JP2004046907A - Portable electronic apparatus - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a portable electronic apparatus for obtaining high security even with respect to the random attack of a command. <P>SOLUTION: When the command inputted from an outer part is received, the portable electronic apparatus such as an IC card processes the received command, and outputs a status word to an outer part as the processing result. After performing the processing with respect to the received command, the apparatus discriminates that a normal status word is outputted or the specified status word is outputted which indicates that the command is not supported, and, then, selectively outputs the normal or specified status word on the basis of the discrimination result. <P>COPYRIGHT: (C)2004,JPO

Description

The present invention relates to a so-called IC card having, for example, an IC (integrated circuit) chip having a rewritable nonvolatile memory and a control element such as a CPU and having means for inputting and outputting data from outside. Related portable electronic devices.

In recent years, as a new portable data storage medium, a so-called IC card having a built-in IC chip having a rewritable nonvolatile memory and a control element such as a CPU and having means for inputting / outputting data from the outside. Is being developed.

Generally, this type of IC card outputs a status word (SW) for a received command as a result of performing a predetermined process. That is, when a command input from the outside is received, processing for the received command is performed, and a status word is output to the outside as a processing result. For example, if the key collation command does not match, a status word such as “6300 (collation mismatch)” is output.

However, in the case of the above-described conventional technology, when the CLA byte or INS byte determined by the command code standard is randomly attacked, “6300” is output as a status word at CLA = 00 and INS = 20, It turned out that there was a key collation command, and there was a big problem that security was inferior.

This is a problem especially for applications that require high security, such as financial settlement applications.

Therefore, an object of the present invention is to provide a portable electronic device that can obtain high security even for a random attack of a command.

The portable electronic device of the present invention, upon receiving a command input from the outside, processes the received command, and outputs a status word to the outside as a processing result. After performing the above, the identification means for identifying whether to output the regular status word indicating the processing content or the specific status word indicating the content different from the regular status word, and to the identification result of the identification means, Status output means for selectively outputting the normal status word or the specific status word based on the status word.

Further, when the portable electronic device of the present invention receives a command input from the outside, the portable electronic device performs processing on the received command, and outputs a status word to the outside as a processing result. If the processing does not end normally after performing the processing for, whether to output a regular status word indicating the processing content or a specific status word indicating the content different from the normal status word An identification means for identification and status output means for selectively outputting the regular status word or the specific status word based on the identification result of the identification means are provided.

Further, when the portable electronic device of the present invention receives a command input from the outside, the portable electronic device performs processing on the received command, and outputs a status word to the outside as a processing result. If the process is completed normally after performing the process for, whether a normal status word indicating the process content is output or a specific status word indicating the content different from the normal status word is output is identified. An identification unit; and a status output unit for selectively outputting the regular status word or the specific status word based on the identification result of the identification unit.

Further, when the portable electronic device of the present invention receives a command input from the outside, the portable electronic device performs processing on the received command, and outputs a status word to the outside as a processing result. After performing the processing for, if the processing is not completed normally, determining means for determining whether the received command is a specific command, and if the command received by the determining means is a specific command When it is determined that there is no command, a normal status word indicating the processing content is output to the outside, and when the determination unit determines that the received command is a specific command, the specific status word indicating the content different from the normal status word is specified. Status output means for outputting a status word to the outside.

Further, the portable electronic device of the present invention can register a plurality of applications, and in each of the registered applications, upon receiving a command input from the outside, performs a process for the received command, and as a processing result, a status word. After processing the received command in a portable electronic device that outputs the external status to the outside, a normal status word indicating the processing content is output or a specific status word indicating the content different from the normal status word is output Switching means for switching whether or not to do so in accordance with the currently selected application, and status output means for selectively outputting the regular status word or the specific status word based on the switching result of the switching means. .

