JP2000076063A - System and device for certification and recording medium - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a certification system or the like with which the supply of a game machine and cartridge due to a regular supplier is secured and the read of data or copy of cartridge is blocked. SOLUTION: A game machine 1 reads the data of a cassette 2 and signature data, for which the digest of these data is enciphered, compares the digest of read data with deciphered signature data and certifies the cassette 2. Next, the cassette 2 returns three digests of challenge data supplied by the game machine 1, digest stored in the cassette itself and common secret data as response data to the game machine 1. The game machine 1 discriminates whether these response data are coincident with three digests of challenge data, deciphered signature data and common secret data stored in the game machine itself or not and certifies the cassette 2. Similarly, the cassette 2 certifies the game machine 1 as well and afterwards, the game machine 1 executes a program stored in the cassette 2.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

The present invention relates to an authentication system and an authentication device, and more particularly to an authentication system and an authentication device for restricting data users and suppliers.

[0002]

2. Description of the Related Art When a game machine provides a user with a game, a ROM (Read Only) storing a game program is usually used.
A cartridge including a storage device such as Only Memory) is mounted on the game machine, and the game machine reads out the program data of the game program from the storage device of the cartridge and executes the game program.

[0003]

However, in order to maintain the quality of games supplied to the market for consumer protection and to limit the number of game suppliers to a certain range, the game supply It is necessary to prevent the game from being supplied by a person who has not obtained the permission of the game. However, with the above-described method, it is not possible to prevent unauthorized game supply.

The above situation is the same for the game machine main body. In other words, even if it is necessary to prevent unauthorized supply of game machines to protect consumers by maintaining the quality of the game machines, the above-described method prevents unauthorized supply of game machines. Can not.

[0005] In addition, even if a cartridge is supplied by a legitimate game supplier, the cartridge is illegally copied, and there is a danger that a cartridge that is not legally purchased may be distributed. However, unauthorized copying of the cartridge cannot be prevented.

[0006] Even if the entire cartridge is not duplicated, there is a risk that data stored in the storage device of the cartridge is illegally read and analyzed. Then, after the illegally read data is stored in the storage device and the storage device is incorporated in the cartridge,
As a result, a plurality of games are illegally played using a common cartridge.

Further, when the read data alone has a commercial value (for example, when the data is image data), even if the game cannot be reproduced from the data, the data may not be reproduced. There is a great risk that data will be distributed independently.

The present invention has been made in view of the above circumstances, and provides an authentication system and an authentication device in which the supply of a game machine and a cartridge by an authorized supplier is ensured, and reading of data and duplication of a cartridge are prevented. The purpose is to:

[0009]

To achieve the above object, an authentication system according to a first aspect of the present invention includes a main body-side authentication section and a cartridge-side authentication section, and the main body-side authentication section includes: The main body side storage means for storing the main body side signature data unique to itself, and the cartridge side signature data obtained from the cartridge side authentication section, and the cartridge side signature data is unique to the cartridge side authentication section. Discriminating whether it is unique or not, and when judging that the data is unique, a main body-side discriminating means for acquiring transfer target data from the cartridge-side authentication unit. Storage means for storing, cartridge-side storage means for storing the cartridge-side signature data, and obtaining the body-side signature data from the body-side authentication unit, It is determined whether or not the main body side signature data is unique to the main body side authentication unit, and when it is determined to be unique, the transfer target data stored in the storage means is stored in the main body side authentication data. And a cartridge-side discriminating means for supplying to the authentication unit.

According to such an authentication system, the main unit-side authentication unit and the cartridge-side authentication unit transmit and receive the transfer target data after authenticating each other that they are properly manufactured. Therefore, the transfer target data is prevented from being supplied from a person who is not permitted to create the cartridge side signature data or obtain the secret key.

The cartridge-side signature data represents, for example, a digest representing a value obtained by assigning specific data to a predetermined one-way function, which is encrypted by using a secret key. The storage means is
Means for storing the specific data, the main body-side authentication unit obtains the specific data from the cartridge-side authentication unit, decrypts the cartridge-side signature data using a public key, and It is determined whether or not the cartridge-side signature data is substantially the same as the digest, and when it is determined that the cartridge-side signature data is substantially the same, the cartridge-side signature data is transmitted to the cartridge-side authentication unit. It may be one that determines whether or not it is unique. As a result, the main unit-side authentication unit first verifies the validity of the cartridge-side signature data, so that the risk of improper supply of transfer target data is further reduced.

[0012] The specific data comprises a part specified in advance of the data to be transferred, and the cartridge side storage means includes means for storing signature target identification data for specifying the part, Means for acquiring the signature target identification data from the cartridge-side storage means, and for acquiring, as the specific data, the part specified by the acquired signature target identification data in the transfer target data. It may be provided. And, for example, in the part specified by the signature target identification data, the cartridge-side signature data decrypted after the main body-side authentication unit acquires the specific data is substantially the same as the digest. It may be so selected that the time required to determine whether or not it is within a certain time is within a certain time. This allows
The time required for the main body-side authentication unit to confirm the identity between the cartridge-side signature data and the digest is kept short, and the transfer of the transfer target data is performed smoothly.

The main unit-side authentication unit includes key storage means for rewritably storing the public key supplied from the outside, and stores the cartridge-side signature data using the public key stored in the key storage means. If it is to be decrypted, the main unit-side authentication unit does not need to be manufactured separately to authenticate each cartridge-side authentication unit.For example, the storage contents of the key storage unit are initialized. In this state, the main body-side authentication unit is mass-produced, and the public key may be written into the key storage unit later.

The main body side storage means and the cartridge side storage means each include, for example, means for storing substantially the same common secret data, and in this case, the main body side discriminating means includes, for example, Means for creating challenge data and supplying it to the cartridge-side discriminating means; acquiring cartridge-side challenge data from the cartridge-side discriminating means; acquiring the acquired cartridge-side challenge data; decrypting the cartridge-side signature data; and the main body Means for generating body-side response data representing a value obtained by substituting data representing the three of the common secret data stored in the side storage means into the one-way function, and supplying the response data to the cartridge-side determination means; The response data on the cartridge side is obtained from the determination means, Whether the value obtained by substituting the data representing the three of the range data, the decrypted cartridge-side signature data and the common secret data stored in the main body-side storage means into the one-way function represents the cartridge-side response data. When it is determined whether or not to represent,
By providing a unit for determining that the cartridge-side signature data is unique to the cartridge-side authentication unit, it is authenticated that the cartridge-side authentication unit has been properly manufactured. The cartridge-side storage unit includes a digest storage unit that stores the digest, and the cartridge-side determination unit includes, for example,
Means for creating the cartridge-side challenge data and supplying it to the body-side determination means; acquiring the body-side challenge data from the body-side determination means; storing the acquired body-side challenge data and the cartridge-side storage means The cartridge-side response data representing a value obtained by substituting data representing the three of the digest and the common secret data stored in the cartridge-side storage means into the one-way function is created and supplied to the main body-side determination means. And the main body side response data from the main body side discriminating means, and the cartridge side challenge data, the digest stored in the cartridge side storage means, and the common secret data stored in the cartridge side storage means. Data into the one-way function Determining whether or not the value represents the response data on the main unit; and, if determined to represent the value, providing means for determining that the signature data on the main unit is unique to the authentication unit on the main unit. Authenticates that the side authentication unit is manufactured properly.

