JP2006254099A - Microprocessor - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a microprocessor, capable of applying encryption for preventing decoding or alteration from the outside to data and programs accessed via a data bus, which can be accessed from the outside. <P>SOLUTION: A microprocessor 1 encrypts a plurality of data, and comprises a storage portion 3 for storing information on a plurality of encryption methods, a selection control portion 4 for selecting one of the plurality of encryption methods from the storage portion 3, and an encryption portion 5 for encrypting data, in accordance with the selected encryption method from the selection control portion 4. Since the microprocessor 1 can encrypt each piece of data with a different encryption method, the microprocessor 1 makes it difficult to decode or tamper from the data or programs of others. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a microprocessor for preventing data and programs processed by the microprocessor from being decoded or falsified.

  Data and programs that the microprocessor accesses for processing are stored in a memory connected to the microprocessor via a data bus, and are accessed from the microprocessor as needed for processing. Here, since the data bus can be accessed not only by the microprocessor but also by other devices, the data and programs in the memory, or the data and programs fetched into the registers in the microprocessor are also other devices. It is accessible from. In this way, since it can be accessed from others, data and programs can be decrypted and altered. For this reason, data and programs accessed by the microprocessor are encrypted in order to prevent the decryption and falsification of these data and programs to realize confidentiality protection. For example, Patent Document 1 (Japanese Patent Laid-Open No. 2003-280989) discloses a technique of a microprocessor that encrypts data and programs to be accessed using different encryption keys. Or the microprocessor disclosed by patent document 1 decodes these data and programs encrypted with a different encryption key with the decryption key corresponding to a different encryption key.

  Since the microprocessor disclosed in Patent Document 1 encrypts a plurality of data and programs with different encryption keys, stronger security protection is realized.

  However, with recent advances in decryption techniques for encrypted data, it is not sufficient to prevent decryption and the like just by changing the encryption key for each data or program to be encrypted. In particular, there is a problem in that all encrypted data having different encryption keys are decrypted by decrypting the encryption method. Furthermore, there has been a problem that the decrypted data and programs may be falsified.

In particular, since data and programs accessed by the microprocessor can be accessed from others via a data bus, there is a problem that the contents of data and programs can be easily obtained by decryption of encryption.
JP 2003-280989 A

  SUMMARY OF THE INVENTION An object of the present invention is to provide a microprocessor that encrypts data and programs accessed via an externally accessible data bus to prevent decryption and alteration from others.

  The microprocessor according to the first invention is a microprocessor for encrypting a plurality of data, and selects a storage unit for storing information of a plurality of encryption methods and a plurality of encryption methods from the storage unit And an encryption unit that encrypts data in accordance with the encryption method selected by the selection control unit, and encrypts data using different encryption methods.

  With this configuration, data and programs accessed by the microprocessor are encrypted by different encryption methods, making it difficult to decrypt and alter these data and programs from other sources. As a result, the degree of security of data and programs accessed by the microprocessor is increased.

  In the microprocessor according to the second invention, the storage unit includes an encryption method table having a combination of a plurality of data and a plurality of encryption methods.

  With this configuration, different encryption methods can be easily assigned to each data and program.

  In the microprocessor according to the third invention, the encryption method table is encrypted.

  With this configuration, it is difficult to decipher the information related to the encryption method assigned for each data.

  In the microprocessor according to the fourth invention, the encryption method table has a combination in which different encryption methods having a low correlation are assigned to each of two or more data having a high correlation among a plurality of data.

  With this configuration, it becomes extremely difficult to decipher all encryption of highly correlated data and programs. As a result, the degree of security is further increased.

  In the microprocessor according to the fifth invention, the storage unit further stores an encryption key corresponding to the encryption method.

  With this configuration, it is possible to perform encryption by changing the encryption key in addition to the encryption method for each data.

  In the microprocessor according to the sixth invention, the data includes data read from the external memory by the microprocessor.

  With this configuration, it is possible to prevent data from being decoded from others during the exchange between the microprocessor and the memory.

  In the microprocessor according to the seventh invention, the data includes a program used in the microprocessor.

