptance of APDU in the embodiments of the invention 1;

Fig. 8 is the synoptic diagram that shows the order of the transmission processing that responds APDU in the embodiments of the invention 1;

Fig. 9 is the synoptic diagram that shows the command format of storage card in the embodiments of the invention 1;

Figure 10 is the cut-away view that shows flash memory in the embodiments of the invention 1;

Figure 11 is the cut-away view that shows the safeguard protection zone in the embodiments of the invention 1;

Figure 12 shows the cut-away view of each application in safeguard protection zone in the embodiments of the invention 1 with the zone;

Figure 13 shows that but session key is shared and the shared synoptic diagram in proper order of accessing zone in the embodiments of the invention 1;

Figure 14 is for describing in the embodiments of the invention 1 process flow diagram in the processing of the step 903 of the 13rd figure in detail;

Figure 15 is for describing in the embodiments of the invention 1 process flow diagram in the processing of the step 905 of the 13rd figure in detail;

Figure 16 is for describing in the embodiments of the invention 1 process flow diagram in the processing of the step 907 of the 11st figure in detail;

Figure 17 is that the terminal that is shown as from embodiments of the invention 1 reads the command sequences figure in safeguard protection zone;

Figure 18 shows that the APDU in the embodiments of the invention 1 sends the synoptic diagram of the independent variable form of order;

Figure 19 shows that the APDU in the embodiments of the invention 1 receives the synoptic diagram of the independent variable form of order;

Figure 20 shows that the APDU in the embodiments of the invention 1 sends the synoptic diagram of the form of the input data of order and the output data that APDU receives order;

Figure 21 is the synoptic diagram that shows the input data layout of accessing zone specified command in the embodiments of the invention 1;

Figure 22 is the synoptic diagram that shows accessing zone appointed information in the embodiments of the invention 1;

Figure 23 shows the synoptic diagram of verifying the generation method of the verification msg of being undertaken by terminal in the embodiments of the invention 1 for the legitimacy of carrying out terminal;

Figure 24 shows in the embodiments of the invention 1 to be the legitimacy checking of the carrying out terminal synoptic diagram by the generation method that sticks into capable verification msg;

Figure 25 is the synoptic diagram that shows in the embodiments of the invention 1 for the command sequences that the safeguard protection zone is write from terminal;

Figure 26 is the internal module structural drawing that shows storage card in the embodiments of the invention 2;

Figure 27 is the cut-away view that shows terminal in the embodiments of the invention 2;

Figure 28 is the process flow diagram that shows in the embodiments of the invention 2 processing when terminal is carried out access to the safeguard protection zone of card;

Figure 29 is an example that shows the data portion of regional specified command in the embodiments of the invention 2;

Figure 30 is the synoptic diagram that shows the form of the accessing zone appointed information of the 29th figure in the embodiments of the invention 2;

Figure 31 is an example that shows the generation method of comparison information in the embodiments of the invention 2;

Figure 32 shows the structural drawing that has the card when verifying with the key shared components in the embodiments of the invention 2 in inside;

Figure 33 shows the structural drawing that has the terminal when verifying with the key shared components in the embodiments of the invention 2 in inside;

Figure 34 shows the precedence diagram of verifying in the embodiments of the invention 2 with the shared method of key;

Figure 35 is shown as the figure that verifies in the explanation embodiments of the invention 2 with key generation method;

Figure 36 is the synoptic diagram that shows the comparison information generation method of using the SHA-1 calculation in the embodiments of the invention 2;

Figure 37 is the synoptic diagram that shows authorization information generation method in the embodiments of the invention 2;

Figure 38 is the synoptic diagram that shows the form of access command in the embodiments of the invention 2;

Figure 39 shows that the verification msg of using number information in the embodiments of the invention 2 generates the synoptic diagram of handling;

Figure 40 shows the synoptic diagram that uses the comparison information generation method of random number in the embodiments of the invention 2;

Figure 41 shows that the verification msg of using random number in the embodiments of the invention 2 generates the synoptic diagram of handling;

Figure 42 is the internal module structural drawing that shows storage card in the embodiments of the invention 3;

Figure 43 is the cut-away view that shows terminal in the embodiments of the invention 3;

Figure 44 is the process flow diagram that shows that the access from terminal safeguard protection zone in blocking carried out in the embodiments of the invention 3 is handled;

Figure 45 is the part process flow diagram that shows that the access after the 44th figure is handled in the embodiments of the invention 3;

Figure 46 shows an effectively example of table of embodiments of the invention 3 accesses; And

Figure 47 shows an effectively example of table of embodiments of the invention 1 access.

Embodiment

Below embodiments of the present invention will be described in detail with reference to the accompanying drawings.Yet the present invention is not limited to present embodiment, can various forms be carried out in the scope that does not break away from its purport.

(embodiment 1)

Use Fig. 3 that card inner module structure among the present invention is described below.Yet the terminal arrangement of card 100 is for as shown in Figure 4, though its terminal structure is different with the label of each terminal shown in the 1st figure, so because of the identical omission of its structure related description.

The card inner module is made of controller 106 and flash memory 105.Controller 106 is made of following parts: order acceptance division 101, be connected with the CMD row, and carry out order and receive and respond transmission; Data transmission/acceptance division 102 is connected with the DAT row; Encrypting and decrypting portion 107 encrypts or decryption processing with session key the data of data transmission/acceptance division 102 transmission/receptions, and encrypts or decipher with key afterwards and carry out data between the memory access portion 104 and give and accept with flash memory storage; Memory access portion 104 carries out data write to flash memory 105; Data Control portion 103 shares portion 110, parameter proof department 108 and encrypting and decrypting portion 107 according to the order that receives to memory access portion 104, session key and handles request; Parameter storage part 109, storage receives parameter self terminal 200, that be used for the access security protection zone; Parameter proof department 108, whether certificate parameter is correct; Session key is shared portion 110, the session key that authentication between exchange and the terminal 200 and encrypting and decrypting are used; And zone/session key management department 111, storage session key and and the safeguard protection zone of session key correspondence.

Then, use Fig. 5 that the structure of terminal 200 in the present embodiment 1 is described.

Terminal 200 possesses: order sending part 204 sends the storage card order to card 100; Data transmission/receiving-member 207 sends data to the DAT of card 100 row; Encrypting and decrypting parts 206 are encrypted the data that data transmission/receiving-member 207 sends, and the data that receive are decrypted; Session key shared components 202, and the key shared processing that engages in the dialogue between blocking 100; Appointed information decision parts 201, the zone according to the access command decision access of safeguard protection zone generates regional appointed information; Verification msg generating unit 203 generates verification msg from regional appointed information and session key; And data storage part 205, the data that storage sends or the data of reception.

Then, use Fig. 6 explanation Fig. 3 block 100 and Fig. 5 terminal 200 between the processing summary of being carried out.

In Fig. 6, at first in terminal 200 with block between 100 and to carry out the processing of using card 100IC card command, that is to say, but be used for terminal 200 and card 100 mutual authentication authentication processing and be the key shared processing of sharing session key and the area code allocation process (step S401) of distributing the area code (the regional No.x of figure) of accessing zone to card 100 internal storage from terminal 200.

After carrying out authentication processing and affirmation legitimacy each other; carry out key shared processing and area code allocation process; its result; in terminal 200 and card 100, the checking that access is carried out in the safeguard protection zone that allows to represent to regional No.x with and to encrypt the session key of usefulness and area code (regional No.x) corresponding and be held.