If the digest storage means includes means for storing the digest supplied from the outside substantially in a non-volatile manner, the cartridge-side authentication unit may store the digest data for each of different data to be transferred. It is not necessary to manufacture the cartridge-side authentication section in a state where the storage contents of the means for storing the digest in a non-volatile manner are initialized, and later, the digest is written in the cartridge-side authentication section. It will be good.

The storage means includes means for storing the data to be transferred which has been encrypted, and the main body-side authentication unit comprises:
When the cartridge-side signature data obtained from the cartridge-side authentication unit is determined to be unique to the cartridge-side authentication unit, the encrypted transfer target data is obtained from the cartridge-side authentication unit and decrypted. Means may be provided.

[0017] Thus, the confidentiality of the encrypted transfer target data is further improved. In addition, if the portion of the transfer target data that affects the utility value of the data is encrypted in a worm-like manner, the data transfer efficiency can be kept high.

The storage means comprises means for storing the encrypted data to be transferred in association with the encrypted signature data for encrypted data which is unique to the data to be transferred. When it is determined that the cartridge-side signature data obtained from the cartridge-side authentication unit is unique to the cartridge-side authentication unit, the encrypted data signature data is obtained from the cartridge-side authentication unit and obtained. It is determined whether or not the encrypted data signature data is unique to the encrypted transfer target data associated with the encrypted data signature data, and is determined to be unique. Then, it may be provided with means for acquiring and decrypting the encrypted transfer target data associated with the encrypted data signature data. .

Thus, each data to be transferred is individually subjected to the authentication by the signature, and accordingly, whether or not the data can be transferred is individually determined. For this reason, the confidentiality of the data is further improved, and different levels of confidentiality are provided according to the difference in the importance of the individual data to be transferred.

The storage means includes means for storing position data for identifying a logical position of a portion for storing the encrypted transfer target data in a storage area of the storage device, and the specific data is stored in the storage area. Contains data,
The main body-side authentication unit may include a unit that acquires the encrypted transfer target data from a logical position identified by the position data in the storage area of the storage unit and decrypts the data. Good.

As a result, unauthorized rewriting of the position data becomes substantially impossible. As a result, it becomes virtually impossible to improperly write the encrypted transfer target data in the cartridge-side authentication unit. The danger that the target data is illegally rewritten is avoided. It is to be noted that the size of the position data itself is usually small enough to be negligible compared to the data to be transferred, so that the efficiency of data transfer is not impaired.

The storage means is means for storing position data for identifying a logical position of a portion for storing the encrypted transfer target data in the storage area of the storage means, and position data unique to the position data. Means for storing the signature data for the position data, wherein the body-side authentication unit acquires the position data signature data from the cartridge-side authentication unit, and the acquired position data signature data is unique to the position data. It is determined whether or not the transfer target data is encrypted from the logical position identified by the position data in the storage area of the storage means when it is determined whether the transfer target data is unique. A means for acquiring and decoding may be provided. As a result, the illegal rewriting of the position data is substantially impossible, so that the danger of the transfer target data being illegally rewritten is avoided.

An authentication device according to a second aspect of the present invention represents storage means for storing transfer target data, specific data, and a value obtained by substituting the specific data into a predetermined one-way function. A cartridge-side storage unit for storing cartridge-side signature data representing an encrypted version of the digest using a secret key; and obtaining the main-body-side signature data from a device connected to the cartridge. Discriminating whether or not the transfer target data is stored in the storage means to the apparatus. An authentication device detachably connected to the side authentication device, wherein the main body storage means for storing the main body side signature data unique to itself, and the cartridge side authentication device. From the specific data, decrypts the cartridge-side signature data using a public key, and determines whether the decrypted cartridge-side signature data is substantially the same as the digest. And a main body-side determination unit that acquires the transfer target data from the cartridge-side authentication device when it is determined that they are substantially the same.

Such an authentication device transmits and receives data to be transferred after authenticating each other between the authentication device and the cartridge-side authentication device that they are properly manufactured. Also, the validity of the cartridge-side signature data is verified.
Therefore, the transfer target data is prevented from being supplied from a person who is not permitted to create the cartridge side signature data or obtain the secret key.

Further, the authentication device according to the third aspect of the present invention comprises: a main body side storage means for storing main body side signature data unique to itself; specific data; The cartridge-side signature data and the specific data are obtained from a device that stores the cartridge-side signature data that represents the result of encrypting the digest representing the value assigned to the function using a secret key, and the obtained cartridge-side signature is obtained. Data is decrypted using a public key, and it is determined whether or not the decrypted cartridge-side signature data is substantially the same as the digest,
And a main body-side determining means for obtaining data to be transferred from the device when it is determined that the transfer target is substantially the same. A storage unit for storing data; a cartridge-side storage unit for storing the cartridge-side signature data and the specific data; and obtaining the main-body-side signature data from the main-body-side authentication device. It is determined whether or not the data is unique to the body-side authentication device, and when it is determined that the data is unique, the cartridge which supplies the transfer target data stored in the storage means to the body-side authentication device is determined. Determining means,
It is characterized by the following.

Such an authentication device transmits and receives data to be transferred after authenticating each other between the authentication device and the main body-side authentication device as being properly manufactured. Also, the validity of the cartridge-side signature data is verified. Therefore, the transfer target data is prevented from being supplied from a person who is not permitted to create the cartridge side signature data or obtain the secret key.

