JP2007265400A - Portable memory - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a portable memory capable of providing sufficient protection functions to data such as a file. <P>SOLUTION: In a memory unit 6, since an encryption key is changed whenever the file (data) stored in a flash memory 35 is used in a microcomputer 43, security is raised. In addition, since the microcomputer 43 periodically performs consistency check of the encryption key, information leakage by unauthorized analysis is prevented. <P>COPYRIGHT: (C)2008,JPO&INPIT

Description

  The present invention relates to a portable memory, and more particularly to a portable memory that can provide a powerful data protection function for files and the like.

  In recent years, non-volatile flash memory devices used by connecting to a USB (Universal Serial Bus) connector, which is a standard interface of a computer, have been gaining popularity. Various methods for protecting files in the flash memory device by encryption or the like have been proposed.

For example, in Patent Document 1 below, a portable storage medium such as a flash memory or a memory stick, or a smart media, an SD card, or the like cannot be accessed by another person unless the password entered from the outside is correct. An adapter for a storage medium connected to a micro media card or the like is disclosed.
Further, in the conventional file protection system as described above, authentication is performed by inputting a password from a keyboard or the like for file protection.
Japanese Patent Laid-Open No. 2004-211956

However, the above-described conventional file protection method has a problem in that secret information leaks when data is read by directly accessing the flash memory by an unauthorized method.
Also, the file cannot be protected if the password is stolen together with the recording medium. In addition, the user has to remember a long password or write it in a notebook, etc., and there is a problem that the user may forget or leak the password.

  An object of the present invention is to provide a portable memory that can solve the above-described problems of the prior art and can provide a sufficient protection function for data such as files.

  In order to solve the above-described problems of the prior art and achieve the above-described object, the portable memory of the present invention includes an interface for inputting / outputting data to / from a computer, a memory for storing data, and a random number. Encryption / decryption provided with a random number generation means to be generated, an encryption function for encrypting data with an encryption key generated based on the random number generated by the random number generation means, and a decryption function for decrypting data Means, a write operation for causing the encryption / decryption means to encrypt data input via the interface, and writing to the memory, and the encryption / decryption means for reading the encrypted data read from the memory And a control means for performing a read operation for outputting via the interface after decryption.

In the portable memory of the present invention, data is encrypted and stored in the memory. Therefore, even when the memory is directly and illegally accessed, since the data is encrypted, it is possible to avoid leakage of secret information.
In addition, in the portable memory of the present invention, since the encryption key is generated by generating a random number, it is difficult to predict the encryption key, and illegal decryption can be made difficult.

The control means of the portable memory according to the present invention is preferably configured to encrypt / decrypt the data subjected to the read operation based on a new encryption key generated using a newly generated random number. After being encrypted by the means, it is written in the memory.
In addition, the control unit of the portable memory according to the present invention preferably further includes an illegal reading determination unit that determines whether or not the data stored in the memory is illegally read.
The control means of the portable memory of the present invention preferably stores the encryption key in a storage means other than the memory and associates the encryption key with data encrypted using the encryption key. The unauthorized reading determination means stored in the memory compares the encryption key stored in the storage means with the encryption key stored in the memory to determine whether or not the data has been illegally read. .

Further, the control means of the portable memory of the present invention preferably deletes the data determined by the unauthorized reading determination means as being illegally read from the memory.
The control means of the portable memory of the present invention preferably determines that the data is unusable based on a decoding condition associated with the data stored in the memory. The data is deleted on the condition that it is specified to be deleted when is not available.

The portable memory of the present invention preferably further includes biometric authentication means for performing biometric authentication, and the control means controls access to the memory based on a result of biometric authentication by the biometric authentication means. To do.

The control unit of the portable memory according to the present invention preferably stores the control unit in the memory based on a predetermined condition when the number of negative determinations exceeds a specified number in the biometric authentication process by the biometric authentication unit. Delete the stored data.
The portable memory of the present invention preferably includes a housing that houses the memory, the encryption / decryption means, and the control means, and projects a plug that constitutes the interface, and a cover that covers the plug. Protective means for sliding outside the housing between the position 1 and the second position that does not cover the plug.