Further, the portable electronic device of the present invention can register a plurality of applications, and in each of the registered applications, upon receiving a command input from the outside, performs a process for the received command, and as a processing result, a status word. In a portable electronic device that outputs a message to the outside, after processing the received command, if the processing is not completed normally, a normal status word indicating the processing content is output or the normal status word is output. Switching means for switching whether to output a specific status word indicating a content different from that according to the currently selected application, and selectively selecting the normal status word or the specific status word based on the switching result of the switching means. Status output means to output It is provided.

Further, the portable electronic device of the present invention can register a plurality of applications, and in each of the registered applications, upon receiving a command input from the outside, performs a process for the received command, and as a processing result, a status word. In a portable electronic device that outputs a message to the outside, if a process for a received command is performed and the process is normally completed, a normal status word indicating the processing content is output or different from the normal status word. Switching means for switching whether to output a specific status word indicating the content according to the currently selected application, and selectively outputting the normal status word or the specific status word based on the switching result of the switching means. Status output means To have.

Further, the portable electronic device of the present invention can register a plurality of applications, and in each of the registered applications, upon receiving a command input from the outside, performs a process for the received command, and as a processing result, a status word. In the portable electronic device that outputs the command to the outside, if the process for the received command is not completed normally after performing the process on the received command, it is determined whether or not the currently selected application is a specific application. Determining means, if the determining means determines that the currently selected application is not a specific application, outputs a normal status word indicating the processing content to the outside, and the determining means determines that the application currently selected is A particular application If was boss are provided with a status output means for outputting a specific status word indicating different contents and status word of the normal to the outside.

According to the present invention, after processing a received command, it is determined whether to output a regular status word indicating the processing content or to output a specific status word indicating a content different from the normal status word. By selectively outputting a proper status word or a specific status word based on the identification result, it is possible to provide a portable electronic device capable of obtaining high security against a random attack of a command.

Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 shows a configuration example of a terminal device that handles an IC card as a portable electronic device according to the present invention. That is, this terminal device enables the IC card 1 to be connected to the control unit 3 including a CPU or the like via the card reader / writer 2 and the control unit 3 includes the keyboard 4, the CRT display device 5, and the printer 6. Connected and configured.

In the IC card 1, a plurality of applications can be registered. For example, as shown in FIG. 2, a control element (control unit) 11 such as a CPU, a data memory 12 as a memory (storage means), a working memory 13, a program It comprises a memory 14, and a contact section 15 for obtaining electrical contact with the card reader / writer 2. Of these, the control element 11, the data memory 12, the working memory 13, and the program memory 14 It is composed of one IC chip (or a plurality of IC chips) 16. Then, the IC chip 16 and the contact portion 15 are integrated into an IC module and embedded in the IC card main body.

The data memory 12 is used for storing various data, and is composed of, for example, a rewritable nonvolatile memory such as an EEPROM.
The working memory 13 is a memory for temporarily storing processing data and the like when the control element 11 performs processing, and is composed of, for example, a RAM.
The program memory 14 is configured by, for example, a mask ROM, and stores a control program of the control element 11 and the like.

FIG. 3 shows a part of the data memory 12, in which a state setting flag 21, key data 22, and application issuing information 23 are stored. The status setting flag 21 determines which status word is to be output, that is, whether to output a normal status word (a normal status word indicating the processing content) or a specific status indicating a content different from the normal status word. This is for identifying whether to output a word, and is set by a flag setting command.

Here, the specific status word is a status word indicating a content different from a regular status word indicating that the corresponding command is not supported. For example, the status word for the key collation command is “6D00 (INS unsupported). Support) ”is output as a specific status word.

The key data 22 is used for establishing an access right of a flag setting command for setting the status setting flag 21, and verification key data or authentication key data is set.

The application issuance information 23 indicates that the application has already been issued, and is set to issued when a high security application is issued.

FIG. 4 shows a part of the working memory 13, in which an access condition flag 31 and application identification information 32 are stored, respectively. The access condition flag 31 is a flag indicating that the access right has been established, and is set according to the result of the verification of the key data 22 or the authentication. The application identification information 32 indicates the type of the currently selected application.

FIG. 5 shows a part of the program memory 14, which stores a command search table 41 for specifying whether to output a normal status word or a specific status word for each command. In the command search table 41, for each command supported by the IC card, CLA, INS, access condition information, command format information, SW information for specifying which status word to output, and the like are registered. .