Further, an authentication system according to a fourth aspect of the present invention includes first and second authentication units, wherein the first authentication unit stores first signature data unique to itself. 1 storage means and specific data from the second authentication unit, and decrypts the second signature data using a public key.
It is determined whether or not the decrypted second signature data is substantially the same as a digest representing a value obtained by substituting specific data into a predetermined one-way function. When the second signature data is determined to be unique, it is determined whether or not the second signature data is unique to the second authentication unit. When it is determined that the second signature data is unique, the second authentication data is determined. A first determination unit that obtains transfer target data from a unit, wherein the second authentication unit stores a second storage unit that stores the transfer target data and the second signature data; Obtaining the first signature data from the authentication unit of (1), determining whether the first signature data is unique to the first authentication unit, and determining that the first signature data is unique. , The transfer target data stored in the second storage means is recognized by the first storage means. A second discriminating means for supplying the parts,
Wherein the second signature data is obtained by encrypting, using a secret key, a value obtained by substituting the specific data representing a predetermined portion of the transfer target data into a predetermined one-way function. Which is characterized by

According to such an authentication system, the first and second authentication units transmit and receive the transfer target data after authenticating each other that they are properly manufactured. Therefore, the transfer target data is prevented from being supplied from a person who is not allowed to create the second signature data or obtain the secret key.

[0029] The second storage means includes means for storing the data to be transferred which has been encrypted, and the first authentication unit stores the second signature data acquired from the second authentication unit. If it is determined that the transfer target data is unique to the second authentication unit, the transfer unit may include a unit that acquires the encrypted transfer target data from the second authentication unit and decrypts the data. Thereby, the confidentiality of the encrypted transfer target data is further improved. In addition, if the portion of the transfer target data that affects the utility value of the data is encrypted in a worm-like manner, the data transfer efficiency can be kept high.

The second storage means includes means for storing the encrypted data to be transferred in association with the encrypted signature data for encrypted data unique to the data to be transferred. When the second authentication unit determines that the second signature data acquired from the second authentication unit is unique to the second authentication unit, the first authentication unit transmits the encrypted data for the encrypted data from the second authentication unit. Acquires signature data, and determines whether or not the acquired encrypted data signature data is unique to the encrypted transfer target data associated with the encrypted data signature data. When it is determined that the data to be transmitted is unique, there may be provided means for acquiring and decrypting the encrypted transfer target data associated with the encrypted data signature data. As a result, each transfer target data is individually subjected to the authentication by the signature, and accordingly, whether or not the transfer is possible is individually determined. For this reason, the confidentiality of the data is further improved, and different levels of confidentiality are provided according to the difference in the importance of the individual data to be transferred.

According to a fifth aspect of the present invention, there is provided a computer-readable recording medium comprising: storage means for storing transfer target data; specific data; and substituting the specific data for a predetermined one-way function. Cartridge-side storage means for storing cartridge-side signature data representing a digest representing a value obtained by encrypting the digest using a secret key,
When the main body side signature data is obtained from the device connected to itself, it is determined whether or not the main body side signature data is unique to the device, and when it is determined to be unique,
A cartridge-side identification unit that supplies the transfer target data stored in the storage unit to the device, and a computer detachably connected to the cartridge-side authentication device. The specific data is obtained from the main body side storage means for storing, and the cartridge side authentication device, the cartridge side signature data is decrypted using a public key, and the decrypted cartridge side signature data is substantially the same as the digest. Functioning as a main body-side determination unit that obtains the transfer target data from the cartridge-side authentication device when determining whether the data is substantially the same and determining that the data is substantially the same; A program for causing the program to be recorded.

A computer that executes a program recorded on such a recording medium authenticates each other with a cartridge-side authentication device to confirm that they are properly manufactured, and then transmits and receives data to be transferred. I do. Also, the validity of the cartridge-side signature data is verified. Therefore,
The transfer target data is prevented from being supplied from a person who is not allowed to create the cartridge side signature data or obtain the secret key.

Further, a computer readable recording medium according to a sixth aspect of the present invention includes: a main body side storage means for storing main body side signature data unique to itself; specific data; The cartridge-side signature data and the specific data are obtained from a device that stores the cartridge-side signature data representing a digest representing a value assigned to the one-way function and encrypted using a secret key. The cartridge-side signature data is decrypted using a public key, and it is determined whether the decrypted cartridge-side signature data is substantially the same as the digest. When it is determined that there is a device, a main body-side determination device that obtains transfer target data from the device; Computer, storing means for storing the data to be transferred, cartridge-side storage means for storing the cartridge-side signature data and the specific data, and acquiring the main-body-side signature data from the main-body-side authentication device. It is determined whether or not the main body-side signature data is unique to the main body-side authentication device. When it is determined that the main body-side signature data is unique, the transfer target data stored in the storage means is stored in the main body-side authentication device. It is characterized in that a program for functioning as a cartridge-side determination means to be supplied to the apparatus is recorded.

The computer that executes the program recorded on such a recording medium authenticates each other with the main unit-side authentication device to confirm that they are properly manufactured, and transmits and receives the data to be transferred. I do. Also, the validity of the cartridge-side signature data is verified. Therefore, the transfer target data is prevented from being supplied from a person who is not permitted to create the cartridge side signature data or obtain the secret key.

[0035]

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS An authentication system and an authentication device according to an embodiment of the present invention will be described using a game system including a game machine and a cassette for storing game software to be executed by the game machine as an example. .

FIG. 1 is a diagram showing the configuration of this game system. As shown, the game system includes a game machine 1, a cassette 2, and an output device 3.

The game machine 1 includes a control unit 11 and a main storage unit 1
2, the external storage unit 13, the input unit 14, and the slot 15
, An interface 16 and an authentication LSI (Large Sc
aleIntegrated circuit) 17. Control unit 11
Are connected to the main storage unit 12 and the external storage unit 1 via the internal bus.
3. Input unit 14, interface 16, and LS for authentication
The interface 16 is connected to the slot 15. Further, the control unit 11 is connected to the output device 3.

The control unit 11 has a CPU (Central Process
ng Unit) and the like, and executes the game program represented by the program data supplied from the cassette 2 via the interface 16. Further, the control unit 11 reads out the program data stored in the external storage unit 13 and executes a process described below according to a program represented by the program data.

The main storage unit 12 has a RAM (Random Access
Memory), and is used as a work area of the control unit 11. The external storage unit 13 is a ROM (Read Only Memory)
And the like, and stores program data indicating processing to be executed by the control unit 11.

The input unit 14 includes a joystick or the like, and supplies a signal according to a user operation to the control unit 11. The slot 15 is provided for the interface 2 of the cassette 2.
By detachably mounting the interface 2, the interface 16 of the game machine 1 and the interface 2 of the cassette 2
And 2 are connected to each other.