In addition, the biometric authentication unit of the portable memory according to the present invention preferably has a sensor unit for sensing biometric data, and the protection unit includes the sensor unit when the protection unit is located at the second position. An opening for exposing the sensor part to the outside is formed.
The random number generation means of the portable memory of the present invention preferably generates a natural random number using a radiation source.

ADVANTAGE OF THE INVENTION According to this invention, the portable memory which can provide sufficient protection function with respect to data, such as a file, can be provided.

<First Embodiment>
Hereinafter, the memory unit 6 according to the embodiment of the present invention and the computer to which the memory unit 6 is mounted will be described.
FIG. 1 is a configuration diagram of a computer 10 in which a memory unit 6 (to be described later) of the present embodiment is mounted.

  The computer 10 is a personal computer having a known configuration. As shown in FIG. 1, for example, a USB interface 21, a display 22, an operation unit 23, a memory 24, a network interface 25, and a process connected via a bus 20. A circuit 26 is included. The USB interface 21 is, for example, a USB connector conforming to the USB standard, but is not limited to this.

The computer 10 includes an Internet, a LAN (Local Area
Network) and a data communication line may be connected to the server via an arbitrary communication network.

FIG. 2 is a configuration diagram of the memory unit 6 as a portable memory according to the present embodiment.
As shown in FIG. 2, the memory unit 6 includes a USB plug 31, a USB controller 33, a flash memory controller 34, a flash memory 35, a random number generator 37, a timer 39, a battery 41, a microcomputer 43, and the like.

  Further, the microcomputer 43 is a tamper-resistant module, and processing and data in the microcomputer 43 cannot be monitored from the outside and cannot be tampered with.

The USB plug 31 is connected to the USB connector of the USB interface 21 of the computer 10.
The USB controller 33 controls the microcomputer 43 to perform communication based on the USB protocol via the USB plug 31. Such a USB controller 33 is commercially available.

The flash memory controller 34 performs a file (data) write operation and a read operation with respect to the flash memory 35 based on an instruction from the microcomputer 43. The flash memory controller 34 stores a serial number unique to the memory unit 6.
Instead of incorporating the flash memory 35 in the memory unit 6, an arbitrary media card incorporating the flash memory may be detachable.

  The random number generator 37 as a random number generating means is a device that generates a natural random number using a weak radioactive ray source and a sensor as disclosed in Japanese Patent No. 2926539, for example. In addition, you may use the random number generator by the hardware of another system, or the random number generator which has a function which generate | occur | produces a pseudorandom number with software.

The timer 39 has a clocking function including, for example, a crystal oscillator, is backed up by the battery 41, and is configured to continue operation even when the memory unit 6 is disconnected from the computer 10 and power is not supplied from the USB plug 31. ing.

The microcomputer 43 is a well-known one-chip computer including a CPU, RAM, ROM, flash memory, external interface port (bus), and the like.
The microcomputer 43 is connected to the USB controller 33, the flash memory controller 34, the random number generator 37, and the timer 39, and the built-in CPU executes a program stored in the ROM.
The processing of the microcomputer 43 described in the present embodiment is executed based on the above program. The ROM also stores a serial number unique to the microcomputer 43.

  The microcomputer 43 has encryption / decryption means and control means. The encryption / decryption means has an encryption function for encrypting data stored in the flash memory 35 and a decryption function for decrypting data stored encrypted in the flash memory 35. The control means has a control function for comprehensively controlling the operation of the memory unit 6.

File management information is stored in the flash memory in the microcomputer 43 shown in FIG.
The file management information includes, for example, the name (file name) of the data (file) stored in the flash memory 35, the file size, the file storage address in the flash memory 35, the file update date, the data encryption method, and the encryption key. , Decryption conditions, update history information, and the like.
Decryption conditions include a decryption permission period, a decryption permission deadline, the number of decryption permission times, necessity of deletion in the case of expiration, processing for illegal use, and the like.