Then, carry out use storage card process of commands in terminal 200 with between blocking 100, that is to say, send to card 100 accessing zone specified command from terminal 200 and handle (step S402), data transfer command and send to handle (step S403) and send to the enciphered datas of terminal 200 and handle (step S404) by card 100.

Send in the processing at the accessing zone specified command, for specifying the zone in the safeguard protection zone of wanting access, the accessing zone specified command that will comprise the data of setting regions No.x, block address and block length sends to card 100 from terminal 200.In card 100, could verify processing to the access in safeguard protection zone according to the regional No.x execution of from the accessing zone specified command that receives, extracting.

And, send in the processing at data transfer command, use regional No.x, block address and block length, make verification msg with the checkings that card 100 is shared with key in terminal 200, and data transmission (Read) order that comprises this verification msg is sent to card 100 at step S401.At card 100; by data transmission (Read) order that receives be confirmed to be use and checking that terminal 200 is shared with the open key of key and the verification msg of making according to regional No.x, block address and block length, verifying could to the access in the safeguard protection zone of step S402 appointment.

In addition, enciphered data sends to handle and also comprises, use and terminal 200 between the encryption shared will use the interior data encryption that regional No.x stored of corresponding card 100 for accessible card with result during above-mentioned checking is handled with key, and this enciphered data is sent to terminal 200.

Below will describe above-mentioned processing summary and processing sequence in detail.

The order form of transmission/reception is according to the employed APDU form of general IC-card between terminal 200 and the shared portion 110 of session key.That is to say that session key is shared the form that portion 110 adopts IC-card to use.

Here, use transmission/method of reseptance of the precedence diagram explanation APDU of Fig. 7.

At first relevant the transmission to the order APDU of card 100 from terminal 200 of explanation handled.Here, order APDU is meant and will sends to storage card with the APDU form from terminal 200 in the order that the storage card end is carried out, specifically then is to use IC-card with ordering.

At first, terminal 200 is made and will be sent to the order APDU that session key is shared portion 110.The CMD row 22 of the card 100 of 200 couples the 2nd figure of terminal send APDU and send order (step S501).

This APDU send order and existing data read command same, be to be the form shown in the 7th figure, constitute by 6 command codes 401 and 32 s' order independent variable 402.

The order independent variable 402 that APDU sends order is as shown in figure 18, and the data that are input to DAT0 row 27 by expression are the sign 1401 of order APDU and represent that 1403 of transmission data number constitutes.To indicate 1401 and then have unused word section 1402 when sending discontented 32 of data number 1403 additions.

The data that are input to the DAT0 row 27 of Fig. 4 are to be unit with 512 bytes, send the execution number of times of this 512 byte unit input of data number 1403 expressions.

Secondly, the order (step S502) that order acceptance division 101 receiving terminals 200 of card 100 send, after identifying it and sending order for APDU,, when terminal 200 is returned response (step S503), received APDU to Data Control portion 103 notices and sent order (step S504) by CMD row 22.

Then, terminal 200 receives the response (step S503) that APDU is sent order from blocking 100 CMD row 22, will order APDU1602 to be input to DAT0 row 27 (step S505) with the form shown in the 20th figure.

In Figure 20,1601 represented length are the length of APDU1602 afterwards.Come the transmission data number 1403 of setting command independent variable according to the total length of length section 1601 and APDU1602.In addition, because the long not necessarily multiple of 512 bytes of described total, therefore additional filled section 1603 makes it to become the multiple of 512 bytes.

Then, the data sending part 102 that blocks 100 inside receives the order APDU (step S505) that is imported into DAT0 row 27 from terminal 200, has received APDU order (step S506) to Data Control portion 103 notices simultaneously.Data Control portion 103 will order APDU to give session key and share portion 110 (IC-card application) (step S508) from data transmission/acceptance division 102 reading order APDU (step S507) then.

Then, session key is shared the processing (step S509) that portion 110 carries out as order APDU records and narrates, and data that will produce in result and status information APDU are in response given Data Control portion 103 (step S510).This status information is that expression is the value of 2 bytes of normal termination or abnormal ending by the status word of ISO7816 definition.

Then, use the precedence diagram explanation of the 8th figure to handle by the transmission of the response APDU of 100 pairs of terminals 200 of card.Here, response APDU is that the result of will block the 100 order APDU that carry out sends to terminal 200 from blocking 100.

Here, order as described described in the sending method of APDU, suppose that session key shares the state that the response APDU of portion's 110 outputs is held by Data Control portion 103.

At first, terminal 200 sends APDU reception order (step S601) to the CMD row 22 of card 100.This APDU receives order and APDU sends order equally, and is identical with the form of existing data read command shown in the 9th figure, is made of 6 command codes 401 and 32 s' order independent variable 402.

The order independent variable 402 that APDU receives order is as shown in figure 19, is made of unused word section 1501 and transmission data number 1502.When being discontented with 32, data number 1502 then has unused word section 1501 when sending.

From the data of DAT0 terminal 27 output of Fig. 4 and the input data that APDU sends order is unit with 512 bytes similarly, sends the execution number of times of this 512 byte unit output of data number 1502 expressions.

Secondly, the order (step S602) that order acceptance division 101 receiving terminals 200 of card 100 send, after identifying it and receiving order for APDU,, when terminal 200 is returned response (step S603), received APDU to Data Control portion 103 notices and sent order (step S604) by CMD row 22.

Then, data transmission/acceptance division 102 (step S605) will be given from the response APDU that the shared portion 110 of session key receives by Data Control portion 103.

Then, terminal 200 receives the response (step S603) that receives order about APDU from blocking 100 CMD row 22, reads from data transmissions/acceptance division 102 by DAT0 row 27 and responds APDU (step S606).The response APDU that reads is with form output shown in Figure 20.Identical when importing with APDU transmission order because of the detailed description of each field, so omitted.

As shown in figure 10; the flash memory 105 that is arranged on card 100 has at least and can read the general area (storage area of non-anti-channeling modification) 62 of carrying out access with the storage card order of order representative with ordering and writing with existing from terminal 200, and the safeguard protection zone (storage area of anti-channeling modification) 61 that can't carry out access with described existing order.Block 100 then as shown in figure 10, have and to change zone (TRM:tamper resistant module) 80 with the anti-channeling that access is carried out in the IC-card order.

The state that carries out access normally only can be used from card in safeguard protection zone 61, then gets rid of access by order acceptance division 101 for existing the reading with ordering and write with order of coming self terminal 200.

Storage card of the present invention portion within it is provided with a plurality of cards and uses, and as shown in figure 11, safeguard protection zone 61 can other zone (AP1 with regional 71～AP3 with regional 73) distributes to each application.

Storage with 103 management of Data Control portion is encrypted safeguard protection zone 61 with key (Ks).Can use a password key Ks to whole safeguard protection zone 61, also can Zhun Bei not store with key K s_1～Ks_3 with 73 in zone with zone 71～AP3 for each AP1 that uses usefulness.Be to use AP1～3 for each to prepare storage key K s_1～Ks_3 in the present embodiment.

Secondly, use Figure 12 to illustrate that AP1 of each application usefulness in the safeguard protection regional 61 uses the inner structure in zone 73 with zone 71～AP3.