The interface 16 converts serial data supplied from the interface 22 of the cassette 2 into parallel data and supplies the data to the control unit 11 and the authentication LSI 17. The interface 16
Converts the parallel format data supplied from the control unit 11 into serial format data, and
To supply.

The authentication LSI 17 is composed of an ASIC (Application Specific Integrated Circuit) or the like, calculates a digest to be described later and generates a random number in accordance with a process to be described later, and supplies the obtained digest and random number to the control unit 11. . Also,
The authentication LSI 17 stores in advance a secret key for key encryption, a public key for signature verification, and common secret data to be used for executing a process to be described later.

The cassette 2 comprises a ROM 21, an interface 22, and an authentication LSI 23. ROM2
1 and the authentication LSI 23 are connected to the interface 22 via an internal bus. And the ROM 21
Outputs data stored by itself according to an instruction from the control unit 11 of the game machine 1. The output data is supplied to the control unit 11 via the interface 22 of the cassette 2 and the interface 16 of the game machine 1.

As shown in FIG. 2, for example, the ROM 21 stores the following information (1) to (6). That is, in the storage area of the ROM 21, (1) a non-encryption module which is data representing a part of a game program to be executed by the game machine 1 and is not encrypted, and (2) An encryption module that represents data representing a part of the game program to be executed by the game machine 1 and is encrypted using a predetermined encryption key;
(3) Encryption module (that is, information of (2) above)
And (4) each encryption module in the storage area of the ROM 21. The encryption key represents a key obtained by encrypting the above-mentioned encryption key used to create the public key with a public key for predetermined key encryption. And (5) a storage area of the ROM 21 which is a target of a digital signature in the storage area of the ROM 21. The encrypted position list indicates information (for example, an address assigned to the storage area) for specifying the storage area in which is stored. A signature target list representing information to be specified (for example, an address assigned to the storage area), and (6) the entire data stored in the storage area represented by the signature target list (that is, the information in (5) above). Is assigned to a predetermined hash function by combining the values according to a predetermined rule (that is, a “digest”).
Is encrypted with a signature private key, and signature data representing the encrypted data is stored in advance by the supplier of the cassette 2 or the like.

The encryption key used to create the information of (2) may be any key, for example, DES (Data Encryption St
andard). Further, a secret key for key decryption, which is paired with a public key for key encryption used for encrypting the encryption key, is an LSI for authentication of the game machine 1.
17 is stored. Further, the above-mentioned digest used for creating the data in (6) may be created using an arbitrary function that can be treated substantially as a hash function. The function is, for example, SHA (Secure Hash Algorithm).
m).

The signature verification public key paired with the signature private key described above is stored in the authentication LSI 17 of the game machine 1.
Is stored in However, the secret key for signature is (3)
The public key for key encryption used to create this information is different from the private key for key decryption.

Data to be subjected to a digital signature for creating signature data (ie, data stored in the storage area indicated by the signature target list) is specified in advance by the supply source of the cassette 2 or the like. As a criterion for designating the data to be digitally signed, specifically, for example, the time required from when the authentication LSI 17 obtains the data to be digitally signed in accordance with the processing described later until the digest of the data is calculated The data may be specified so that is within a certain time.
As a result, the speed of the signature confirmation process described later is maintained at a certain speed or higher, and therefore, the smooth progress of the game by this game system is ensured.

However, the encryption position list (that is, the information of (4) above) is stored in the ROM 21 by the encryption module.
It is assumed that the digital signature is to be applied to the digital signature unless there is no one stored in the. Therefore, as long as the encrypted position list is stored in the ROM 21, the signature target list includes
It is assumed that information for specifying the storage area in which the encryption position list is stored is included.

As described above, by using the contents of the digital signature in the encrypted position list, the danger that the data stored in the ROM 21 is rewritten illegally can be avoided. That is, in order to verify the signature data, as described later, the entire data specified by the signature target list is used. For this reason, in order for the cassette 2 to be authenticated despite the unauthorized rewriting of the data stored in the ROM 21, it is necessary to leave the encrypted position list without rewriting. Therefore, a person who illegally rewrites data cannot write an encryption module in a storage area not indicated by the encryption position list left in the ROM 21. Therefore, it is extremely difficult to illegally write practically useful data into the ROM 21.

The interface 22 converts serial data supplied from the interface 16 of the game machine 1 into parallel data and converts the data into parallel LSI data.
To supply. Further, the interface 22 is provided with an authentication L
The parallel data supplied from the SI 23 is converted into serial data and supplied to the interface 16.

The authentication LSI 23 is composed of an ASIC or the like, calculates a digest and generates a random number in accordance with a process described later, and converts the obtained digest and random number into the game machine 1.
To supply. Further, the authentication LSI 23 stores in advance common secret data substantially the same as the one stored in the authentication LSI 17 of the game machine 1, and further stores the digest (that is, the digest used in creating the signature data) The above-described data (6), which is obtained by encrypting with a secret key for signature, is stored in advance. (Hereinafter, the above-described digest stored in the authentication LSI 23 in advance is referred to as a digest dA.)

The output device 3 is composed of a television receiver or the like, and displays an image according to an instruction from the control unit 11 of the game machine 1 and reproduces a sound according to the instruction from the control unit 11.

(Operation) Next, the operation of the game system will be described with reference to FIGS. FIG. 3 is a flowchart showing the digital signature confirmation process. FIG.
9 is a flowchart showing a mutual authentication process. FIG.
Is a flowchart showing the procedure for executing the game program.

(Confirmation of Digital Signature) The game machine 1 is started after the cassette 2 is mounted in the slot 15, and when the user instructs to start the game using the input unit 14,
In response to this instruction, the game machine 1 first executes a digital signature confirmation process shown in FIG.

When the digital signature confirmation process starts,
The control unit 11 of the game machine 1 accesses the ROM 21 of the cassette 2 via the interfaces 16 and 22.
Then, the signature target list stored in the ROM 21 (that is, the information of the above (5)) and the signature data associated with the signature target list are read and supplied to the authentication LSI 17 (FIG. 3, step). S101).

Upon receiving the signature target list and the signature data from the control unit 11, the authentication LSI 17 stores the data to be encrypted for creating the signature data in the ROM.
A value (hereinafter, this value is referred to as a digest dB) that is substituted into a hash function substantially the same as that used to create the signature data stored in 21 is calculated, and the digest dB is transmitted to the control unit 11. Supply (Step S10)
2).

The data to be encrypted for creating the signature data is, specifically, the entire data stored in the storage area represented by the signature target list, as described above. Then, in step S102, the authentication L
The SI 17 combines the data in the storage area represented by the signature target list with each other in accordance with a predetermined rule to create one piece of data, and calculates a digest dB for the created data.