FIG. 6 shows an example of the format of a flag setting command for setting the state setting flag 21, which is composed of a command header 51 and flag information 52.
FIG. 7 shows a format example of the key collation command, which is composed of a command header 61 and a key value 62.

Next, the processing of a command for outputting a specific status word will be described with reference to the flowchart shown in FIG. When a command sent from the card reader / writer 2 is received, the process proceeds to step S1. In step S1, it is checked whether the received command is registered in the command search table 41.

If the result of this check is that it is registered in the command search table 41, the operation proceeds to step S2. In step S2, it is checked whether the access right is established by referring to the access condition flag 31. As a result of this check, if the access right has been established, the process proceeds to step S3. In step S3, it is checked whether or not the received command is in an appropriate format by referring to the format information in the command search table 41.

場合 If the result of this check is that the format is appropriate, the process proceeds to step S4. In step S4, processing for the received command is performed. Next, in step S5, it is checked whether the process in step S4 has been completed normally. If the result of this check is that the processing has ended normally, the operation proceeds to step S6. In step S6, a normal end status word is output to the card reader / writer 2, and the system enters a command waiting state.

If not registered in the command search table 41 in step S1, if the access right is not established in step S2, if the format is not appropriate in step S3, or if the processing is normal in step S5 If not, the process proceeds to step S7. In step S7, by referring to the SW information in the command search table 41, it is checked whether to output a specific status word or a normal status word. That is, it checks whether the received command is a predetermined specific command (for example, a key collation command).

If the result of this check is that a specific status word is to be output (if the received command is a specific command), the operation proceeds to step S8. In step S8, by referring to the state setting flag 21, it is checked whether the state setting flag 21 is set to output a specific status word or whether it is set to output a normal status word. As a result of this check, if the status setting flag 21 is set to output a specific status word, the process proceeds to step S9. In step S9, a specific status word (specific error status) is output to the card reader / writer 2, and the system enters a command waiting state.

If a normal status word is output in step S7 (if the received command is not a specific command), or if the status setting flag 21 is set to output a normal status word in step S8, Proceed to S10. In step S10, a normal status word (normal error status) is output, and the system enters a command waiting state.

As described above, when the received command is processed and the processing is not completed normally, the specific status word is output or the normal status word is output by referring to the command search table 41. When outputting a specific status word, it is checked whether the status setting flag 21 is set to output a specific status word or whether it is set to output a normal status word. If 21 is set to output a specific status word, it outputs a specific status word. In the above check, when a normal status word is output, or when the status setting flag 21 is set to output a normal status word, a normal status word is output.

Next, the processing of a command that outputs a specific status word even when the processing ends normally will be described with reference to the flowchart shown in FIG. Note that the same steps as those in FIG. 8 are denoted by the same reference numerals, description thereof will be omitted, and only different portions will be described.

場合 If the processing is normally completed in step S5, the process proceeds to step S11. In step S11, by referring to the SW information in the command search table 41, it is checked whether to output a specific status word or a normal status word. That is, it checks whether the received command is a predetermined specific command (for example, a key collation command).

If the result of this check is that a specific status word is to be output (if the received command is a specific command), the operation proceeds to step S12. In step S12, by referring to the status setting flag 21, it is checked whether the status setting flag 21 is set to output a specific status word or whether it is set to output a normal status word. As a result of this check, if the status setting flag 21 is set to output a specific status word, the process proceeds to step S13. In step S13, a specific status word (specific error status) is output to the card reader / writer 2, and the system enters a command waiting state.

If a normal status word is output in step S11 (if the received command is not a specific command), or if the status setting flag 21 is set to output a normal status word in step S12, Proceed to S6. In step S6, a normal end status word is output to the card reader / writer 2, and the system enters a command waiting state.

Thus, even when the processing is completed normally, the same processing as when the processing is not completed normally is performed.