Here, using AP1 with card is that example describes with zone 71.AP1 is the data management of utilization stratum structure with the inside in zone 71, and this stratum's structure uses catalogue DIR1, DIR2 and file FILE1～FILE3.

Card use AP1 AP1 with zone 71 in the execution catalogue move, on the catalogue DIR1 that has the purpose file, DIR2, carry out read-write to file FILE1～FILE3.

For example, when card application AP1 carries out access to file FILE3, move to catalogue DIR1 earlier, move to the read-write that catalogue DIR2 carries out file FILE3 later on again.In addition, can make or delete the catalogue or the file of lower floor at each catalogue DIR1, DIR2.

Then, use Figure 13～session key of Figure 16 explanation in card 100 to share the session key of carrying out between portion 110 and the terminal 200 and share order.

Card is used and terminal 200 is held a pair of PKI and key with public key encryption respectively, and holds the other side's open key mutually.

The order form that session key is shared in the order is to use described APDU.The statement of information concerning order form will not be carried out in explanation afterwards, only record and narrate to be order APDU, response APDU.

At first terminal 200 is blocked the selection (step 901) of using AP1 by sending SELECT order APDU.SELECT order APDU be used to specify with after IC-card order (order APDU) send to the order APDU of which application of card 100 inside and other order APDU and be to use APDU to send equally to order and send.

Card 100 returns the response APDU of normal termination when the selection normal termination of using AP1 by the card of terminal 200 appointments, then return the response APDU (step 902) of abnormal ending when not having normal termination.

Then, terminal 200 is carried out and is handled 903.But these processing 903 simple declarations can be carried out the processing of the DATA2 of access to selected card application AP1 for generating.Process flow diagram referring now to Figure 14 describes processing 903 in detail.

Terminal 200 generates random number R h (step S9031), and want the filename of the file FILE3 shown in the 12nd figure of access in conjunction with random number R h and terminal 200, and encrypt and generate DATA1 (step S9032) to use the corresponding open key PubS of key PriS that AP1 holds, will represent that identifier Info_PubH and the DATA1 combination of the opener key PubH that the key PriH that holds with terminal 200 is corresponding generates DATA2 (step S9033) with card.

Turn back to Figure 13, terminal 200 is shared for the session key of carrying out and block between the application, but and for carrying out the shared of accessing zone information, the REQ_AREA_INFO order that is included in the DATA2 of step S9033 generation is sent to card use (step 904).

The card that receives the REQ_AREA_INFO order is used AP1 execution processing 905.Process flow diagram referring now to the 15th figure describes this processing 905 in detail.

Card is used AP1 and is extracted DATA1 from DATA2, uses the key PriS deciphering that AP1 holds with card, obtains random number R h and filename FILE3 (step S9051).

Then, extract identifier Info_PubH, can carry out access with reference to the pairing terminal 200 of open key PubH that the access right setting check Info_PubH of file FILE3 represents based on the open key of DATA2 identification.If there is not authority to carry out access, then will send response APDU back to terminal 200 with the mistake of having no right to be limited to content.Carry out access if any authority, then obtain the file size SIZE3 (step S9052) of FILE3.

Then; generate random number R s (step S9053); can carry out access to file FILE3 by safeguard protection zone access command for making terminal 200; register at the effective table 4500 of access shown in Figure 47; area code X in the time of will being used for terminal 200 protection zone safe in utilization access commands and carrying out access distributes to file FILE3, and and file size SIZE3 store zone/session key management department 111 (step S9054) together into.This area code is meant when terminal 200 is carried out access by safeguard protection zone access command, is contained in the information of the accessing zone appointed information that is sent by the accessing zone specified command.

Secondly, generate DATA3 (step S9055), with the open key PubH of terminal 200 DATA3 is encrypted and generate DATA4 (step S9056) in conjunction with random number R s, area code X and file size SIZE3.

Secondly, random number R s and random number R h are imposed nonequivalence operation and generation random number R (step S9057), generate password session key Kd and checking session key Km (step S9058) from random number R.

Then, make session key Kd corresponding with area code X, and store zone/session key management department 111 (step S9059) into Km.

Get back to Figure 13, send the response APDU (step 906) that comprises DATA4 to terminal 200 after the processing that card 100 finishes thus much.

The terminal 200 that receives response APDU is extracted DATA4 execution processing 907 from response APDU.Process flow diagram referring now to the 16th figure describes this processing 907 in detail.

Terminal 200 uses the key PriH of terminal 200 that the DATA4 deciphering is obtained DATA3 (step S9071).Terminal 200 obtains random number R s from DATA3, and random number R s and random number R h are imposed nonequivalence operation and generate random number R (step S9072), encrypts with session key Kd and checking session key Km (step S9073) from the random number R generation.

By carrying out above-mentioned step 901 to 907, carry out authentication mutually between can and blocking 100 in terminal 200, if can become the state that can carry out access from terminal 200 when the access right of pair terminal 200 specified files is arranged, and can share needed area code when carrying out access, distribute to the file size SIZE3 of area code and checking with session key Km, use session key Kd.

In addition, the filename that is communicated to card 100 from terminal 200 in step 904 does not need the file of direct representation card application management, is which file of indication as long as can discern that card release uses.

And, make terminal 200 want the file of access and in step S9054, make the setting time institute assigned region number that terminal 200 can access always identical this document, and make terminal 200 and card 100 these information of identification in advance, can be omitted in terminal 200 in the step 904 thus and want the notice of the filename of access, and the notice of in step 906, distributing to the area code of file.

In addition, illustrated that in this explanation form that each card uses is for as shown in figure 12, can be the stratum's structure that constitutes by catalogue and file, and with the form of directory name and filename management data, to distribute to the suitable size of Region Segmentation one-tenth that card is used but also can be, and will distribute to the form that each zone after cutting apart is managed such as the identifier of number.At this moment, use described identifier to replace filename FILE3 in the processing sequence shown in the 13rd figure.

Then, it is relevant to the processing of terminal 200 when access is carried out in the safeguard protection zone to use the 17th figure and the 3rd figure to illustrate.On behalf of CMD row 22, dotted line, the solid line of Figure 17 represent the transmission of DAT0 row 27.

At first, terminal 200 is to the accessing zone specified command (step 1301) of card 100 transmissions as the storage card order.This accessing zone specified command is a form as shown in Figure 9, is made of 6 command codes 401 and 32 s' order independent variable 402.

The order independent variable 402 of accessing zone specified command is for as shown in figure 18, and the data that are input to DAT0 row 27 by expression are that the sign 1401 of accessing zone appointed information and expression send 1403 of data number and constitute.To indicate 1401 and then have unused word section 1402 when sending discontented 32 of data number 1403 additions.

The data that are input to DAT0 row 27 are to be unit with 512 bytes, send the execution number of times of this 512 byte unit input of data number 1403 expressions.

Secondly, the order of order acceptance division 101 receiving terminals 200 transmissions of card 100 is identifying it for behind the accessing zone specified command, has received accessing zone specified command (step 1302) to Data Control portion 103 notices when terminal is sent response back to.

Then, terminal 200 receives the response of accessing zone specified commands from blocking 100 CMD row 22, with form shown in Figure 21 accessing zone appointed information 1702 is input to DAT0 row 27 (step 1303).