Next, the authentication LSI 17 executes step S1.
01 is decrypted using the signature verification public key stored therein, and the data generated as a result of decryption (decrypted signature data) is stored in the main storage unit 12 (step S103).

The control unit 11 determines whether the digest dB supplied from the authentication LSI 17 in step S102 and the authentication LSI 17 has generated and stored in the main storage unit 12 in step S103.
Then, it is determined whether or not the decrypted signature data stored in. If it is determined that they do not match, the output device 3 is instructed to display an image indicating authentication failure, and the processing is terminated.
Displays an image indicating authentication failure in response to this instruction.

(Mutual Authentication Processing) On the other hand, step S10
In step 4, when it is determined that the digest dB substantially matches the decrypted signature data, the control unit 11 executes a mutual authentication process shown in FIG.

When the mutual authentication process starts, the control unit 11
Instructs the authentication LSI 17 to start authentication. The authentication LSI 17 generates a random number in response to the instruction, and supplies the generated random number as challenge data to the authentication LSI 23 of the cassette 2 via the interfaces 16 and 22 (FIG. 4, step S201).

Upon receiving the challenge data from the authentication LSI 17, the authentication LSI 23 receives the challenge data, the common secret data stored by itself, and the digest dA (encrypted with the signature secret key) stored by itself. (For example, a digest serving as signature data) are combined with each other by a predetermined method to create one piece of data (FIG. 4, step S301).

Then, a value (hereinafter, this value is referred to as digest dC) is calculated by substituting the created data into a predetermined hash function (for example, a hash function substantially the same as that used in step S102). (Step S3
02). When the digest dC is calculated in step S302, the authentication LSI 23 supplies the digest dC as response data to the authentication LSI 17 of the game machine 1 via the interfaces 22 and 16 (step S303).

Upon receiving the response data from the authentication LSI 23 of the cassette 2, the authentication LSI 17 receives the challenge data supplied by itself in step S201, the common secret data stored by itself, and the signature confirmation process in step S103. The three pieces of the decrypted signature data stored in the main storage unit 12 are combined with each other to create one piece of data (step S202).

Then, the authentication LSI 17 executes step S
A digest of the data created in 202 (hereinafter, referred to as digest dD) is calculated using substantially the same hash function as that used in step S302 (step S203). And the obtained digest dD
Is determined to be substantially the same as the response data (ie, digest dC) supplied to itself in step S303 (step S204).

If it is determined in step S204 that the digest dD and the response data are substantially the same, the authentication LSI 17 sends a success message in a predetermined format to the authentication LSI 23 of the cassette 2 (step S205). . Upon receiving the success message from the authentication LSI 17 of the game machine 1, the authentication LSI 23 generates a random number in response to the success message, and uses the generated random number as challenge data to set the authentication LSI 23 as challenge data.
It is supplied to the SI 17 (step S304).

On the other hand, if it is determined in step S 204 that they do not match, the authentication LSI 17 notifies the control unit 11 of the game machine 1 that the authentication has failed. The control unit 11
The output device 3 instructs the output device 3 to display an image indicating the authentication failure, and ends the process. The output device 3 displays an image indicating the authentication failure in response to the instruction.

Upon receiving the challenge data from the authentication LSI 23 in step S304, the authentication LSI 17 receives the challenge data, the common secret data stored by itself, and the decrypted data stored in the main storage unit 12 in step S103. The three signature data are combined with each other by a predetermined method to create one data (step S20).
6).

Then, the digest (digest dE) of the data created in step S206 is calculated using substantially the same hash function as that used in step S302, and the obtained digest dE is used as the cassette data as response data. 2 (step S207).

When the authentication LSI 23 is supplied with the response data from the game machine 1 in step S207, the authentication LSI 23 combines the challenge data, the common secret data supplied by itself and the digest stored in advance by itself in step S304. Then, one piece of data is created (step S305).

Then, the authentication LSI 23 executes step S
A digest (digest dF) of the data created in 305 is calculated using a hash function substantially the same as that used in step S302 (step S30).
6). Then, it is determined whether or not the obtained digest dF substantially matches the response data (that is, the digest dE) supplied to itself in step S207 (step S307).

If it is determined in step S307 that they do not match, the authentication LSI 17 notifies the control unit 11 of an authentication failure. The control unit 11 instructs the output device 3 to display an image indicating the authentication failure, and ends the process. The output device 3 displays an image indicating the authentication failure in response to the instruction.

On the other hand, if it is determined in step S307 that the digest dF substantially matches the response data, the authentication LSI 23 sends a success message in a predetermined format to the authentication LSI 17 of the game machine 1 (step S308). The mutual authentication processing ends. The authentication LSI 17 to which the success message has been supplied in step S308 notifies the control unit 11 of successful authentication (step S208), and ends the mutual authentication process.

(Execution of Game Program) When the control unit 11 is supplied with a notification of successful authentication, the game system continues to execute the game program according to the procedure shown in FIG.

First, the control unit 11 reads the encryption key from the ROM 21 and supplies it to the authentication LSI 17.
The authentication LSI 17 decrypts the encrypted encryption key using the key decryption secret key stored therein, and supplies the encryption key obtained by the decryption to the control unit 11 (FIG. 5, step S
401). The control unit 11 to which the encryption key is supplied is stored in the ROM 2
1 to read the encrypted position list (step S40).
2).

Next, the control unit 11 specifies and reads data representing the first processing of the game program from the data stored in the ROM 21 (step S403).
Identification of the first process may be performed by any method, for example,
A header of a predetermined format may be added to data representing the first process in advance, and the control unit 11 may search the data stored in the ROM 21 for the header.

Next, the control unit 11 analyzes the contents of the encryption position list read in step S402 to determine whether the data read in step S403 is an encryption module (step S404). .
If it is not an encryption module (if it is a non-encryption module), the process represented by the non-encryption module is executed (step S405). If it is an encryption module, the encryption module is decrypted using the encryption key supplied to itself in step S401 (step S40).
6) Execute the process represented by the data obtained by the decoding (step S407).

When another process is called in the processes executed in steps S405 and S407, the control unit 11 reads data representing the called process.
The data is treated as the data specified in step S403, and the process proceeds to step S404.

That is, the control unit 11 determines in step S40
5 and the data representing the process called in S407 are read, and it is determined whether or not the read data is an encryption module based on the contents of the encryption position list. If it is not an encryption module, the process proceeds to step S405. If it is an encryption module, the process proceeds to step S406.
Transfer processing to

Through the processing described above, the game system executes the game program according to the data stored in the ROM 21. At this time, if the data representing the process to be executed is encrypted, the process is executed after decrypting the data.