  With this configuration, not only data but also a program used for processing by the microprocessor is encrypted by different encryption methods.

  In the microprocessor according to the eighth aspect of the invention, the program includes an operating system program.

  With this configuration, the operating system program used by the microprocessor is also encrypted by a different encryption method, which is effective when the operating system program is stored in the external memory.

  In the microprocessor according to the ninth aspect of the invention, the plurality of encryption methods include encryption methods dedicated to operating system programs.

  With this configuration, the operating system program can be encrypted with a particularly high degree of security protection.

  The microprocessor according to the tenth aspect of the present invention further includes a memory control unit for controlling a read address of data from the external memory and a write address to the external memory.

  With this configuration, data holding in the memory corresponding to the address and data size of the access destination that changes before and after encryption is appropriately performed.

  In the microprocessor according to the eleventh aspect, the memory control unit performs address control corresponding to a change in data size before and after data encryption.

  With this configuration, data holding in the memory corresponding to the address and data size of the access destination that changes before and after encryption is appropriately performed.

  In the microprocessor according to the twelfth aspect, the memory control unit performs address control based on the encryption method selected by the selection control unit.

  With this configuration, since address control is performed based on the encryption method information, even if the data size varies depending on the encryption method, data can be arranged in a memory space without waste.

  A microprocessor according to a thirteenth aspect of the present invention further includes a decryption unit that decrypts the data encrypted by the encryption unit.

  With this configuration, the microprocessor can decrypt the encrypted data or program and use it for arithmetic processing or the like as necessary.

  According to the present invention, since data and programs accessed by the microprocessor are encrypted by separate encryption methods, it is very difficult to decrypt these encrypted data and programs. For this reason, it is difficult to decode or alter data via a bus or the like configured between the microprocessor and the memory, and there is an effect that the degree of security of data and programs required by the microprocessor is increased.

  In addition, by performing memory control corresponding to the data size that changes due to encryption, even if the encryption method is changed according to the data or program, it is possible to perform reliable memory writing, etc. in order to increase the degree of security protection Become. Such memory control has an effect of increasing the degree of freedom in assigning encryption methods for each data and program.

  In addition, since the decryption unit corresponding to the encryption unit is provided, the microprocessor can easily use the encrypted data or program for the arithmetic processing. In decryption, since a decryption method corresponding to the encryption method is used, the decryption method is optimal when a plurality of encryption methods are used in order to enhance security.

  Embodiments of the present invention will be described below with reference to the drawings.

(Embodiment 1)
The microprocessor according to the first embodiment will be described with reference to FIGS.

  FIG. 1 is a block diagram of a microprocessor according to Embodiment 1 of the present invention.

  First, the configuration of the microprocessor 1 will be described.

  The microprocessor 1 includes the following elements. The processor core 2 executes actual arithmetic operations on programs and data read from the memory 9 and the like, and executes various instruction controls. In addition, the selection control unit 4 is notified of the type of data or program to be encrypted. The selection control unit 4 refers to the storage unit 3 according to the notification of the data to be encrypted and the type of program from the processor core 2 and selects an encryption method corresponding to the data to be encrypted. At this time, according to the information stored in the storage unit 3, a different encryption method is selected for each data or program to be encrypted. The selection control unit 4 outputs the selection result as encryption method information 10 to the encryption unit 5.

  The storage unit 3 stores a combination of encryption methods assigned to each data to be encrypted.

  The encryption unit 5 encrypts target data and programs using an encryption method based on the encryption method information 10 from the storage unit 3. At this time, data and programs to be encrypted are read from the memory 9 via the bus 8. Since different encryption methods are selected depending on the data and program to be encrypted, encryption is realized by different encryption methods depending on the data and program. Note that different data and programs may be encrypted by the same encryption method according to specifications and necessity. Further, when the encryption method is the same, the encryption key may be changed.

  The bus interface 7 controls data exchange with the bus 8. The memory control unit 6 controls an address and the like in accessing the memory 9. Note that the memory control unit 6 and the bus interface may be configured by the same block.