In Figure 21,1701 represented length are the length of accessing zone appointed information 1702 afterwards.Come the transmission data number 1403 of setting command independent variable 402 according to the total length of length field 1701 and accessing zone appointed information 1702.In addition, because of the long not necessarily multiple of 512 bytes of described total, therefore additional filled section 1703 makes the multiple that becomes 512 bytes.

As shown in figure 22, accessing zone appointed information 1702 by the area code 1801 that is used to specify the area code X that cartoon is known in the step 906 of the 13rd figure, more than or equal to 0 and the scope of the file size SIZE3 that knows by cartoon equally in the access start address 1802 that can select and more than or equal to 1 and in file size SIZE3 deducts the scope of access start address 1,802 1803 of selectable access data sizes constitute.

Then, the data transmission/acceptance division 102 that blocks 100 inside receives the accessing zone appointed information 1702 that receives input from terminal, has received accessing zone appointed information 1702 to Data Control portion 103 notices simultaneously.

Secondly, Data Control portion 103 reads accessing zone appointed information 1702 from data transmission/acceptance division 102, check whether area code 1801 is at the 15th figure step S9054 assigned region number X, and check access start address and access data size and whether be positioned at file size scope with area code X corresponding file, be set at ON if any then block the error flag of holding inside unusually.

Do not have when unusual, Data Control portion 103 is stored in the parameter storage part 109 shown in the 3rd figure with accessing zone appointed information 1702 (particularly, being exactly area code 1801 and access start address 1802, access data size 1803).

More than be the processing of specifying accessing zone.

Processing when explanation is read the safeguard protection zone 61 of Figure 10.

In Figure 17,200 pairs of cards of terminal 100 send safeguard protection zone reading order (step 1304).This safeguard protection zone reading order is the form shown in the 8th figure, is made of 6 command codes 401 and 32 s' order independent variable 402.

Order independent variable 402 in the reading order of safeguard protection zone is made of verification msg; whether this verification msg is used to verify whether the terminal that sends safeguard protection zone reading order is the terminal 200 that sends the accessing zone specified command, and be to share the terminal 200 that in proper order the represented zone of area code X is had access right through being confirmed to be by session key.

Now use Figure 23 that the generation method of this verification msg is described.

Accessing zone appointed information 1702 is the parameters of input DAT027 in the accessing zone specified command.Authentication secret 2101 is the checking session key Km in step 907 generation of Figure 13.

The verification msg generating unit 203 of terminal 200 inside is the modules of carrying out the password calculation, is used for generating the verification msg that is contained in safeguard protection zone access (read or write) order.Here, MAC (Message Authentication Code, the Message Authentication Code) generation that is called as DES-MAC is handled.To be used as the input data to 2102 of accessing zone appointed information 1702 additional padding datas 2105, and use authentication secret 2101 to use the MAC of DES password to generate and handle, the MAC data will be made verification msg 2104.

For padding data 2105, can terminal 200 when card 100 sends the accessing zone specified commands and accessing zone appointed information 1702 sends together, also can give padding data according to the filled section create-rule generation of decision in advance between terminal and the card.

In addition, though be to use DES-MAC to make verification msg, also can use other algorithm at present embodiment.Also can select verification algorithm according to purposes.

In addition, in that whether there is no need to authenticate terminal proper, can not use encryption when only needing to confirm the corresponding relation with the accessing zone specified command, only will use the hash data of SHA1 (Secure Hash Algorithm 1, Secure Hash Algorithm 1) and MD5 (Message Digest 5) algorithm to get final product as verification msg.

Terminal 200 generates to handle by above-mentioned verification msg and generates 32 verification msg, and is used as the independent variable of safeguard protection zone reading order.

Then, the order that card 100 order acceptance division 101 receiving terminals 200 send when identifying its error flag for the relevant accessing zone appointed information 1702 of safeguard protection zone reading order and being set to ON, is sent mistake back in response.When the error flag of relevant accessing zone appointed information 1702 is not set to ON; then shown in the 15th figure; when terminal is sent normal response (step 1305) back to, received safeguard protection zone reading order, given parameter proof department 108 verification msg 2104 that obtains as order independent variable 402 to Data Control portion 103 notices.

Secondly, terminal 200 receives the response of relevant safeguard protection zone reading order and waits pending data to export from DAT0 row 27 from blocking 100 CMD row 22.

The following describes the data output processing in the safeguard protection zone of card 100.

108 pairs of card 100 parameter proof departments read from the accessing zone appointed information 1702 that terminal 200 obtained and be stored in parameter storage part 109 based on the accessing zone specified command, and from the zone/and session key management department 111 obtains checking session key Km corresponding with the area code X (1801) that is contained in accessing zone appointed information 1702 and that store at the step S9059 of Figure 15.

Secondly, the verification msg generation that the parameter proof department 108 of card 100 uses checking to carry out as shown in figure 24 with session key Km and accessing zone appointed information 1702 is handled, and generates verification msg 1904.Yet it is identical that this verification msg generates the verification msg generation processing of handling and being carried out by terminal 200 shown in the 23rd figure, omits its detailed description here.

Secondly; card 100 parameter proof department 108 relatively generates the verification msg 504 of handling the verification msg 1904 that generates and obtaining from terminal 200 based on the independent variable of safeguard protection zone reading order in above-mentioned verification msg; if both are inconsistent, then be considered as mistake, do not carry out data read and handle.If both unanimities, then notification data control part 103 will advance to next data read processing.

Secondly, the Data Control portion 103 of card 100 reads accessing zone appointed information 1702 from parameter storage part 109, obtains to comprise area code X wherein, from the zone/and 111 identifications and area code corresponding file FILE3 of session key management department.

Secondly, the 103 affirmation file FILE3 of Data Control portion of card 100 obtain storage password key Ks_1 for using the zone that AP1 uses.

Secondly, the Data Control portion 103 of card 100 obtains access start address 1802 and access data size 1803 from accessing zone appointed information 1702, for the zone that is taken as file FILE3 management, access start address 1802 is carried out data read request as reading size to memory access portion 104 as biasing, access data size 1803.

Secondly, the Data Control portion 103 of card 100 asks encrypting and decrypting portion 107 data that memory access portion 104 reads to be decrypted with key K s_1 with storage.

Secondly, the Data Control portion 103 of card 100 asks encrypting and decrypting portion 107 encrypting and decrypting portion 107 decrypted data to be encrypted with session key Kd to encrypt.

Secondly, the Data Control portion 103 request msg transmission/acceptance divisions 102 of card 100 send to terminal 200 to encrypt with session key Kd ciphered data with encrypting and decrypting portion 107.

By above-mentioned processing, the data in safeguard protection zone can be at the state of being encrypted by session key Kd from blocking 100 outputs.

Terminal 200 is in that identify can be after block 100 output datas, obtain data (step 1306) from DAT0 row 27 as illustrated in fig. 17 for the state after the session key Kd encryption, use session key Kd with data decryption by the encryption that terminal is held, obtain the data in the zone of accessing zone appointed information 1702 appointments.

Connect down with reference to Figure 25 explanation fashionable processing is write in the safeguard protection zone.

Because of the transmission (step 2003) of the response (step 2002) of the transmission (step 2001) of the accessing zone specified command of terminal 200,100 pairs of described orders of card and accessing zone appointed information respectively with identical, so omit its explanation in the step 1301 that reads processing to the safeguard protection zone shown in Figure 17～1303.After the execution in step 2001～

step

2003,200 pairs of cards of terminal 100 send safeguard protection zone write command (step 2004).This safeguard protection zone write command is a form shown in Figure 8, is made of 6 command codes 401 and 32 s' order independent variable 402.