Hereinafter, an operation example of the memory unit 6 will be described.
[Initial operation]
The memory unit 6 executes the following initial operation when the user issues a request to start an application to the computer 10 to which the memory unit 6 is attached.
That is, when the USB plug 31 of the memory unit 6 is inserted into the USB connector of the USB interface of the computer 10, the OS (Operating System) executed by the computer 10 uses the same external storage device as the normal USB memory device. Recognize as and assign the drive.
When the OS of the computer 10 is Windows (registered trademark) XP, for example, a drive corresponding to the memory unit 6 is allocated in a folder of My Computer.
When the user double-clicks the icon assigned to the drive of the memory unit 6 based on the screen displayed on the display of the computer 10, the microcomputer 43 of the memory unit 6 performs user authentication processing. An example of the user authentication process is a mode in which the user inputs an ID and password, and the microcomputer 43 determines whether the input ID and password match data registered in advance.

  The microcomputer 43 executes the initial operation shown in FIG. 3 when the result of the user authentication process is OK (when it is determined that the user is a valid user).

  Step S11: The microcomputer 43 performs encryption key integrity check processing, which will be described in detail later.

Step S12: The microcomputer 43 performs a file monitoring process to be described in detail later.
Step S13: The microcomputer 43 determines whether or not there is an end instruction. And a process is complete | finished by affirmation determination. On the other hand, if a negative determination is made, the process proceeds to step S14.
Step S14: The microcomputer 43 determines whether or not a predetermined time has elapsed. If the determination is affirmative, the process returns to step S11. If the determination is negative, the processes in and after step S13 are repeated.

[Encryption Key Consistency Check Process (Step S11 in FIG. 3)]
FIG. 4 is a flowchart for explaining the encryption key integrity check process in step S11 shown in FIG.
Step S21: The microcomputer 43 determines whether or not all the files stored in the flash memory 35 have been checked. And the microcomputer 43 complete | finishes the process of step S11 by affirmation determination, and progresses to step S22 by negative determination.

Step S22: The microcomputer 43 selects one unchecked file from the files stored in the flash memory 35.
Step S23: The microcomputer 43 checks the consistency of the encryption key of the file selected in step S22. This is because the encryption key described in the header of the file stored in the flash memory 35 is the same as the encryption key corresponding to the selected file described in the file management information. It is to check whether or not.
The encryption key is normally updated each time a file is read or written, and is also stored (saved) in file management information in the microcomputer 43. When a file stored in the flash memory 35 of the memory unit 6 is illegally read out by another device in the same process as the microcomputer 43, this encryption key is updated, and the legitimate microcomputer 43 It becomes inconsistent with the encryption key stored as file management information. In step S23, it is checked whether or not the encryption keys match.

  Step S24: If the microcomputer 43 determines in the check in step S23 that the encryption keys are not matched, that is, if they are mismatched, the microcomputer 43 proceeds to S25, whereas if it is determined that they are matched. Advances to step S26.

Step S25: The microcomputer 43 deletes the file whose encryption key is determined to be inconsistent in step S24. This process will be described in detail later.
Step S26: The microcomputer 43 records the check result history of step S23.

[Deleting Process (Step S25 in FIG. 4)]
FIG. 5 is a flowchart for explaining the deletion process in step S25 shown in FIG.
Step S31: The microcomputer 43 acquires the file length from the header information of the file determined to be inconsistent in step S24 shown in FIG.

Step S32: The microcomputer 43 overwrites all information areas of the file with NULL data according to the file length.
Step S33: The microcomputer 43 overwrites the header of the file with NULL data.
Step S34: The microcomputer 43 deletes the file management information of the file.

[File monitoring process (S12)]
FIG. 6 is a flowchart for explaining the file monitoring process in step S12 shown in FIG.
Step S41: The microcomputer 43 determines whether or not all the files stored in the flash memory 35 have been checked. And the microcomputer 43 complete | finishes execution of a process by affirmation determination, and progresses to S42 by negative determination.

Step S42: The microcomputer 43 selects one unchecked file from the files stored in the flash memory 35.
Step S43: The microcomputer 43 determines whether or not the file selected in step S42 has a time limit set. This is to determine whether or not a decryption permission period, a decryption permission deadline, a decryption permission number, etc. are set as decryption conditions that are part of the file management information stored in the flash memory of the microcomputer 43. Is. If the determination is affirmative, the microcomputer 43 proceeds to step S44. If the determination is negative, the microcomputer 43 returns to step S41.