  The memory 9 stores data and programs that are accessed by the microprocessor 1. The microprocessor 1 reads out data and programs stored in the memory 9 via the bus 8 and uses them for various processes. At this time, since the data and programs stored in the memory 9 are encrypted by the encryption unit 5 and then written to the memory 9, these data and programs are stored in the memory 9 in an encrypted state. The

  With the above configuration, data and programs exchanged between the microprocessor 1 and the memory 9 are encrypted by different encryption methods, so that decryption and alteration from others are prevented with high accuracy.

  Next, details of the storage unit 3 will be described with reference to FIGS.

  The storage unit 3 stores information for determining a corresponding encryption method for each data or program to be encrypted. For example, the storage unit 3 stores an encryption method table 11 having a combination of encryption methods corresponding to the type of data or program. The encryption method table 11 is formed using a register or a memory.

  2, FIG. 3, and FIG. 4 are diagrams showing encryption scheme tables in Embodiment 1 of the present invention. The encryption method table 11 is a table of data to be encrypted, programs (or operating system programs), and the corresponding encryption methods.

  The encryption method table 11 shown in FIG. 2 is a table that combines four data to be encrypted and the corresponding encryption methods. The four data are first data 20, second data 21, third data 22, and fourth data 23. In FIG. 2, four data from the first data 20 to the third data 23 are shown for convenience of illustration, but may be more or less than this.

  The first data 20 to the fourth data 23 are different data. For example, the first data 20 may be coefficient data used for filtering, and the second data 21 may be data related to a generator polynomial for error detection.

  A separate encryption method is assigned to each of the four data. A first encryption scheme 30 is assigned to the first data 20. A second encryption method 31 is assigned to the second data 21. A third encryption scheme 32 is assigned to the third data 22. A fourth encryption method 33 is assigned to the fourth data 23. The first encryption method 30 to the fourth encryption method 33 are different encryption methods.

  For example, the first encryption method and the second encryption method have different code lengths used for encryption. Alternatively, the third encryption method is a DES encryption method, and the fourth encryption method is an elliptic coding method.

  Next, in the encryption method table 11 shown in FIG. 3, different encryption methods are assigned to the first data 20, the second data 21, the first program 24, and the second program 25. A first encryption scheme 30 is assigned to the first data 20. A second encryption method 31 is assigned to the second data 21. The first encryption program 32 is assigned to the first program 24. A fourth encryption method 33 is assigned to the second program 25. In this way, not only data but also a program accessed by the microprocessor 1 is assigned a different encryption method, and encryption is executed.

  Further, in the encryption method table 11 shown in FIG. 4, an operating system dedicated encryption method 34 is assigned to the operating system (“OS”) program 26 in addition to data and programs. The memory 9 also stores programs such as resident tasks included in the operating system, which can be subject to decryption and tampering by others, and are therefore preferably encrypted. Further, since the operating system program 26 has a particularly high demand for security protection, it is preferable to use the operating system-dedicated encryption method 34. By using a dedicated encryption method that is not used for other data and programs, it is possible to more firmly prevent decryption and tampering. Note that the operating system-dedicated encryption method 34 is preferably a heterogeneous encryption method having low relevance to other encryption methods.

  Thus, by assigning different encryption methods to data and programs, each data and program is encrypted with different encryption methods. When data and programs are encrypted with the same encryption method, all data and programs are also decrypted when one encryption method is decrypted. In other words, decryption or alteration of one data from another affects all other data and programs. On the other hand, when encryption is performed using different encryption methods, it is necessary to decrypt all encryption methods in order to decrypt all encrypted data and programs. For this reason, it becomes extremely difficult to decrypt and alter all encrypted data and programs. In particular, because there are multiple encryption methods, it is necessary for the decipherer to decipher the encryption based on all combinations, so that it is difficult to decipher exponentially compared to the case of a single encryption method. It becomes. For this reason, by encrypting using different encryption methods for each data and program, the accuracy of security protection of any or all of the plurality of data and programs is improved. Further, in the difference only with the conventional encryption key, since all the encrypted data is decrypted only by decrypting the key based on one encryption method, the degree of security protection is weak. On the other hand, in the present invention in which the encryption method itself is different, since it is necessary to perform many decryption of the encryption method that is much more difficult than the decryption of the encryption key, the decryption becomes very difficult and the degree of security protection is increased. Improve dramatically.