Order independent variable 402 in the reading order of safeguard protection zone is made of verification msg 1904; whether this verification msg 1904 is used to verify whether the terminal 200 that sends safeguard protection zone reading order is the terminal 200 that sends the accessing zone specified command, and be to share order has access right to the represented zone of area code X terminal 200 through being confirmed to be by session key.

The generation method of this verification msg is identical with safeguard protection zone reading order, so detailed.

Terminal 200 generates to handle by verification msg and generates 32 verification msg, and is used as the independent variable of safeguard protection zone reading order.

Then, the order that card 100 order acceptance division 101 receiving terminals 200 send when identifying it and for safeguard protection zone write command setting being arranged about the error flag of accessing zone appointed information 1702, is sent mistake back in response.

And when the error flag that does not have to set about accessing zone appointed information 1702; then when terminal 200 is sent normal response (step 2005) back to, received safeguard protection zone write command, will obtain and give parameter proof department 108 as the verification msg 504 of order independent variable to Data Control portion 103 notices from CMD row 22.

Secondly, terminal 200 receives the response of relevant safeguard protection zone write command and DAT0 row 27 is carried out the input of data from blocking 100 CMD row 22.Here the data that are input to DAT0 row 27 are generated with session key Kd encryption with the encryption that the step 907 at Figure 13 generates.And the input size of data is identical with the access data size of accessing zone appointed information 1702 appointments.

The following describes card describes the data storage processing in safeguard protection zone.

Secondly, the verification msg generation that the verification msg generating unit 1903 of parameter proof department 108 inside of card 100 uses checking to carry out shown in the 24th figure with session key Km and accessing zone appointed information 1702 is handled, and generates verification msg 1904.Yet it is identical that this verification msg generates the verification msg generation processing of handling and being carried out by terminal shown in the 23rd figure, omits its detailed description here.

Secondly; card 100 parameter proof department 108 relatively generates the verification msg 2101 of handling the verification msg 1904 that generates and obtaining from terminal 200 based on the independent variable of safeguard protection zone reading order in above-mentioned verification msg; if both are inconsistent, then be considered as mistake, do not carry out data read and handle.If both unanimities, then notification data control part 103 will advance to next data read processing.

Secondly, the information transmission/acceptance division 102 of card 100 receives from the data of terminal 200 inputs.

Secondly, the Data Control portion 103 of card 100 uses because of file FILE3 is present in the zone 71 that AP1 uses, thereby obtains the corresponding storage key K s_1 in the zone used with application AP1 71.

Secondly, the 103 request encrypting and decrypting portions 107 of Data Control portion of card 100 are decrypted the data that information transmission/acceptance division 102 receives to encrypt with session key Kd.

Secondly, the Data Control portion 103 of card 100 asks encrypting and decrypting portion 107 encrypting and decrypting portion 107 decrypted data to be encrypted with key K s_1 with storage.

Secondly, the Data Control portion 103 of card 100 obtains access start address 1802 and access data size 1803 from accessing zone appointed information 1702, for the zone that is taken as file FILE3 management, access start address 1802 is carried out data to memory access portion 104 and writes request as writing size as biasing, access data size 1803.

As mentioned above, with storage with key K s_1 to terminal 200 import encrypt with session key Kd ciphered data after store flash memory 105 into.

But, also can use different command to carry out though be in the present embodiment with engage in the dialogue simultaneously information shared of sharing of key and relevant accessing zone of an order.

More than; as described herein; in can receiving order of IC-card usefulness and the storage card of memory access with order; for only using the safeguard protection zone of carrying out access and the access that comes self terminal being provided with the card application use of restriction usually by card; authentication each other by card application and terminal; but set by card application carrying out access, thus, can use memory access to carry out access from terminal with order.

And, for the card that card is used can carry out access to set use and terminal between mutual authentication, can use the restricted memory access of IC-card order rather than purposes with order, can select mutual authentication mode flexibly according to the safe class of data thus.

In addition; even memory access is big slight as 32 the time with the independent variable of order being contained in; as described herein; the order of accessing zone specified command with safeguard protection zone access separated; be contained in verification msg by the order that safeguard protection zone access is used; card just can carry out following checking, that is to say, carries out the terminal applies of accessing zone appointment and distribution safeguard protection zone access with the terminal applies of ordering and hold and verify whether use the terminal applies of key identical.

In addition; by when carrying out the access of safeguard protection zone, carry out checking with and encrypt shared processing with session key; the verification msg that is contained in safeguard protection zone access can be set at suitable value, improve defense thus the attack that repeats improper access.

In addition, by knowing to cartoon that terminal is wanted the file of access and, notify to terminal by card again to its range of distribution number, but the accessible zone of setting terminal thus.And a plurality of files are carried out same processing just can become the state that can carry out access to a plurality of files simultaneously.

(embodiment 2)

Order when terminal identifies the area code of regional specified command appointment in advance will be described in the present embodiment.

At first use the structure of the 26th figure instruction card inner module.Yet the terminal structure of the card 500 of Figure 26 is identical with structure shown in Figure 4, omits its diagram and explanation at this.

Blocking 500 inner modules is made of following parts: processing command receiving-member 501, be connected with the CMD row, and be used for receiving order and send response; Storage area 506 is used to store data; Storage area access unit 505 carries out the access of storage area 506 is handled; Data unit 502 is connected with the DAT row, and the data that storage area access unit 505 is read send to external mechanical; Data Receiving parts 503 are connected with the DAT row equally, receive data from external mechanical; And appointed information verification component 504, the appointed information that processing command receiving-member 501 receives is verified.

Then, use the 27th figure that terminal 600 inner module structures are described.

Terminal 600 inner modules are made of following parts: processing command transmit block 604 is used for carrying out the reception that order sends and responds to blocking 500; Data unit 605 carries out the data transmission to blocking 500; Data Receiving parts 606 carry out the Data Receiving from card 500, appointed information decision parts 601, the zone of decision access; Authorization information generates parts 602, generates authorization information from appointed information; And data storage part 603, the storage send to card 500 data and from block 500 receptions data.

Then, use above-mentioned the 26th figure and Figure 27, the processing when flowchart text terminal 600 shown in Figure 28 is carried out access for the safeguard protection zone of card 500.

At first terminal 600 determines parts 601 to determine the zone (step S2601) of reading access or writing access in appointed information, generates accessing zone appointed information (step S2602).Secondly, this accessing zone appointed information is stored into data storage part 603 and regional specified command is sent to card 500 (step S603) from processing command transmit block 604.

Figure 29 expresses an example of regional specified command data portion.

The data that are input to DAT row 27 are to be unit with 512 bytes, and the data portion of regional specified command is appended filled section 2703 when long discontented 512 bytes of the total of the length field 2701 of accessing zone appointed information 2702 and accessing zone appointed information field 2702.In the present embodiment, length field 2701 is the length of 2 bytes, and accessing zone appointed information 2702 is shown in the 30th figure, is made of the access start address 2802 and the 3 byte access size of data 2803 of area code 2801,3 bytes of 1 byte.That is to say, add up to 9 bytes and discontented 512 bytes, the filled section 2703 of therefore additional 503 bytes.