As described above, in this game system, it is not necessary to sign the entire game program to be executed. For example, if a part of the game program is used for signature data creation, The purpose of protecting the game program from unauthorized access is substantially achieved.

As described above, if a part of the game program is to be signed (that is, if the worm-eating ceremony is signed), the calculation of the digest is smaller than when the entire game program is to be signed. As a result of the higher speed, the processing of signature confirmation becomes faster, and smooth progress of the game is less likely to be hindered.

In this game system, it is not necessary to encrypt the entire game program to be executed. For example, if data representing the processing of a scene important in the progress of the game is encrypted, the game program can be encrypted. The purpose of protecting against unauthorized access is substantially achieved.

As described above, if the game program is partially encrypted (in a worm-eating manner), the execution of the game program becomes faster and the game becomes smoother than when the entire game program is encrypted. Progress is less likely to be inhibited. Further, as a result of the omission of the encryption, the redundancy of the information stored in the ROM 21 is reduced, and the storage of the data in the ROM 21 becomes efficient.

Note that the configuration of this game system is not limited to the above. For example, the data stored in the ROM 21 does not need to represent a game program executed by the game machine 1, and the game machine 1 does not need to be a device for executing the game program. The cassette 2 stores data to be supplied to the game machine 1 in the ROM 2.
1, the data to be supplied to the game machine 1 is, for example, a CD-ROM or a DVD (Digital Video).
o Disk) or any other recording medium. The game machine 1 and the cassette 2 do not need to be detachably connected to each other, and may be fixedly connected to each other or exchange data with each other via a communication line. You may.

The function of the authentication LSI 17 is controlled by the control unit 1.
1 may be performed, or a plurality of integrated circuits
7 may be performed, or a plurality of integrated circuits may perform the function of the authentication LSI 23. The game machine 1 may store the encryption key used for decrypting the data in step S406 in advance.

The storage area of the authentication LSI 23 of the cassette 2 for storing the digest dA is, for example, a PROM (Programmable Read Only Memory) or the like.
It may be a storage area of a once-writable nonvolatile storage device. In this case, the authentication LSI 23 is a ROM
It is not necessary to separately manufacture each cassette 2 in which the data stored in 21 is different. Therefore, for example, an authentication LSI in a state where the contents of a once-writable storage area is initialized
23 may be mass-produced, and then the digest dA may be written to a once-writable storage area of each authentication LSI 23.

The storage area of the authentication LSI 17 of the game machine 1 for storing a secret key for key encryption and a public key for signature verification is an EEPROM (Electrically Erasable).
It may be a storage area of a rewritable nonvolatile storage device such as an e / Programmable Read Only Memory (e / Programmable Read Only Memory). In this case, the authentication LSI 17 does not need to be manufactured separately for each of different data obtained from the cassette 2. For example, the authentication LSI 17 in which the contents of the rewritable storage area are initialized is mass-produced. Is also good. An authentication LSI in which the contents of the rewritable storage area are initialized.
The user of the game machine 1 having the game device 17
A public key for signature verification necessary for authenticating the cassette 2 to be connected to the
The data may be written in the rewritable storage area of I17.

The ROM 21 may store signature data for an encryption module that is separate from the above-described signature data in association with the encryption module. For example, the signature data for the encryption module encrypts the encryption module associated with itself using a third secret key that is different from the above-described secret key for signature and secret key for key decryption. What is necessary is just what was made. In this case, for example, L for authentication
The SI 17 may store the third public key paired with the third secret key in advance.

Thus, the confidentiality of the encryption module is further improved. Also, for example, the ROM 21 of the cassette 2
Of the game data stored in the game machine 1 except for the portion representing the processing of the trial version of the game, which is to be individually signed, and which does not store the third public key.
, And the like, so that a trial version game can be played.

When the encryption module is associated with the signature data for the encryption module, the game system, after the notification of the successful authentication is supplied to the control unit 11,
For example, the game program may be executed according to the procedure shown in FIG. In the procedure shown in FIG. 6, the processes denoted by the same reference numerals as those shown in FIG. 5 represent processes substantially the same as those shown in FIG.

That is, when the control unit 11 is notified of the success of the authentication, the game system subsequently performs substantially the same processing as steps S401 to S404 in FIG. 5 (FIG. 6, steps S401 to S401). S404). The processing of step 404 in FIG. 6 (that is, step 404 in FIG. 5)
If the data specified in step S403 is an encryption module, the control unit 11 determines whether there is encryption module signature data associated with the data. It is determined whether or not it is (step S408).

When it is determined that there is no data, the control unit 11
Shifts the processing to step S406. If it is determined that there is, the corresponding encryption module signature data is read, and the read encryption module signature data and the encryption module read in step S403 are supplied to the authentication LSI 17 (step S409).

The authentication LSI 17 converts the encryption module supplied from the control unit 11 into a predetermined hash function (for example, a value obtained by substituting a hash function substantially the same as that used in step S102 (hereinafter, digest dG Is calculated, and the digest dG is supplied to the control unit 11 (step S410).

Next, the authentication LSI 17 executes step S4
In step S411, the encryption module signature data supplied in step 09 is decrypted using the third public key stored therein, and the data obtained by decryption is supplied to the control unit 11.

Next, the control unit 11 compares the digest dG supplied from the authentication LSI 17 in step S410 with:
In step S411, it is determined whether the data supplied from the authentication LSI 17 substantially matches (step S412). If it is determined that they match, the process proceeds to step S406. If they do not match, the output device 3 is instructed to display an image indicating authentication failure, and the execution of the game program is terminated. In response to this instruction, an image representing the authentication failure is displayed.

Further, a digital signature may be applied to the encrypted position data using a secret key for the encrypted position data which is different from the secret key for the signature described above. In this case, it is not necessary to use the encrypted position data for creating the signature data (that is, the information of (6) above), and therefore, the signature target list indicates the storage area where the encrypted position data is stored. No information needs to be included.

When the encrypted position data has been digitally signed using a secret key for the encrypted position data,
For example, the authentication LSI 17 of the game machine 1 may store a public key for encrypted position data authentication that is paired with a secret key for encrypted position data. And the game machine 1
For example, after the process of step S402 described above, step S
Before proceeding to the process of 403, it may be configured to authenticate that the encrypted position data has been created by the authorized source of the cassette 2 using the public key for encrypted position data authentication. .