  Also, data and programs are easily deciphered from others when signals are flowing on the bus 8. For this reason, when the microprocessor 1 accesses these data stored in the memory 9, the data is likely to be decrypted. For this reason, for frequently accessed data, it is possible to enhance the prevention of decryption of the encrypted data by using an encryption method having a long code length. On the other hand, for data with low access frequency, it is also preferable to assign an encryption method according to the possibility of decryption, such as using an encryption method with a short code length. Alternatively, it is also preferable that the encryption method is assigned according to the importance of the data. For example, a strong encryption method such as an encryption method with a long code length is assigned to data with a high security requirement, and a normal encryption method is assigned to data with a low security requirement. It is done. By assigning different encryption methods according to importance and access frequency in this way, a balance between processing load and security protection is ensured.

  It is also preferable to assign an encryption method with low correlation to data and programs with high correlation. For example, when the first data 20 shown in FIG. 3 is used in the first program 24, the first data 20 and the first program 24 are highly correlated. For this reason, when a highly correlated encryption method (for example, a method is similar) is assigned to the first data 20 and the first program 24, one of them is decrypted so that the other can be easily decrypted and altered. Therefore, the process based on the first program may be impossible. For this reason, an encryption method with low correlation is assigned to the first program 24 and the first data 20, and it is possible to prevent one from being easily decrypted by the other. As a result, malfunction due to tampering can be prevented.

  The assignment of different encryption methods to these data and programs can be easily realized by the encryption method table 11 shown in FIGS. 2 to 4, but may be realized by register assignment or the like. If the number of data and programs to be encrypted is larger than the number of encryption methods, the same encryption method is assigned to data with relatively low access frequency and protection importance. May be. In addition, the encryption method may not be fixedly assigned to the data or program, but may be assigned after being sequentially replaced.

  Note that the encryption method table 11 itself is also preferably stored encrypted. This is because the encryption method can prevent reading from the other encryption method table 11.

  Based on the encryption information in the storage unit 3 storing the encryption method table 11 and the like as described above, the encryption unit 5 encrypts data and programs. FIG. 5 shows the state of the memory 9 before encryption and after encryption.

  FIG. 5 (a) is a diagram showing the state of the memory before encryption in Embodiment 1 of the present invention, and FIG. 5 (b) is the state of the memory after encryption in Embodiment 1 of the present invention. FIG. Before encryption, unencrypted first data 40, unencrypted second data 41, unencrypted first program 42, and unencrypted second program 43 are stored in the memory 9. On the other hand, after encryption, the encrypted first data 50 encrypted by the first encryption scheme 30, the encrypted second data 51 encrypted by the second encryption scheme 31, and the third An encrypted first program 52 encrypted by the encryption method 32 and an encrypted operating system program 53 encrypted by the operating system dedicated encryption method 34 are stored.

  As described above, by performing encryption, each data and program is encrypted by different encryption methods and stored in the memory 9. For this reason, even if there is access from others via the bus 8 or the like, it is difficult to decipher these plural data and programs encrypted by different encryption methods. As a result, the security of data and programs that can be accessed from other sources is ensured. In particular, not only the conventional encryption key but also the encryption method is different, so that the difficulty of decryption is drastically improved, and the degree of security protection becomes very high.

(Embodiment 2)
Next, the second embodiment will be described with reference to FIGS. In the second embodiment, the microprocessor 1 corresponding to the change in data size due to encryption will be described.