Next, processing of a command for outputting a specific status word in a specific application will be described with reference to a flowchart shown in FIG. Note that the same steps as those in FIG. 8 are denoted by the same reference numerals, description thereof will be omitted, and only different portions will be described.

If not registered in the command search table 41 in step S1, if the access right is not established in step S2, if the format is not appropriate in step S3, or if the processing is normal in step S5 If not, the process proceeds to step S14. In step S14, by referring to the application identification information 32, it is checked whether the currently selected application is a predetermined specific application (for example, an application requiring high security).

If the result of this check indicates that a particular application has been selected, the operation proceeds to step S15. In step S15, by referring to the application issuance information 23, it is checked whether the status has been set to the issued state. As a result of this check, if the application issuance information 23 is set to the issued state, the process proceeds to step S9. In step S9, a specific status word is output, and the system enters a command waiting state.

If the specific application has not been selected in step S14, or if the application issuance information 23 has not been set to the issued state in step S15, the process proceeds to step S10. In step S10, a normal status word is output, and a command wait state is set.

As described above, if the processing for the received command is not completed normally after the processing for the received command, it is checked whether a specific application is selected by referring to the application identification information 32 and the specific application is checked. Is selected, it is checked whether or not the status is set to the issued status by referring to the application issuing information 23. If the status is set to the issued status, a specific status word is output. If a specific application is not selected in the above check, or if the application issuance information 23 is not set to the issued state, a normal status word is output.

Next, the processing of a command that outputs a specific status word even when the processing is normally completed by a specific application will be described with reference to the flowchart shown in FIG. The same steps as those in FIG. 10 are denoted by the same reference numerals, and description thereof will be omitted. Only different parts will be described.

場合 If the processing is normally completed in step S5, the process proceeds to step S16. In step S16, by referring to the application identification information 32, it is checked whether the currently selected application is a predetermined specific application (for example, an application requiring high security).

If the result of this check indicates that a particular application has been selected, the operation proceeds to step S17. In step S17, by referring to the application issuance information 23, it is checked whether the status has been set to the issued status. As a result of this check, if the application issuance information 23 is set to the issued state, the process proceeds to step S18. In step S18, a specific status word (specific error status) is output to the card reader / writer 2, and the system enters a command waiting state.

If a specific application has not been selected in step S16, or if the application issuance information 23 has not been set to the issued state in step S17, the process proceeds to step S6. In step S6, a normal end status word is output, and the system enters a command waiting state.
As described above, even when the processing is normally completed in a specific application, the same processing as when the processing is not normally completed is performed.

FIG. 1 is a block diagram showing a configuration of a terminal device that handles an IC card as a portable electronic device according to an embodiment of the present invention. FIG. 2 is a block diagram schematically showing a configuration of an IC card. FIG. 2 is a schematic diagram showing a part of a data memory. FIG. 2 is a schematic diagram showing a part of a working memory. FIG. 2 is a schematic diagram showing a part of a program memory. FIG. 4 is a schematic diagram showing a format of a flag setting command. FIG. 3 is a schematic diagram showing a format of a key collation command. 9 is a flowchart for explaining processing of a command that outputs a specific status word. 9 is a flowchart for describing processing of a command that outputs a specific status word even when processing has ended normally. 9 is a flowchart illustrating processing of a command that outputs a specific status word in a specific application. 9 is a flowchart for explaining processing of a command that outputs a specific status word even when processing has been normally completed by a specific application.

Explanation of reference numerals

DESCRIPTION OF SYMBOLS 1 ... IC card (portable electronic device), 2 ... Card reader / writer (external device), 11 ... Control element, 12 ... Data memory, 13 ... Working memory, 14 ... Program memory, 15 ... Contact part, 21 ... State Setting flag, 22 key data, 23 application issuing information, 31 access condition flag, 32 application identification information, 41 command search table (storage means),

Claims (12)