Step S44: The microcomputer 43 determines whether or not the file selected in step S42 has expired or the number of times of use has exceeded the number of times permitted for decryption. This is performed by comparing the decryption permission period, the decryption permission deadline, the decryption permission number, etc., set as the decryption conditions, with the timing information of the timer 39 shown in FIG. If the determination is affirmative, the microcomputer 43 proceeds to step S45. If the determination is negative, the microcomputer 43 returns to step S41.
Step S45: The microcomputer 43 determines whether or not the file is designated to be deleted when the file is expired. This is to determine whether or not the file management information is set to be deleted in the case of expiration. If the determination is affirmative, the process proceeds to step S46, and if not, the process proceeds to step S47.

Step S46: The microcomputer 43 deletes the file selected in step S42. The deletion process is performed, for example, according to the procedure shown in FIG.
Step S47: The microcomputer 43 performs invalidation processing for the file selected in step S42. An example of the invalidation process is a process that makes the file unusable.

  Step S48: The microcomputer 43 records a history of a series of check processing results.

[File management processing]
The file management process is performed on the condition that, for example, the user designates the icon of the memory unit 6 assigned to the drive by double-clicking, and the user is authenticated.
FIG. 7 is a flowchart for explaining file management processing performed by the memory unit 6.
Step S51: The microcomputer 43 displays a file management screen on the display 22 of the computer 10 shown in FIG. A list of files stored in the flash memory 35 shown in FIG. 2 is displayed on the file management screen.

Step S52: The microcomputer 43 acquires information indicating which file is selected from the file list displayed on the file management screen by operating the operation unit 23 shown in FIG.
Step S53: The microcomputer 43 calls an application corresponding to the file selected in step S52 and opens the file. At this time, the microcomputer 43 decrypts the file read from the flash memory 35 with the corresponding encryption key.

Step S54: The microcomputer 43 causes the random number generator 37 to generate a new random number, and generates an encryption key based on the random number.
Step S55: The microcomputer 43 monitors the update status of the file until the application that opened the file ends.
Step S56: The microcomputer 43 determines whether or not the file has been updated when the use of the file is terminated. If the determination is affirmative, the microcomputer 43 proceeds to step S57. On the other hand, if a negative determination is made, the process proceeds to step S58.

Step S57: The microcomputer 43 encrypts the updated file with the encryption key newly generated in Step S54 and writes it in the flash memory 35.
Step S58: The microcomputer 43 updates the file management information.
Step S59: The microcomputer 43 records the above-described processing history.

The file management process has been described as being executed by the memory unit 6. However, the present invention is not particularly limited to this mode, and may be executed by the computer 10 to which the memory unit 6 is attached.
That is, the computer 10 to which the memory unit 6 is attached displays the file management screen on its own display.
When the user selects a file from the file list displayed on the file management screen, the computer 10 calls an application corresponding to the selected file and opens the selected file. At this time, the microcomputer 43 of the memory unit 6 decrypts the file read from the flash memory 35 with the corresponding encryption key.

Then, the computer 10 causes the memory unit 6 to generate a new random number using the random number generator 37 and generate an encryption key based on the random number.
Then, the computer 10 monitors the update status of the file until the application that opened the file ends. Then, if the file is updated when the file usage is terminated, the computer 10 causes the memory unit 6 to encrypt the updated file with the newly generated encryption key and write it to the flash memory 35. .
Further, the computer 10 causes the memory unit 6 to update the file management information and record the history of processing so far.

[File read operation]
FIG. 8 is a flowchart for explaining a file read operation performed by the memory unit 6.
Step S71: The microcomputer 43 shown in FIG. 2 decrypts the designated file with the encryption key stored in the file management information.
Step S72: The microcomputer 43 displays the file decrypted in Step S71 on the computer 10 via the USB controller 33 and the USB plug 31.

Step S73: The microcomputer 43 generates a new encryption key based on the new random number generated by the random number generator 37.
Step S74: The microcomputer 43 re-encrypts the data decrypted in step S71 based on the encryption key generated in step S73 and writes it in the flash memory 35.
Step S75: The microcomputer 43 updates the file management information including the encryption key generated at step S73.
Step S76: The microcomputer 43 records the update history.

[File write operation]
FIG. 9 is a flowchart for explaining a file write operation performed by the memory unit 6.
Step S101: The microcomputer 43 inputs a file to be written from the computer 10 via the USB plug 31.