  The microprocessor 1 encrypts the data and program read from the memory 9, and writes the encrypted data and the like again in the memory for storage. This encryption changes the data size of data and programs. For this reason, it is necessary to change the start address and data size of the data stored in the memory 9 before and after encryption. When the start addresses of a plurality of data stored in the memory 9 are the same before and after the encryption, if the data size is increased by the encryption, an overlapping portion is generated in the addresses of the plurality of data. As a result, it becomes impossible to properly store the encrypted data in the memory 9. In particular, in the microprocessor 1 that performs encryption using different encryption methods for each data and program, the data size varies depending on the type of encryption.

  FIG. 6 is a block diagram of the microprocessor according to the embodiment of the present invention, and FIG. 7 is a block diagram around the memory control unit according to the second embodiment of the present invention.

  The microprocessor 1 includes a selection control unit 4, and the selection control unit 4 selects an encryption method to be used. As a result, the selection control unit 4 outputs the selected encryption information 10 to the encryption unit 5 and the memory control unit 6.

  Here, the encryption unit 5 includes, from the memory control unit 6, the second pre-encryption data information 101 (the offset address, size, and value of the access destination before encryption with reference to the head of the area to be encrypted) ) And encrypt. Further, after encryption, the encryption unit 5 outputs the second encrypted data information 102 (including the encrypted access destination offset address, size, and value to be encrypted).

  The address handled by the encryption unit 5 is an offset address in the encryption target area because the difference from the address accessed by the applied encryption method is limited to the inside of the encryption target area. is there. In addition, it is also preferable that information on the address of the access destination and the size conversion due to the difference in the encryption method is provided corresponding to each of the encryption methods in the encryption unit 5.

  The memory control unit 6 controls the address and size of data before and after encryption converted between the processor core 2 and the bus interface 7. First, the first pre-encryption data information 100 (including the address, size, and value of the memory access destination before encryption) received from the processor core 2 is stored in the second pre-encryption data information 101 (the encryption target area). (Including the offset address, size, and value of the access destination before encryption based on the head) and output to the encryption unit 5.

  Next, the second encrypted data information 102 (including the encrypted access destination offset address, size, and value) to be encrypted is received from the encryption unit 5, and the first encrypted data information 103 (encryption) (Including the address, size, and value of the memory access destination after conversion) and output. The memory control unit 6 uses the first encrypted data information 103 to control addresses and areas at the time of writing data and programs to the memory 9.

  For example, when the data size by encryption is approximately doubled from the encryption method information 10 and the first pre-encryption data information 100, the memory control unit 6 performs area control to double the storage size. Similarly, the memory control unit 6 performs control to set the next data write start address to a value twice that at the time of reading. By this control, the control to the memory 9 corresponding to the change in the data size due to encryption is realized. In addition, by using the encryption information 10 or the like, memory control appropriately corresponding to a data size change corresponding to a difference in the encryption method is realized.

  FIG. 8 shows the state of memory control.

  FIG. 8A is a diagram showing the state of the memory before encryption in the second embodiment of the present invention, and FIG. 8B is the state of memory after encryption in the second embodiment of the present invention. FIG.

  Before encryption, the memory 9 stores unencrypted first data 40 and unencrypted second data 41. The unencrypted first data 40 is stored from the first start address 60, and the unencrypted second data 41 is stored from the second start address 61. By encrypting the unencrypted first data 40 and the unencrypted second data 41, the data size is increased. Therefore, the memory control unit 6 changes the start address in accordance with the increase in the data size.

  The converted second start address 63 of the encrypted second data 51 is changed in accordance with the data size expansion. For example, the value of the second start address after conversion is increased at a constant rate or increased based on the encryption method information 10 or the like.

  As described above, the memory address corresponding to the change in the data size due to the encryption can be realized by the start address control of the encrypted data or the like for the memory 9 by the memory control unit 6. As described above, by the memory control corresponding to the change in the data size, the improvement of the degree of confidentiality and the appropriate memory control in the encryption process are simultaneously ensured.

(Embodiment 3)
Next, Embodiment 3 will be described with reference to FIG. 9 and FIG. The microprocessor according to the third embodiment further includes a decryption unit that decrypts encrypted data and programs.