Although the embodiments of the present invention have been described above, the authentication system and the authentication device of the present invention can be realized by using an ordinary computer system without using a dedicated system. For example, an authentication device and an authentication system that execute the above-described processing are configured by installing the program for executing the above-described operation in a personal computer from a medium (a floppy disk, a CD-ROM, or the like) storing the program. be able to.

The medium for supplying the program to the computer may be a communication medium (medium for temporarily and fluidly holding the program, such as a communication line, a communication network, or a communication system). For example, the program may be posted on a bulletin board (BBS) of a communication network and distributed via the network. Then, by starting this program and executing it in the same manner as other application programs under the control of the OS, the above-described processing can be executed.

If the OS shares part of the processing,
Alternatively, when the OS constitutes a part of one component of the present invention, the recording medium may store a program excluding the part. Also in this case, in the present invention, it is assumed that the recording medium stores a program for executing each function or step executed by the computer.

[0102]

As described above, according to the present invention, an authenticating system and an authenticating apparatus are realized in which the supply of the game machine and the cartridge by the authorized supplier is secured, and the reading of data and the duplication of the cartridge are prevented. Is done.

[Brief description of the drawings]

FIG. 1 is a block diagram showing a basic configuration of a game system according to an embodiment of the present invention.

FIG. 2 is a diagram schematically illustrating a data structure of data stored in a ROM.

FIG. 3 is a flowchart illustrating a digital signature confirmation process.

FIG. 4 is a flowchart illustrating a process of mutual authentication.

FIG. 5 is a flowchart showing a procedure of executing a game program.

FIG. 6 is a flowchart illustrating a modification of the procedure of executing the game program.

[Explanation of symbols]

 Reference Signs List 1 game machine 11 control unit 12 main storage unit 13 external storage unit 14 input unit 15 slot 16, 22 interface 17, 23 authentication LSI 2 cassette 21 ROM

Claims (18)