Step S102: The microcomputer 43 generates a new encryption key based on the new random number generated by the random number generator 37.
Step S103: The microcomputer 43 encrypts the file input in step S101 based on the encryption key generated in step S102 and writes it in the flash memory 35.
Step S104: The microcomputer 43 registers file management information including the encryption key generated in step S103.
Step S105: The microcomputer 43 records a history.

  As the encryption method used in the present embodiment, any known method such as scramble can be adopted. Alternatively, an encryption method may be selected at random from a plurality of encryption methods using a random number every time encryption is performed, and encryption may be performed using an encryption key generated using the random number. In this case, the encryption method is also recorded in the file management information.

As described above, in the memory unit 6, the encryption key is changed every time the file (data) stored in the flash memory 35 is used, so that the security can be improved.
In addition, when the base of the encryption key is a natural random number, unlike a pseudo-random number created by an expression, it cannot be predicted. Random numbers can be generated at high speed because operations such as calculation and duplication inspection are not required.
In addition, since the memory unit 6 periodically checks the consistency of the encryption key, information leakage due to unauthorized analysis can be prevented.

In addition, since the memory unit 6 stores data in a secure module outside the computer 10 instead of in the computer 10, it is possible to provide a powerful data protection function for data files.
Further, in the memory unit 6, even if only the memory unit is lost or stolen, the data cannot be decrypted without the corresponding encryption key, so that the risk of data leakage is low.
Further, the memory unit 6 can set a plurality of types of authentication necessity, decryption conditions such as deletion conditions, expiration dates, and the like. The protection function can be set arbitrarily according to the needs.

Second Embodiment
The present embodiment is characterized in that the memory unit has a biometric authentication function.
That is, as shown in FIG. 10, the memory unit 606 includes a USB plug 31, a USB controller 33, a flash memory controller 34, a flash memory 35, a random number generator 37, a timer 39, a battery 41, a microcomputer 643, and a biometric authentication unit 602. Have In FIG. 10, the functions of the constituent elements having the same reference numerals as those in FIG. 2 are basically the same as those described in the first embodiment.

For example, the biometric authentication unit 602 acquires biometric data using a biometric sensor based on an instruction from the microcomputer 643, and outputs the biometric data to the microcomputer 643. Then, the microcomputer 643 collates the biometric data acquired from the biometric authentication unit 602 with biometric data registered in advance in storage means such as the flash memory of the microcomputer 643 or the flash memory 35, and outputs an authentication result.
In addition, as a biological body to authenticate, a fingerprint, a blood vessel pattern, an eye glow pattern, etc. can be illustrated, for example. Further, only one user may be registered as the biometric data, or a plurality of users may be registered.

11 and 12 are external perspective views of the memory unit 606 according to the present embodiment.
The memory housing 57 houses therein the USB controller 33, the flash memory controller 34, the flash memory 35, the random number generator 37, the timer 39, the battery 41 and the microcomputer 43, and the biometric authentication unit 602 shown in FIG. The USB plug 31 constituting the interface is projected outside the housing.
A protection unit (protection means) 50 is provided outside the memory casing 57. The protection part 50 is provided with storage lids 51a and 51b at one end, and the other end is open. The housing lids 51a and 51b are provided so as to be rotatable around the shafts 53a and 53b, respectively, in a state of being biased in the rotational direction for closing the lid.
The protection unit 50 can slide outside the memory casing 57 between a first position that covers the USB plug 31 and a second position that does not cover the USB plug 31.
FIG. 12 shows an external perspective view of the state in which the protection unit 50 is located at the first position. In this state, the housing lids 51a and 51b are closed by the urging force, and the USB plug 31 is closed. Is covered by the protection means 50.
FIG. 11 shows an external perspective view of the state in which the protection unit 50 is located at the second position. In this state, the USB plug 31 and the memory housing 57 are pressed against the urging force. The storage lids 51 a and 51 b are opened, and the open state is held by the upper / lower surfaces of the memory casing 57, and the USB plug 31 is not covered by the protection means 50.