  FIG. 9 is a block diagram of the microprocessor according to the third embodiment of the present invention. The decryption unit 14 is provided in the microprocessor 1 together with the encryption unit 5 and decrypts encrypted data and programs. When the processor core 2 performs processing using the read encrypted data or the like, the encrypted data is decrypted by the decryption unit 14 as necessary.

  The storage unit 3 holds information regarding the decoding method used by the decoding unit 14. The selection control unit 4 selects a necessary decoding method from the decoding method information and outputs the selection result to the decoding unit 14. At this time, the selection control unit 4 selects a decryption method corresponding to the encryption method. The storage unit 3 holds a decryption method corresponding to an encryption method that differs for each data or program. For example, a decoding method for each data or program is held by a table or the like.

  FIG. 10 is a diagram showing a storage unit according to the third embodiment of the present invention, and shows an encryption method / decryption method table 15. The encryption method / decryption method table 15 has a correspondence relationship between the encryption method and the decryption method applied to each data or program. The encryption method / decryption method table 15 includes both the encryption method and the decryption method, but each of the encryption method and the decryption method may be configured individually.

  The encryption method / decryption method table 15 has the correspondence shown in FIG. A first encryption scheme 30 and a first decryption scheme 70 are assigned to the first data 20. A second encryption scheme 31 and a second decryption scheme 71 are assigned to the second data 21. A third encryption scheme 32 and a third decryption scheme 72 are assigned to the first program 24. The operating system program 26 is assigned an operating system dedicated encryption system 34 and an operating system dedicated decryption system 73.

  The selection control unit 4 selects a decryption method based on the encryption method / decryption method table 15 provided in the storage unit 3, and outputs the selection result to the decryption unit 14. That is, when the data to be decoded is the first data 20, the decoding unit 14 decodes using the first decoding method 70. When the data to be decoded is the second data 21, the decoding unit 14 decodes using the second decoding method 71. When the program to be decoded is the first program 24, the decoding unit 14 performs decoding using the third decoding method 72. When the program to be decrypted is the operating system program 26, the decrypting unit 14 decrypts using the operating system dedicated decryption method 73.

  As described above, the encrypted data and program are decrypted according to the correspondence of the decryption methods provided in the storage unit 3 in advance. The decrypted data and program are used for arithmetic processing in the processor core 2.

  Note that the encryption scheme / decryption scheme table 15 shown in FIG. 10 is an example, and may be a different combination, or the same decryption scheme may be assigned depending on data or a program.

  Also, since the decrypted data and program are used in the processor core 2, they are not accessed from the bus 8. Since the decrypted data and program are encrypted again by the encryption unit 5 and then written to the memory 9, it is difficult to perform decryption or the like via the bus 8.

  As described above, the decryption unit 5 for decrypting using the decryption method corresponding to the encryption method is provided in the microprocessor 1, so that the decrypted data and programs can be stored when necessary for processing in the processor core 2. Can be used. In addition, since the decryption method is different for each data and program as in the encryption method, decryption from the outside becomes very difficult, and the degree of security protection is increased.

  Note that the decryption unit 14 may share a common circuit with the encryption unit 5, and in this case, the circuit scale and the like can be reduced.

(Embodiment 4)
Next, a fourth embodiment will be described with reference to FIGS.

  In the fourth embodiment, a case will be described in which encrypted data and programs exist on the memory and the microprocessor 1 processes them.

  FIG. 11 is a block diagram of the microprocessor according to the fourth embodiment of the present invention, and FIG. 12 is a flowchart of data processing of the microprocessor according to the fourth embodiment of the present invention.

  The memory 9 stores encrypted first data 50, encrypted second data 51, and an encrypted operating system program 53. The encrypted first data 50 is encrypted by the first encryption method 30, the encrypted second data 51 is encrypted by the second encryption method 31, and the encrypted operating system program 53 is stored in the operating system. It is encrypted with the dedicated encryption method 34. For this reason, when performing processing using these, it is necessary for the microprocessor 1 to perform decryption using a decryption method corresponding to each encryption method. In particular, when data to be processed is changed, decoding and processing using different decoding methods causes errors and malfunctions. For this reason, in a series of program processing by the processor core 1, when the data or program to be processed changes, that is, when the data or program is encrypted with a different encryption method, the changing encryption method is used. Correspondingly, it is necessary to switch the decoding method. This is because data and programs are encrypted using different encryption methods.