Next get back to the 28th figure, card 500 is after processing command receiving-member 501 receives regional specified command (step S2604), confirm accessing zone appointed information 2702 in appointed information verification component 504, whether the zone of judging appointment according to the scope that whether exists zone corresponding with area code 2801 and access start address 2802 and access data size 2803 whether to be positioned at the represented zone of area code 2801 correct (step S2605).If appointment regional incorrect, appointed information verification component 504 with regional specified command as invalidation (step S2606).If the zone of appointment is correct, memory access zone appointed information 2702 then, cipher key shared generates comparison information (step S2607) between using accessing zone appointed information 2702 and terminal 600 and blocking 500.

Figure 31 expresses an example of comparison information generation method.

Verification msg generating unit 2902 is carried out the MAC (Message Authentication Code, Message Authentication Code) that is called as DES-MAC in the present embodiment and is generated processing for carrying out the module of password calculation.Input then is the checking shared between the data portion 2704 of regional specified command and the terminal 600 with key 2901.Though the output result of DES-MAC is 64, in the present embodiment, the authorization information that sends from terminal 600 of object is 32 as a comparison, so reduced 2903 of output, promptly only 32 of fronts is used as comparison information 2904.In addition, checking can be and the indivedual corresponding and fixing keys of area code with key 2901, also can a key only be arranged despite area code.

In addition; shown in figure 32, block 700 inside and have checking key shared components 701, in addition as shown in figure 33; terminal 800 inside have checking with key shared components 801, can change the checking key when access is carried out in the safeguard protection zone between card 700 and terminal 800 at every turn.Yet, in the 32nd, 33 figure, give identical label for the part identical with structure shown in the 26th, 27 figure.

Then, use above-mentioned Figure 32, Figure 33, precedence diagram shown in Figure 34 and checking shown in Figure 35 with the shared method of key generation method explanation checking with key.

In Figure 34, terminal 800 generates random number R a in checking with key shared components 801, and generating the session key sharing request order APDU comprise this random number R a, (step S3201) data unit 605 sent to card 700 (step S3202) with session key sharing request order APDU when processing command transmit block 604 sent APDU order and sends to card 700.

Secondly, card 700 comes the APDU of self terminal 800 to send order in 501 receptions of processing command receiving-member, will hand to checking key shared components 701 from the session key sharing request order APDU that terminal 800 receives at Data Receiving parts 503.

Checking generates random number R b with key shared components 801, shown in the 35th figure, for using the master key K that shares between prior and the terminal 800 to carry out encryption (DES-MAC processing) and generate session key R from the random number R a of terminal 800 receptions and the result of random number R b combination.Then, card 700 generates the response APDU that comprises random number R b.

Secondly, terminal 800 sends APDU from processing command transmit block 604 to card 700 and receives order (step S3203).

Secondly, card 700 receives the APDU of self terminal 800 to receive order at processing command receiving-member 501, and the response APDU that will comprise the random number R b of previous generation sends to terminal 800 (step S3204) from data unit 502.

Secondly, terminal 800 receives response APDU and gives checking key shared components 801 from blocking 700 by Data Receiving parts 606.Shown in the 35th figure, checking is carried out encryption (DES-MAC processing) and is generated session key R for the master key K that the result uses in advance and card 700 is shared that the previous random number R a that oneself generates combines with the random number R b that is contained in response APDU with key shared components 801.

More than be under the situation of change of carrying out access to the safeguard protection zone and just have session key, terminal 800 and the checking that blocks between 700 are shared order with key.

Yet,, also can use other cryptographic algorithm though used DES-MAC at present embodiment.In addition, if need not to terminal 800 whether just when, when that is to say whether terminal 800 is held same key one thing and verified, whether the accessing zone appointed information 2702 that for example only needs the validation region specified command during by being asked of terminal, can not use encryption and the result that will use the hash calculation of SHA-1 calculation, MD5 algorithm and verification and calculation in the verification msg generating unit 3401 shown in the 36th figure as comparison information.When using these algorithms, if comparison other be 32 long then reduce this output results 3402, only use wherein a part promptly 32 be used as comparison information 3403.

Turn back to the 28th figure, terminal 800 in the verification msg generating unit based on accessing zone appointed information 2702 and terminal 800 with block between 700 the checking of sharing and generate authorization informations (step S2608) with key 2901.

Mark the generation method of relevant this authorization information at Figure 37.Use checking to carry out encryption and generate authorization information 3504 in authorization information generating unit 3502 with the data portion 2704 of key 3501 and regional specified command.The generation method of the comparison information 2904 of its generation method and the card 700 shown in the 31st figure is identical.

Then, turn back to Figure 28, terminal 800 appends to the independent variable of access command (reading) with the authorization information 3504 that generates, and access command is sent (step S609) from processing command transmit block 604.

Access command is the form shown in the 38th figure, and the length of command code 3601 and order independent variable 3602 is respectively 6 and 32.In access command, authorization information 3504 is stored in the order independent variable 3602.

Then, turn back to Figure 28, card 700 receives access commands (reading) (step S2610) at processing command receiving-member 501, confirms the whether normal termination in advance (step S2611) of regional specified command in appointed information verification component 504.If because of not receiving regional specified command or specified factor such as regional incorrect when not having normal termination, with access command as mistake and notify terminal 800 (step S2612).At this moment, terminal 800 receives wrong (step S2612A) from blocking 700.

If the normal termination in advance of regional specified command, appointed information verification component 504 had more before blocked 700 comparison information that generate 2904 and be stored in the authorization information 3504 (step S2613) of the order independent variable of access command.Under result relatively, if authorization information 3504 is improper, then with access command as mistake and notify terminal 800 (step S2614).At this moment, terminal 800 receives wrong (step S2614A) from blocking 700.If authorization information is normal, then appointed information verification component 504 is notified storage area access unit 505 with accessing zone appointed information 2702, the regional reading of data of storage area access unit 505 accessing zone appointed information 2702 appointments in the storage area 506, and data are sent to terminal 800 (step S2615) from data unit 502.

Then, terminal 800 receives from blocking 700 reading of data (step S2616) that send and being stored in data storage part 603 at Data Receiving parts 606.

As mentioned above; even it is big slight as 32 the time with the independent variable of order to be contained in memory access; as described herein; by the accessing zone specified command is separated with safeguard protection zone access command; the order that safeguard protection zone access is used is contained in verification msg; card just can carry out following checking, that is to say, carries out the terminal applies of accessing zone appointment and distribution safeguard protection zone access with the terminal applies of ordering and hold and verify whether use the terminal applies of key identical.

In addition, will use the precedence diagram explanation shown in the 39th figure to use key below, also use the method that generates verification msg from the random number information of card output except regional appointed information and checking.Yet, in each step shown in the 39th figure, for giving identical label and omit its explanation with the identical part of step of precedence diagram shown in the 28th figure.

As shown in figure 39, send random number from terminal 800 to card 700 and obtain order (step S3701), generate random number T by card 700, and when making this random number T remain on the appointed information verification component 504 of card 700 inside, send to terminal 800 (step S3702) from data unit 502.The random number T (step S3703) that terminal 800 receives from card 700 at Data Receiving parts 606.

The comparison information of the card 700 when random number T is used for authorization information generation processing generates the authorization information of handling (step S2607) and terminal 800 and generates processing (step S2608) respectively as Figure 40 and shown in Figure 41, result to the combination of the data portion 2704 of random number T and regional specified command carries out encryption, output comparison information 3804 and authorization information 3904.