  In addition, on the outside of the memory casing 57, the user can easily slide the protection unit 50 with respect to the memory casing 57, or the user can easily slide the memory casing 57 with respect to the protection unit 50. An operation unit 55 is provided. A slide hole 50b is formed on the side surface 50a of the protection unit 50 corresponding to the operation unit 55 so that the operation unit 55 protrudes from the protection unit 50 and is slidable.

The biometric authentication unit 602 includes a sensing unit 602a, and acquires biometric data by the sensing unit 602a. As shown in FIG. 11, the sensing unit 602 a is exposed to the outside through an opening window (opening) 50 c formed in the protection unit 50 in a state where the USB plug 31 is not covered by the protection unit 50.
On the other hand, as shown in FIG. 12, when the USB plug 31 is covered by the protection unit 50, it is not exposed to the outside. Thereby, when the memory unit 606 is not attached to the computer 10, the sensing unit 602 a can be protected by the protection unit 50.

[Initial operation]
The memory unit 606 executes the following initial operation when a user issues a request to start an application to the computer 10 to which the memory unit is mounted.
That is, when the USB plug 31 of the memory unit 606 shown in FIG. 10 is inserted into the USB connector of the USB interface of the computer 10, the OS (Operating System) executed by the computer 10 replaces the memory unit 606 with a normal USB memory device. Recognize as the same external storage device and assign a drive.
When the OS of the personal computer is Windows (registered trademark) XP, for example, a drive corresponding to the memory unit 606 is allocated in the folder of My Computer.
When the user double-clicks the icon assigned to the drive of the memory unit 606 based on the screen displayed on the display of the computer 10, the microcomputer 643 of the memory unit 606 performs an initial operation.

FIG. 13 is a flowchart for explaining an initial operation executed by the memory unit 606.
Step S201: The microcomputer 643 determines whether or not to start a biometric (for example, fingerprint) authentication process. If the determination is affirmative, the process proceeds to step S202. If the determination is negative, the process ends.
When execution of the initial operation is started, the processing circuit 26 of the computer 10 displays a biometric authentication screen on which icons of “start biometric authentication” and “cancel” are displayed on the display 22. When the user double-clicks the “start biometric authentication” icon, the microcomputer 643 determines that the biometric authentication process should be started. On the other hand, when the user double-clicks the “cancel” icon, the microcomputer 643 determines that the biometric authentication process should not be started, and the process ends.

Step S202: The microcomputer 643 executes a biometric authentication process described in detail later.
Step S203: The microcomputer 643 determines whether or not biometric authentication is successful as a result of the biometric authentication process performed in step S202. If the determination is affirmative, the microcomputer 643 proceeds to step S204. If the determination is negative, the microcomputer 643 performs the process. finish.
Step S204: The microcomputer 643 executes a file management process described in detail later.

[File Management Process (Step S204)]
FIG. 14 is a flowchart for explaining the file management processing in step S204 shown in FIG.
Step S211: The microcomputer 643 displays the file management screen on the display of the computer 10 to which the memory unit 606 is attached. A list of files stored in the flash memory 35 is displayed on the file management screen.

Step S212: The user operates the operation unit 23 to acquire information indicating which file the user selects from the file list displayed on the file management screen.
Step S213: The microcomputer 643 determines whether or not biometric authentication is necessary to use (read out) the file selected by the user in step S212. If the determination is affirmative, the process proceeds to S214. If the determination is negative, the process proceeds to step S216.

Step S214: The microcomputer 643 executes a biometric authentication process that will be described in detail later. .
Step S215: The microcomputer 643 determines whether or not the result of the biometric authentication process performed in step S214 is biometric authentication OK. If the determination is affirmative, the process proceeds to step S216. On the other hand, if a negative determination is made, the process ends.

  Step S216: The microcomputer 643 calls an application corresponding to the file selected by the user in Step S212 and opens the file. At this time, the microcomputer 643 decrypts the file read from the flash memory 35 with the corresponding encryption key.

Step S217: The microcomputer 643 causes the random number generator 37 to generate a new random number, and generates an encryption key based on the random number.
Step S218: The microcomputer 643 monitors the update status of the file until the application that opened the file ends.
Step S219: The microcomputer 643 determines whether or not the file has been updated when the use of the file is terminated. If the determination is affirmative, the microcomputer 643 proceeds to step S220. On the other hand, if the determination is negative, the process proceeds to step S221.