  The encrypted first data 50, the encrypted second data 51, and the encrypted operating system program 53 stored in the memory 9 are used by the microprocessor 1.

  When processing these data and programs, the microprocessor 1 needs to decrypt and decrypt the data and use it for arithmetic processing. For this reason, the microprocessor 1 uses the data decoded by the decoding unit 14 according to the decoding method selected by the selection control unit 4. At this time, the encrypted first data 50 requires the first decryption method 70. The encrypted second data 51 requires the second decryption method 71. The encrypted operating system program 53 requires an operating system dedicated decryption method 73. Therefore, the selection control unit 4 selects a decryption method after recognizing which encrypted data or program is a processing target. The selection control unit 4 recognizes switching of data and programs to be decoded by using a notification signal from software upon completion of software processing of data and programs and an interrupt signal from hardware.

  The flow of the decoding process for data to be decoded will be described with reference to FIG.

  First, in step 1, the microprocessor 1 reads the encrypted first data 50 from the memory 9. When the selection control unit 4 issues a read command for the encrypted first data 50, the encrypted first data 50 is encrypted by the first encryption method 30, and the first encryption method 30 includes the first data It recognizes from the information of the storage part 3 that the decoding method 70 respond | corresponds. In accordance with this information, in step 2, the decryption unit 14 decrypts the encrypted first data 50 using the first decryption method 70. The microprocessor 1 executes processing using the decoded first data 20.

  Next, in step 3, a notification of switching from the first data to the second data is output to the microprocessor 1. Upon completion of the calculation, a notification from the software is output to the microprocessor. By this notification, the selection control unit 4 recognizes that the processing of the second data is necessary after the processing of the first data 20. In accordance with this recognition, in step 4, the selection control unit 4 selects the second decoding method 71 based on the information in the storage unit 3. The selection control unit 4 outputs the selection result of the second decoding method 71 to the decoding unit 14 as decoding method information.

  Next, in step 5, the microprocessor 1 reads the encrypted second data 51 from the memory 9. In step 6, the decryption unit uses the selected second decryption method 71 to store the encrypted second data 51. Decrypt. The microprocessor 1 performs processing using the decoded second data 21.

  Next, while a software process using such data is being performed, an interrupt from hardware (for example, a timer interrupt or an instruction interrupt) may occur. In the case of a hardware interrupt, the microprocessor 1 needs to perform processing using an operating system program. For this reason, the process after step 7 is needed.

  In step 7, a hardware interrupt occurs (if it does not occur, processing using the second data 21 continues). When a hardware interrupt occurs, the selection control unit 4 selects the operating system dedicated decoding method 73 according to the information in the storage unit 3 in step 8. The selection control unit 4 outputs the selection result of the operating system dedicated decoding method 73 to the decoding unit 14 as decoding method information. Next, in step 9, the microprocessor 1 reads the encrypted operating system program 53 from the memory 9. The decryption unit 14 decrypts the read encrypted operating system program 53 using the operating system dedicated decryption method 73. The microprocessor 1 uses the decrypted operating system program 26 to execute processing for a hardware interrupt. In this way, processing without error or the like of data or programs encrypted by different encryption methods is realized by using a processing end notification or hardware interrupt. At this time, by using the process end notification, it is possible to synchronize the selection switching of the decoding method and the timing of access to the memory 9, thereby realizing decoding without waste. Further, by using an interrupt for switching from normal data or program processing to operating system program processing, an appropriate decoding method can be switched.

  In particular, in order for the selection control unit 4 to select a decryption method corresponding to the operating system program 26, if the processor core 2 is set to a specific mode (privileged mode or the like), security protection during decryption is performed. Will also increase. That is, during the decoding of the operating system program, access to the bus and internal registers is permitted only to the processor core 2, and access from others via the bus 8 is rejected. For this reason, even when the decrypted program is stored in a register or the like in the microprocessor 1, access from others can be prevented. This is particularly suitable for the operating system program 26 where security is highly required.