As mentioned above, use random number information by generation in authorization information, even use identical regional appointed information and checking to generate authorization information,, thereby can improve security more because of the authorization information of output changes along with the change of random number information with key.

(embodiment 3)

The example of precedence diagram that explanation is comprised the shared processing of key at present embodiment.

At first use the structure of Figure 42 instruction card inner module.Yet the terminal structure of card is identical with the structure shown in the 4th figure, omits its diagram and explanation at this.

The card inner module is made of following parts: processing command receiving-member 901, be connected with the CMD row, and be used for receiving order and send response; Storage area 906 is used to store data; Storage area access unit 905 carries out the access of storage area 906 is handled; Data unit 902 is connected with the DAT row, and the data that storage area access unit 905 is read send to external mechanical; Data Receiving parts 903 are connected with the DAT row equally, receive data from external mechanical; But area information is shared portion 907, shares the relevant information that can carry out the zone of access by safeguard protection zone access command with terminal 1000; And appointed information verification component 904, use checking the appointed information that receives by Data Receiving parts 903 to be verified with key.

Then, use Figure 43 that terminal inner module structure is described.

The terminal inner module is made of following parts: processing command transmit block 1004 is used for carrying out order transmission and response reception to blocking 900; Data unit 1005 carries out the data transmission to blocking 900; Data Receiving parts 1006 receive the data from card 900, appointed information decision parts 1001, the zone of decision access; But area information is shared portion 1007, shares the relevant information that can carry out the zone of access by safeguard protection zone access command; Authorization information generates parts 1002, generates authorization information from appointed information; And data storage part 1003, the storage send to card 900 data and from block 900 receptions data.

Then, use above-mentioned Figure 42 and Figure 43, Figure 44, the processing when access is carried out in the safeguard protection zone of precedence diagram explanation terminal 1000 in card 900 shown in Figure 45.

At first terminal 1000 determines parts 1001 to determine the regional A (step S4201) that reads access or write access in appointed information; to send to card 900 (step S4202) from processing command transmit block 1004 for the regional opening request command of order APDU but share portion 1007 at area information, this regional opening request command is to be used to ask described regional A is carried out permission based on the access of the regional access command of safeguard protection.The regional opening request command comprises the identifier Info_PubH of the open key of representing terminal 1000, and to block 900 open key PubS the identifier a that represents regional A has been carried out ciphered data.Yet the sending method of order APDU is with identical in the method for embodiment 1 explanation, so omit its detailed description.

Secondly, but the card 900 that receives the regional opening request command uses the key PriS of card 900 itself that the enciphered data that is contained in order is decrypted (step S4203) in area information shared components 907.Identify the terminal 1000 that sends order from the open key identifier Info_PubH of terminal 1000, and confirm by the access right of the represented regional A of reference identification symbol a that this terminal 1000 is whether licensed regional A is carried out access (step S4205).

Licensed as if not having, will represent that the data of regional opening failure send to terminal 1000 (step S4206) as response APDU from data unit 902.If have licensed; the identifier a of regional A is registered in the effective table 4400 of the access of holding in the appointed information verification component 904 (with reference to Figure 46) (step S4207) with the area code X that distributes to regional A, and the effective table 4400 of this access is that the access that is used to set based on safeguard protection zone access command could.Checking that will be corresponding with regional A is registered in the effective table 4400 of access (step S4208) with key R.

Then, with the open key PubH of terminal 1000 size of area code X, regional A is encrypted and send to terminal 1000 (step S4209) from data unit 902 as response APDU.

Then, terminal 1000 receives order from processing command transmit block 1004 with APDU and sends to card 900, and uses Data Receiving parts 1006 to obtain response APDU (step S4210) from blocking 900.Yet the preparation method of response APDU omits its detailed description with identical in the method for embodiment 1 explanation at this.

Secondly, but the area information shared components 1007 of terminal 1000 is decrypted (step S4211) with the key PriH of terminal 1000 itself to the enciphered data that is contained in response APDU, obtains area code X and the size of the regional A that represents with area code X.Terminal 1000 is registered in authorization information generation parts 1002 with the session key corresponding with regional A.Area code X is registered in appointed information decision parts 1001 (step S4212) in order to generate the accessing zone appointed information.Then, proceed to the process flow diagram of Figure 45.

Then, but terminal 1000 uses the area code X by 1007 registrations of area information shared components to generate accessing zone appointed information (step S4213) at appointed information decision parts 1001.Secondly, this accessing zone appointed information is stored in data portion 2704 (with reference to Figure 29), regional specified command is sent to card 900 (step S4214) from processing command transmit block 1004.Yet the accessing zone appointed information of regional specified command is identical with embodiment 2, so omit its detailed description.

Secondly, block 900 after processing command receiving-member 901 receives the regional specified command of self terminal 1000 (step S4215), confirm the accessing zone appointed information in appointed information verification component 904, judge whether area code X is registered in the effective table 4400 of access, and judge whether to be positioned at the scope (step S4216) of regional A based on the access start address 2802 shown in the 30th figure and access data size 2803.If specified regional incorrect, appointed information verification component 904 with regional specified command as invalidation (step S4217).If specified zone is correct, then memory access zone appointed information is used accessing zone specified command information and is registered in checking in the effective table 4400 of access, corresponding with regional A to generate comparison information (step S4218) with key R.Yet the generation method of comparison information is identical with embodiment 2, so omit its detailed description.

Then, but terminal 1000 generates the session key R generation authorization information (step S4219) that parts 1002 use the accessing zone appointed information and shared portion's 1007 registrations by area information in authorization information, and it is attached to the independent variable of access command (reading), from processing command transmit block 1001 access command is sent to card 900 (step S4220).Yet authorization information generation method is identical with embodiment 2 with the access command sending method, so omit its detailed description.

Then, card 900 receives access commands (reading) (step S4221) at processing command receiving-member 901, confirms the whether normal termination in advance (step S4222) of regional specified command in appointed information verification component 904.If because of not receiving regional specified command or specified factor such as regional incorrect when not having normal termination, with access command as mistake and notify terminal 1000 (step S4223).At this moment, terminal 1000 receives wrong (step S4223A) from blocking 900.

If the normal termination in advance of regional specified command, appointed information verification component 904 had more before blocked 900 comparison information that generate and be stored in the authorization information (step S4224) of the independent variable of access command.Under result relatively, if authorization information is improper, then with access command as mistake and notify terminal 1000 (step S4225).At this moment, terminal 1000 receives wrong (step S4225A) from blocking 900.

If authorization information is normal, then appointed information verification component 904 is notified storage area access unit 905 with appointed information, the regional specified command specified regional reading of data of storage area access unit 905 in the storage area 906 sends to terminal 1000 (step S4226) from data unit 902 with data.

Then, terminal 1000 receives from blocking 900 reading of data that send and storing data storage part 1003 (step S4227) at Data Receiving parts 1006.

Secondly; when terminal 1000 does not need that regional A carried out access based on safeguard protection zone access command; the area code X corresponding with regional A is invalid to make regional invalid command APDU in order to make, and sends to card 900 (step S4228) from data unit 1005.