Upon receiving a command input from the outside, the portable electronic device performs a process on the received command, and outputs a status word to the outside as a processing result.
After performing the processing for the received command, identification means for identifying whether to output a regular status word indicating the processing content or to output a specific status word indicating a content different from the regular status word,
Status output means for selectively outputting the regular status word or the specific status word based on the identification result of the identification means,
A portable electronic device comprising: Upon receiving a command input from the outside, the portable electronic device performs a process on the received command, and outputs a status word to the outside as a processing result.
After processing the received command, if the processing is not completed normally, output a proper status word indicating the processing content or output a specific status word indicating the content different from the normal status word Identification means for identifying
Status output means for selectively outputting the regular status word or the specific status word based on the identification result of the identification means,
A portable electronic device comprising: Upon receiving a command input from the outside, the portable electronic device performs a process on the received command, and outputs a status word to the outside as a processing result.
After processing the received command, if the processing ends normally, whether to output a regular status word indicating the processing content or a specific status word indicating the content different from the normal status word Means for identifying
Status output means for selectively outputting the regular status word or the specific status word based on the identification result of the identification means,
A portable electronic device comprising: The portable electronic device according to claim 1, wherein the specific status word is a status word indicating that the received command is not supported. The identification means has a flag for identifying whether to output a regular status word or a specific status word, and outputs a regular status word or a specific status depending on a setting state of the flag. The portable electronic device according to any one of claims 1 to 3, wherein whether to output a word is identified. The identification means has storage means for storing information for specifying whether to output a regular status word or a specific status word for each command, and refers to the regular status word by referring to the storage means. The portable electronic device according to any one of claims 1 to 3, wherein the portable electronic device determines whether to output a specific status word or a specific status word. Upon receiving a command input from the outside, the portable electronic device performs a process on the received command, and outputs a status word to the outside as a processing result.
After performing the processing for the received command, if the processing is not completed normally, determining means for determining whether the received command is a specific command,
If the determination unit determines that the received command is not a specific command, it outputs a normal status word indicating the processing content to the outside, and if the determination unit determines that the received command is a specific command, Status output means for outputting a specific status word indicating the content different from the regular status word to the outside,
A portable electronic device comprising: In a portable electronic device that can register a plurality of applications and, in each registered application, receive a command input from the outside, perform a process on the received command, and output a status word to the outside as a processing result.
Depending on the currently selected application, after processing the received command, whether to output a formal status word indicating the processing content or a specific status word indicating the content different from the formal status word is output. Switching means for switching
Status output means for selectively outputting the regular status word or the specific status word based on a switching result of the switching means;
A portable electronic device comprising: In a portable electronic device that can register a plurality of applications and, in each registered application, receive a command input from the outside, perform a process on the received command, and output a status word to the outside as a processing result.
After processing the received command, if the processing is not completed normally, output a proper status word indicating the processing content or output a specific status word indicating the content different from the normal status word Switching means for switching whether to perform according to the currently selected application;
Status output means for selectively outputting the regular status word or the specific status word based on a switching result of the switching means;
A portable electronic device comprising: In a portable electronic device that can register a plurality of applications and, in each registered application, receive a command input from the outside, perform a process on the received command, and output a status word to the outside as a processing result.
After processing the received command, if the processing ends normally, whether to output a regular status word indicating the processing content or a specific status word indicating the content different from the normal status word Switching means for switching according to the currently selected application,
Status output means for selectively outputting the regular status word or the specific status word based on a switching result of the switching means;
A portable electronic device comprising: The switching means has issue identification information for identifying whether or not the selected application has been issued, and performs the switching operation when the issue identification information has been issued. The portable electronic device according to any one of claims 8 to 10, wherein the operation is performed. In a portable electronic device that can register a plurality of applications and, in each registered application, receive a command input from the outside, perform a process on the received command, and output a status word to the outside as a processing result.
After performing the processing for the received command, if the processing is not completed normally, determining means for determining whether the currently selected application is a specific application,
If the determination unit determines that the currently selected application is not a specific application, it outputs a normal status word indicating the processing content to the outside, and the determination unit determines that the currently selected application is a specific application. If it is determined that there is a status output means that outputs a specific status word indicating the content different from the regular status word to the outside,
A portable electronic device comprising:

Images