  As described above, it is possible to read and process data and programs encrypted by different encryption methods without causing an error or a time lag, using a processing end signal or an interrupt signal.

  The present invention can be suitably used, for example, in the field of a microprocessor having an encryption process for preventing data from being read from a memory and used for arithmetic processing from being externally decoded or falsified.

Block diagram of a microprocessor according to the first embodiment of the present invention The figure showing the encryption system table in Embodiment 1 of this invention. The figure showing the encryption system table in Embodiment 1 of this invention. The figure showing the encryption system table in Embodiment 1 of this invention. (A) The figure showing the state of the memory before encryption in Embodiment 1 of this invention (b) The figure showing the state of the memory after encryption in Embodiment 1 of this invention Block diagram of the microprocessor according to the second embodiment of the present invention Block diagram around the memory control unit in Embodiment 2 of the present invention (A) The figure showing the state of the memory before encryption in Embodiment 2 of this invention (b) The figure showing the state of the memory after encryption in Embodiment 2 of this invention Block diagram of a microprocessor according to Embodiment 3 of the present invention The figure showing the storage part in Embodiment 3 of this invention Block diagram of a microprocessor according to a fourth embodiment of the present invention Flowchart of microprocessor data processing in Embodiment 4 of the present invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Microprocessor 2 Processor core 3 Storage part 4 Selection control part 5 Encryption part 6 Memory control part 7 Bus interface 8 Bus 9 Memory 10 Encryption method information 11 Encryption method table 12 Data size information 13 Decoding method information 14 Decoding part 15 Encryption method / decryption method table 20 First data 21 Second data 22 Third data 23 Fourth data 24 First program 25 Second program 26 Operating system program 30 First encryption method 31 Second encryption method 32 First 3 encryption method 33 4th encryption method 34 operating system dedicated encryption method 40 unencrypted first data 41 unencrypted second data 42 unencrypted first program 43 unencrypted operating system program 70 first decryption Method 71 Second decoding method 72 Third decoding method 73 operating system for decoding scheme

Claims (15)

A microprocessor for encrypting a plurality of data,
A storage unit for storing information of a plurality of encryption methods;
A selection control unit for selecting any of the plurality of encryption methods from the storage unit;
A microprocessor that includes an encryption unit that encrypts the data according to an encryption method selected by the selection control unit, and encrypts the data using a different encryption method. The microprocessor according to claim 1, wherein the storage unit includes an encryption method table having a combination of the plurality of data and the plurality of encryption methods. The microprocessor according to claim 2, wherein the encryption method table is encrypted. 3. The microprocessor according to claim 2, wherein the encryption method table has a combination in which different encryption methods having a low correlation are assigned to each of two or more pieces of data having a high correlation among the plurality of data. The microprocessor according to any one of claims 1 to 4, wherein the storage unit further stores an encryption key corresponding to the encryption method. 6. The microprocessor according to claim 1, wherein the data includes data read from an external memory by the microprocessor. The microprocessor according to claim 1, wherein the data includes a program used by the microprocessor. The microprocessor according to claim 7, wherein the program includes an operating system program. 9. The microprocessor according to claim 8, wherein the plurality of encryption methods include an encryption method dedicated to the operating system program. The microprocessor according to any one of claims 1 to 9, further comprising a memory control unit that controls a read address of the data from an external memory and a write address to the external memory. The microprocessor according to claim 10, wherein the memory control unit performs address control corresponding to a change in data size before and after the data is encrypted. The microprocessor according to claim 10, wherein the memory control unit performs address control based on an encryption method selected by the selection control unit. The microprocessor according to claim 1, further comprising a decryption unit that decrypts the data encrypted by the encryption unit. The microprocessor according to claim 13, wherein the storage unit further stores information on a decoding method used in the decoding unit. The microprocessor according to claim 13, wherein the decryption unit decrypts the encrypted data by a decryption method corresponding to the encryption method used in the encryption unit.

Images