Secondly; the card 900 that receives regional invalid command APDU is retrieved at the effective table 4400 of access; if find area code X; the area identification symbol a and the session key R that then will be assigned to the area code X in the table delete together with area code R, make the access invalid (step S4229) based on safeguard protection zone access command to the regional A of appointed area number X.

As mentioned above; for certain zone in the safeguard protection zone; have only where necessary by the regional opening request to make this zone become the state that can carry out access based on safeguard protection zone access command, then make when not required and can't carry out access to this zone and improve security by regional invalidation request.

This instructions is that the Jap.P. No.2004-197453 according to the Jap.P. No.2003-275672 of on July 16th, 2003 application and application on July 2nd, 2004 comes.This content bag all is contained in this.

Industrial applicibility of the present invention is, the present invention and with internal memory order and IC-card order deposits at internal memory By using the internal memory order can avoid complicated process, can pacify with less order independent variable simultaneously when getting Entirely terminal is authenticated.

Claims

1. a machine comprises the following steps: the access method that memory storage carries out

Described machine

The step of the appointed information of accessing zone is specified in transmission to described memory storage; And

Will be sent to the step that the authorization information of the processing command of described accessing zone and relevant described appointed information sends together;

Described memory storage

Receive the step of described appointed information;

Receive described processing command and described authorization information, and the step of described appointed information being verified with described authorization information; And

When described being proved to be successful, carry out the step of described processing command.

2. a machine comprises the following steps: the access method that memory storage carries out

Described machine

But but with the step of described memory storage with sharedization of area information of relevant accessing zone to this memory storage;

But, send the step of described memory storage being specified the appointed information of accessing zone with reference to described area information; And

Described memory storage

Receive the step of described appointed information;

3. a machine comprises the following steps: the access method that memory storage carries out

Described machine

To verify step with described memory storage with sharedization of key;

The step that verification msg after will being sent to the processing command of described accessing zone and the authorization information of relevant described appointed information being encrypted with key with described checking sends together;

Described memory storage

Receive the step of described appointed information;

Receive described processing command and described verification msg, the step of using described verification msg and described checking described appointed information to be verified with key; And

4. a machine comprises the following steps: the access method that memory storage carries out

Described machine

But with described memory storage will with the step of the corresponding checking of described accessing zone with sharedization of key;

Described memory storage

Receive the step of described appointed information;

5. a machine comprises the following steps: the access method that memory storage carries out

Described machine

But but use the step of the first disposal system order with sharedization of area information of relevant accessing zone to this memory storage with described memory storage;

But, use the second disposal system order to send the step of described memory storage being specified the appointed information of accessing zone with reference to described area information; And

The step that the authorization information of using the described second disposal system order will be sent to the processing command of described accessing zone and relevant described appointed information sends together;

Described memory storage

Receive the step of described appointed information;

Receive described processing command and described authorization information, the step of using described authorization information that described appointed information is verified; And

6. a machine comprises the following steps: the access method that memory storage carries out

Described machine

Use the first disposal system order will verify step with described memory storage with sharedization of key;

Use the second disposal system order to send the step of described memory storage being specified the appointed information of accessing zone; And

The step that verification msg after using the described second disposal system order will be sent to the processing command of described accessing zone and the authorization information of relevant described appointed information be encrypted with key with described checking sends together;

Described memory storage

Receive the step of described appointed information;

7. access method that machine carries out memory storage,

Described memory storage comprises:

Access from described machine is provided with the first area of the anti-channeling modification of restriction;

Access from described machine is provided with the second area of the non-anti-channeling modification of restriction;

Described machine can access the 3rd zone; And

Described memory storage possesses the function that can differentiate the first disposal system order and the second disposal system order, the described first disposal system order is the processing command to described first area at least, and the described second disposal system order is the processing command to described the 3rd zone at least;

Described access method comprises the following steps:

Described machine

But, use the second disposal system order to send the step of described second area being specified the appointed information of accessing zone with reference to described area information; And

Described memory storage

Receive the step of described appointed information;

8. access method that machine carries out memory storage,

Described memory storage comprises:

Described machine can access the 3rd zone; And

Described access method comprises the following steps:

Described machine

Use the second disposal system order to send the step of described second area being specified the appointed information of accessing zone; And

Described memory storage

Receive the step of described appointed information;

9. the memory storage that can be read and write by machine comprises:

The processing command receiving-member when receiving the appointed information of specifying accessing zone, receives authorization information and read or write command based on described appointed information together;

The appointed information verification component uses described authorization information that described appointed information is verified processing;

Storage area, the storage data;

The storage area access unit when described checking is handled successfully, reads or writes the described appointed area of described storage area according to described processing command;

Data unit, the data that described storage area access unit is read send to described machine; And

The Data Receiving parts write data from described machine reception.

10. memory storage as claimed in claim 9 is characterized in that:

Described appointed information verification component uses checking to verify processing with key and described authorization information.

11. memory storage as claimed in claim 10 is characterized in that also comprising:

Checking uses key shared components and described machine to share described checking key.

12. memory storage as claimed in claim 9 is characterized in that, also comprises:

But but but area information shared components and described machine are shared the area information of expression to the accessing zone of memory storage.

13. the information machine that can read and write memory storage is characterized in that comprising:

Appointed information decision parts, the zone that decision is read or write, and the appointed information in described zone is specified in decision;

Authorization information generates parts, and the generation of using described appointed information to carry out described authorization information is handled;

The processing command transmit block sends described appointed information, and the processing command that sends described authorization information and read or write;

Data unit, fashionable when described processing command for writing, send data to described memory storage;

The Data Receiving parts, when described processing command when reading, receive data from described memory storage; And

Data storage part, storage send to the data of described memory storage or store the data that described memory storage receives.

14. information machine as claimed in claim 13 is characterized in that:

The generation processing that described authorization information generates the described authorization information of parts is to use checking to carry out with key and described appointed information.

15. information machine as claimed in claim 14 is characterized in that, also comprises:

Checking uses key shared components and described memory storage to share described checking key.

16. information machine as claimed in claim 13 is characterized in that, also comprises:

But but but area information shared components and described memory storage are shared the area information of expression to the accessing zone of this memory storage.

17. a machine comprises the following steps: the access method that memory storage carries out

Described machine

The step that verification msg after will being sent to the processing command of described accessing zone and the authorization information of relevant described appointed information being encrypted with key with checking sends together;

Described memory storage

Receive the step of described appointed information;

Receive described processing command and described verification msg, the step of using described verification msg and checking described appointed information to be verified with key; And

18. a machine comprises the following steps: the access method that memory storage carries out

Described machine

But but use the step of the first disposal system order with sharedization of area information of relevant accessing zone to described memory storage;

But use checking that the first disposal system order will be corresponding with described accessing zone step with sharedization of key;

The step that verification msg after using the second disposal system order will be sent to the processing command of described accessing zone and the authorization information of relevant described appointed information be encrypted with key with described checking sends together;

Described memory storage

Receive the step of described appointed information;

19. the access method that machine carries out memory storage,

Described memory storage comprises:

Access from described machine is provided with the second area of the jumbo non-anti-channeling modification of restriction;

Described machine can access jumbo the 3rd zone; And

Described memory storage possesses the function that can differentiate the first disposal system order and the second disposal system order, this first disposal system order is the processing command to described first area at least, and this second disposal system order is the processing command to described the 3rd zone at least;

Described access method comprises the following steps:

Described machine

Described memory storage

Receive the step of described appointed information;