Step S220: The microcomputer 643 encrypts the updated file with the encryption key newly generated in step S217 and writes it in the flash memory 35.
Step S221: The microcomputer 643 updates the file management information.
Step S222: The microcomputer 643 records the history of the processing described above.

[Biometric authentication processing (steps S202, S214)]
FIG. 15 is a flowchart for explaining biometric authentication processing such as steps S202 and S214 shown in FIGS.
Step S231: The microcomputer 643 requests biometric (for example, fingerprint) authentication from the user.
At this time, the microcomputer 643 issues a predetermined request to the computer 10 to which the memory unit is mounted, and displays an image corresponding to the request on the display.
Step S232: The microcomputer 643 determines whether or not the biometric data obtained by the biometric authentication unit 602 in response to the request in step S231 matches biometric data registered in advance. The microcomputer 643 proceeds to step S233 if the determination is affirmative, and proceeds to step S234 if the determination is negative.

  Step S233: Since the biometric data obtained by the biometric authentication unit 602 matches the biometric data registered in advance, the microcomputer 643 terminates the process assuming that biometric authentication is OK.

Step S234: The microcomputer 643 determines whether or not the processing of step S232 has been performed within the specified number of times, and proceeds to step S235 if the determination is affirmative, and proceeds to step S236 if the determination is negative.
Step S235: The microcomputer 643 displays authentication failure, requests re-authentication, and returns to step S232.

Step S236: The microcomputer 643 determines whether or not countermeasures against unauthorized use are set. As measures against unauthorized use, measures such as deleting data stored in the flash memory 35 when a person other than a legitimate user whose biometric data is registered try to use it are set. In addition, whether or not countermeasures against unauthorized use are set is included in the file management information. Further, the countermeasure against unauthorized use may be set for the flash memory 35 as one unit, or may be set for each folder or file provided in the flash memory 35.
If the determination is affirmative in this step, the process proceeds to step S237. If the determination is negative, the process proceeds to step S241.
Step S237: The microcomputer 643 determines whether or not deletion designation is set. If the determination is affirmative, the process proceeds to step S238. On the other hand, if a negative determination is made, the process proceeds to step S239.
Step S238: The microcomputer 643 performs a process of deleting the file stored in the flash memory 35.

Step S239: The microcomputer 643 performs a process of invalidating the file stored in the flash memory 35.
Step S240: The microcomputer 643 records a history.
Step S241: The microcomputer 643 ends the process as biometric authentication / NG.

Thus, in the present embodiment, the microcomputer 643 that executes biometric authentication processing forms a biometric authentication unit in cooperation with the biometric authentication unit 602.
The microcomputer 643 performs the same operations as those of the microcomputer 43 described in the first embodiment, except for the operations described in the present embodiment.

As described above, according to the memory unit 606 of the present embodiment, since user authentication is performed by biometric authentication instead of password, the user does not need to remember the password. In addition, unauthorized use due to password leakage can be eliminated.
The memory unit 606 can also obtain the same effects as the memory unit 6 of the first embodiment.

The present invention is not limited to the embodiment described above.
That is, those skilled in the art may make various modifications, combinations, subcombinations, and alternatives regarding the components of the above-described embodiments within the technical scope of the present invention or an equivalent scope thereof.
For example, as described above, whether or not the data stored in the flash memory 35 has been read or falsified is verified by using the encryption key associated with the file and the encryption key stored in the file management information. A method other than matching may be used.

  In the embodiment described above, the flash memory 35 is exemplified as the memory in the present invention. However, other recording media such as a semiconductor memory other than the flash memory 35, an optical disk, and an HDD (Hard Disk Drive) may be used.

In the above-described embodiment, the microcomputer 43, 643 has exemplified the case where the encryption function, the decryption function, and the control function are realized. However, these functions may be realized by a plurality of circuits.
In the above-described embodiment, the case where data input / output between the computer 10 and the memory units 6 and 606 is performed by the USB method is exemplified, but a protocol of other methods may be adopted.