[Claims] 1. A main body-side authentication unit and a cartridge-side authentication unit, wherein the main-body-side authentication unit includes: a main-body-side storage unit that stores main-body-side signature data unique to itself; After obtaining the cartridge-side signature data, it is determined whether or not the cartridge-side signature data is unique to the cartridge-side authentication unit, and when it is determined to be unique, the data is transferred from the cartridge-side authentication unit. A cartridge-side identification unit that acquires target data; the cartridge-side authentication unit includes a storage unit that stores the transfer target data; a cartridge-side storage unit that stores the cartridge-side signature data; The main body side signature data is obtained from the main body side signature data, and it is determined whether or not the main body side signature data is unique to the main body side authentication unit. And a cartridge-side determination unit that supplies the transfer target data stored in the storage unit to the main unit-side authentication unit when it is determined that 2. The cartridge-side signature data is obtained by encrypting a digest representing a value obtained by substituting specific data into a predetermined one-way function by using a secret key. Means for storing the specific data, wherein the main unit-side authentication unit acquires the specific data from the cartridge-side authentication unit, decrypts the cartridge-side signature data using a public key, and It is determined whether or not the cartridge-side signature data is substantially the same as the digest. When it is determined that the digest is substantially the same, the cartridge-side signature data is determined by the cartridge-side authentication unit. The authentication system according to claim 1, wherein it is determined whether or not the authentication is unique to the authentication system. 3. The specific data comprises a previously specified portion of the transfer target data, the cartridge-side storage means includes means for storing signature target identification data for specifying the portion, and the main body. The side authentication unit obtains the signature target identification data from the cartridge side storage unit, and obtains, as the specific data, the part specified by the obtained signature target identification data in the transfer target data. The authentication system according to claim 2, comprising means. 4. The part specified by the signature target identification data, wherein the cartridge-side signature data decrypted after the main body-side authentication unit acquires the specific data is substantially the same as the digest. The authentication system according to claim 3, wherein a time required for determining whether or not the authentication is determined to be within a predetermined time. 5. The apparatus according to claim 1, wherein the main body-side authentication unit includes key storage means for rewritably storing the public key supplied from outside, and stores the cartridge-side signature data in the public key stored in the key storage means. The authentication system according to claim 2, wherein decryption is performed by using the authentication system. 6. The main body side storage means and the cartridge side storage means each include means for storing substantially the same common secret data, and the main body side discriminating means creates main body side challenge data. Means for supplying the cartridge-side challenge data from the cartridge-side determination means and storing the acquired cartridge-side challenge data, the decrypted cartridge-side signature data, and the main body-side storage means. Means for generating body-side response data representing a value obtained by substituting data representing the three parties of the common secret data into the one-way function, and supplying the data to the cartridge-side determination means; Response data is obtained, and the main body side challenge data is decrypted. It is determined whether or not a value obtained by substituting the data representing the three members of the cartridge-side signature data and the common secret data stored in the main body-side storage means into the one-way function represents the cartridge-side response data. Means for judging that the cartridge-side signature data is unique to the cartridge-side authentication unit when determined to represent, the cartridge-side storage means includes digest storage means for storing the digest, The cartridge-side determination unit generates the cartridge-side challenge data and supplies the created challenge-side data to the main-unit-side determination unit; the main-unit-side challenge data obtained from the main-unit-side determination unit; The digest and the cartridge stored in the cartridge-side storage means Means for creating the cartridge-side response data representing a value obtained by substituting data representing the three of the common secret data stored in the side storage means into the one-way function, and supplying the cartridge-side response data to the body-side determination means; The main body side response data is obtained from the side discrimination means, and the cartridge side challenge data, the digest stored in the cartridge side storage means and the common secret data stored in the cartridge side storage means are represented by three pieces of data. It is determined whether or not the value assigned to the one-way function represents the body-side response data, and when it is determined that the value is represented, it is determined that the body-side signature data is unique to the body-side authentication unit. The authentication system according to any one of claims 2 to 5, further comprising means. 7. The authentication system according to claim 6, wherein the digest storage means includes means for storing the digest supplied from the outside substantially in a nonvolatile manner. 8. The storage means includes means for storing the data to be transferred which has been encrypted, and wherein the main body-side authentication unit stores the cartridge-side signature data acquired from the cartridge-side authentication unit in the cartridge-side authentication unit. 8. The device according to claim 2, further comprising: a unit that obtains the encrypted transfer target data from the cartridge-side authentication unit and decrypts the transfer target data when it is determined that the transfer target data is unique. Authentication system described in section. 9. The apparatus according to claim 1, wherein said storage means includes means for storing the encrypted data to be transferred in association with the encrypted signature data for encrypted data unique to the data to be transferred. The authentication unit, when it is determined that the cartridge-side signature data obtained from the cartridge-side authentication unit is unique to the cartridge-side authentication unit, obtains the encrypted data signature data from the cartridge-side authentication unit, Determined whether the acquired encrypted data signature data is unique to the encrypted transfer target data associated with the encrypted data signature data,
9. A means for obtaining and decrypting the encrypted transfer target data associated with the encrypted data signature data when it is determined to be unique, and decrypting the data. Authentication system described. 10. The storage means comprises means for storing position data for identifying a logical position of a portion for storing the encrypted transfer target data in a storage area of the storage means, wherein the specific data is The main body-side authentication unit acquires the encrypted transfer target data from a logical position identified by the position data in a storage area of the storage unit and decrypts the transfer target data. The authentication system according to claim 8 or 9, further comprising means. 11. The storage means: means for storing position data for identifying a logical position of a portion for storing the encrypted transfer target data in a storage area of the storage means; Means for storing position data signature data, wherein the body-side authentication unit obtains the position data signature data from the cartridge-side authentication unit, and the obtained position data signature data is used as the position data. It is determined whether the transfer object is unique or not, and when it is determined that the transfer object is unique, the encrypted transfer target is obtained from a logical position identified by the position data in the storage area of the storage means. The authentication system according to claim 8, further comprising: means for acquiring and decrypting data. 12. A storage means for storing data to be transferred,
Cartridge-side storage means for storing cartridge-side signature data representing specific data and a digest representing a value obtained by substituting the specific data into a predetermined one-way function using a secret key; The main body side signature data is obtained from the connected device, and it is determined whether or not the main body side signature data is unique to the device. And a cartridge-side discriminating means for supplying the data to be transferred to the apparatus. The authentication apparatus is detachably connected to the cartridge-side authentication apparatus, and stores the body-side signature data unique to itself. Main body storage means, obtaining the specific data from the cartridge side authentication device, decrypting the cartridge side signature data using a public key, and decrypting It is determined whether or not the cartridge-side signature data obtained is substantially the same as the digest, and when it is determined that the data is substantially the same, the cartridge-side authentication device transmits the transfer target data. An authentication device comprising: a main body-side determination unit that obtains the following. 13. A body-side storage means for storing body-side signature data unique to itself, and a specific data and a digest representing a value obtained by substituting the specific data into a predetermined one-way function using a secret key. The cartridge-side signature data and the specific data are obtained from a device that stores the cartridge-side signature data representing the encrypted data, and the obtained cartridge-side signature data is decrypted using a public key, and the decryption is performed. Determining whether or not the cartridge-side signature data thus obtained is substantially the same as the digest; and determining that the signature data is substantially the same as the digest. An authentication device detachably connected to a main body-side authentication device including: a side determination unit; a storage unit configured to store the transfer target data; Cartridge-side storage means for storing the printer-side signature data and the specific data; and obtaining the main-body-side signature data from the main-body-side authentication device, wherein the main-body-side signature data is unique to the main-body-side authentication device. And a cartridge-side determination unit that supplies the transfer target data stored in the storage unit to the main unit-side authentication device when determining whether the data is unique. An authentication device characterized by the above-mentioned. 14. A system comprising: first and second authentication units, wherein the first authentication unit includes: first storage means for storing first signature data unique to itself; and the second authentication unit. Obtaining specific data, decrypting the second signature data using a public key, and digesting the decrypted second signature data representing a value obtained by substituting the specific data into a predetermined one-way function It is determined whether or not the second signature data is substantially the same as when the second signature data is unique to the second authentication unit. And a first determining unit that obtains transfer target data from the second authentication unit when determining whether the transfer target is unique. Second storage means for storing data and the second signature data; and the first authentication From the first signature data, and determines whether or not the first signature data is unique to the first authentication unit. When it is determined that the first signature data is unique, And a second determining unit that supplies the transfer target data stored in the second storage unit to the first authentication unit, wherein the second signature data is specified in advance among the transfer target data. A value obtained by substituting the specific data representing the encrypted portion into a predetermined one-way function using a secret key. 15. The second storage means includes means for storing the data to be transferred which has been encrypted, and wherein the first authentication unit obtains the second signature data obtained from the second authentication unit. Means for acquiring the encrypted transfer target data from the second authentication unit and decrypting the encrypted data to be transferred when it is determined that the data is unique to the second authentication unit. Item 15. An authentication system according to Item 14. 16. The apparatus according to claim 16, wherein the second storage unit stores the encrypted transfer target data in association with the encrypted data signature data unique to the transfer target data. When the first authentication unit determines that the second signature data obtained from the second authentication unit is unique to the second authentication unit, the first authentication unit transmits the encrypted data to the second authentication unit. Acquires data signature data, and determines whether the acquired encrypted data signature data is unique to the encrypted transfer target data associated with the encrypted data signature data. Means for acquiring and decrypting the encrypted transfer target data associated with the encrypted data signature data when it is determined that the data is unique. Item 15 System. 17. A storage means for storing data to be transferred,
Cartridge-side storage means for storing cartridge-side signature data representing specific data and a digest representing a value obtained by substituting the specific data into a predetermined one-way function using a secret key; The main body side signature data is obtained from the connected device, and it is determined whether or not the main body side signature data is unique to the device. And a cartridge-side discriminating means for supplying the data to be transferred to the device. A computer removably connected to a cartridge-side authentication device, which stores the body-side signature data unique to itself. Means for obtaining the specific data from the cartridge-side authentication device, decrypting the cartridge-side signature data using a public key, and It is determined whether or not the cartridge-side signature data is substantially the same as the digest.When it is determined that the signature data is substantially the same, the transfer-target data is transmitted from the cartridge-side authentication device. A computer-readable recording medium in which a main body-side determination unit to be obtained and a program for causing the main unit to function are recorded. 18. A main body side storage means for storing main body side signature data unique to itself, and a specific data and a digest representing a value obtained by substituting the specific data into a predetermined one-way function using a secret key. The cartridge-side signature data and the specific data are acquired from a device that stores the cartridge-side signature data representing the encrypted data, and the acquired cartridge-side signature data is decrypted using a public key. Determining whether or not the cartridge-side signature data is substantially the same as the digest; and determining that the signature data is substantially the same as the digest. Storage means for storing the data to be transferred; and Cartridge-side storage means for storing side signature data and the specific data; and obtaining the main body side signature data from the main body side authentication device, wherein the main body side signature data is unique to the main body side authentication device. Discriminating whether the data to be transferred stored in the storage means to the body-side authentication device when it is determined to be unique, and A computer-readable recording medium on which a program is recorded.