In the above-described embodiment, as illustrated in FIGS. 2 and 10, the case where the memory units 6 and 606 include the timer 39 and the battery 41 is illustrated. However, when the expiration handling process illustrated in FIG. 6 is not performed. May not have these built-in.
In the above-described embodiment, a personal computer is exemplified as the computer 10, but an electronic device other than the personal computer may be used.

  The present invention is applicable to a memory that is detachably connected to a computer or the like.

It is a figure for demonstrating the computer with which the memory unit concerning embodiment of this invention is mounted | worn. It is a block diagram of the memory unit concerning 1st Embodiment of this invention. It is a flowchart for demonstrating the initial operation | movement of a microcomputer. It is a flowchart for demonstrating the consistency check process of an encryption key. It is a flowchart for demonstrating a deletion process. It is a flowchart for demonstrating a file monitoring process. It is a flowchart for demonstrating the file management process which the memory unit which concerns on 1st Embodiment performs. It is a flowchart for demonstrating file read-out operation | movement. It is a flowchart for demonstrating file write-in operation | movement. It is a block diagram of the memory unit of 2nd Embodiment of this invention. It is an external view of a memory unit when a protection part is located in a 2nd position. It is an external view of a memory unit when a protection part is located in the 1st position. It is a flowchart for demonstrating the initial operation | movement of a microcomputer. It is a flowchart for demonstrating the file management process which the memory unit which concerns on 2nd Embodiment performs. It is a flowchart for demonstrating a biometrics authentication process.

Explanation of symbols

  6, 606 ... Memory unit, 10 ... Computer, 21 ... USB interface, 22 ... Display, 23 ... Operation unit, 24 ... Memory, 25 ... Network interface, 31 ... USB plug, 33 ... USB controller, 34 ... Flash memory controller, 35 ... Flash memory, 37 ... Random number generator, 39 ... Timer, 41 ... Battery, 43, 643 ... Microcomputer, 50 ... Protection part, 50c ... Opening window, 51a, 51b ... Housing lid

Claims (11)

An interface for inputting and outputting data to and from a computer;
A memory for storing data;
Random number generating means for generating a random number;
An encryption / decryption means comprising an encryption function for encrypting data with an encryption key generated based on a random number generated by the random number generation means, and a decryption function for decrypting data;
Write operation in which the data input via the interface is encrypted by the encryption / decryption means and written to the memory, and the encrypted data read from the memory is decrypted by the encryption / decryption means Control means for performing a read operation that is output via the interface after being performed,
Portable memory with   The control means encrypts the data subjected to the read operation with the encryption / decryption means based on a new encryption key generated using a newly generated random number, and then writes the data to the memory. Item 2. The portable memory according to item 1.   The portable memory according to claim 1, wherein the control unit further includes an illegal reading determination unit that determines whether or not the data stored in the memory is illegally read. The control means stores the encryption key in a storage means other than the memory, stores the encryption key in the memory in association with data encrypted using the encryption key,
The unauthorized reading discrimination means
4. The portable memory according to claim 3, wherein the encryption key stored in the storage means and the encryption key stored in the memory are compared to determine whether or not the data has been read illegally.   The portable memory according to claim 3 or 4, wherein the control unit deletes data determined by the unauthorized reading determination unit as being illegally read from the memory.   When the control means determines that the data is unusable based on the decryption condition associated with the data stored in the memory, the control means designates deletion when the data is unusable The portable memory according to any one of claims 1 to 5, wherein the data is deleted on condition that the data is stored. A biometric authentication means for performing biometric authentication;
The portable memory according to claim 1, wherein the control unit controls access to the memory based on a result of biometric authentication by the biometric authentication unit.   8. The control unit according to claim 7, wherein the control unit erases data stored in the memory based on a predetermined condition when the number of negative determinations exceeds a specified number in the biometric authentication process by the biometric authentication unit. Portable memory. A housing that houses the memory, the encryption / decryption means, and the control means, and projects a plug that constitutes the interface;
Protection means for sliding outside the housing between a first position covering the plug and a second position not covering the plug;
The portable memory according to claim 1, comprising: The biometric authentication means has a sensor unit for sensing biometric data,
The portable memory according to claim 9, wherein the protection unit is formed with an opening that exposes the sensor unit to the outside when the protection unit is located at the second position.   The portable memory according to claim 1, wherein the random number generator generates a natural random number using a radiation source.

Images