JP2008311726A - Information recorder, and authentication method thereof - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a means of establishing mutual authentication with a host device or the like safely and conveniently inexpensively in an information recorder for encrypted communication on a wireless interface. <P>SOLUTION: The information recorder 100 is provided with: a wireless interface circuit 102; data storage parts 106 to 111 capable of reading or writing data; an encoder/decoder 105 for transmitting data read from the data storage parts through the wireless interface circuit 102 while encrypting them and/or writing the encrypted data received through the wireless interface circuit 102 into the data storage parts while decoding the data; and an acceleration/posture sensor 114 for detecting the posture or the movement of the information recorder 100. On the basis of the acceleration detection result by the acceleration/posture sensor 114, a cryptographic key of the encoder/decoder 105 is generated and encoding/decoding operation is performed by using the cryptographic key. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to an information recording apparatus having a data storage unit, and more particularly to an information recording technique provided with a wireless interface.

  In recent years, an ultra-wideband wireless communication technology called Ultra Wide Band (UWB) has been put into practical use. The specifications of this UWB technology have been established, and international standardization of related technologies is being promoted (Non-Patent Documents 1 and 2). Furthermore, recently, communication standards such as wireless USB and WiNET have been established by combining UWB as a physical layer and Universal Serial Bus (USB) and Internet Protocol (IP) as a logical layer. (See Patent Document 3). In particular, this wireless USB standard is expected to be widely used in the future as a replacement for wired USB that connects a mass storage device such as a hard disk drive device to a host device (for example, a personal computer).

  However, in UWB, there is a possibility of security problems due to the nature of wireless communication. Therefore, in Wireless USB, as described in detail in Chapter 18, “Security” of Non-Patent Document 1, or Chapter 6, “WIRELESS USB SECURITY” of Non-Patent Document 2, Advanced using a 128-bit key. Data encryption using the Encryption Standard (AES) method (Non-Patent Document 4) is implemented, thereby avoiding the risk of data being intercepted or stolen. This AES method requires mutual authentication between devices prior to encrypted communication, and wireless USB defines two types of key exchange methods. In other words, the “Numeric Model” method, in which the numerical value displayed on the display on the target device (storage device, etc.) side is input to the host device, and the host device and the target device are connected with a USB cable, This is the "Cable Model" method that uses the first key exchange (first prior art).

  In addition, as a technology for performing mutual authentication between devices equipped with a wireless interface and ensuring the confidentiality of communication contents, in Patent Document 1, it is detected that a button provided on an information device is pressed, The control unit generates a unique group connection ID according to the timing and number of times, and realizes grouping registration of multiple devices at the same time using various information such as light and sound changes, vibration, wind power, temperature, speed and images In addition, a technique is disclosed in which the generated connection ID is used for mutual use as a common key used in encrypted communication (second conventional technique).

  In addition, as a technique for ensuring the confidentiality of communication contents on a wireless interface, in Patent Document 2, a network system that transmits an access code with a sound wave between a device requesting authentication and a device permitting authentication, A method and apparatus for controlling access to an application is disclosed (third prior art).

Japanese published patent, JP 2001-36638 A Patents published in Japan, Special Publication 2006-528391 European Computer Manufacturer Association; High Rate Ultra Wideband PHY and MAC Standard (ECMA-368) Ed. 1 (12/2005) European Computer Manufacturer Association; MAC-PHY Interface for ECMA-368 (ECMA-369) Ed. 1 (12/2005) Agere, Hewlett-Packard, Intel, Microsoft, NEC, Philips, Samsung; Wireless Universal Serial Bus Specification Rev. 1.0 (5/2005) U.S. Department of Commerce / National Institute of Standards and Technology; Announcing the Advanced Encryption Standards (AES), Federal Information Processing Standards Publication (FIPS PUB) 197 (11/2001) U.S. Department of Commerce / National Institute of Standards and Technology; Data Encryption Standard (DES), Federal Information Processing Standards Publication (FIPS PUB) 46-3 (10/1999)

  However, in the first prior art Numeric Model method, it is necessary to mount a data display means on the target device side, which has a problem in cost of the target device. In addition, in order to obtain strong encryption strength with a sufficient key length, it is necessary to input data with a very large number of digits without errors, which is cumbersome and difficult, so it is particularly convenient for devices that perform frequent associations. Had the above problem.

  In the first prior art Cable Model method, it is necessary to provide a wired USB interface and use a USB cable only for initial authentication. Had.

  Furthermore, in the second prior art, it is necessary to provide means for inputting an operation instruction by the user such as a registration button or a release button in order to start grouping registration, etc. is necessary.

In the third prior art, since the access code is exchanged using sound waves as a medium, it is necessary to consider noise and the cost of the audio input / output set.
An object of the present invention is to provide an information recording apparatus and a mutual authentication method thereof that can solve various problems in the above-described prior art.

  In the present invention, in order to achieve the above object, an information recording apparatus having a wireless function includes a wireless communication unit, a data storage unit capable of reading or writing data, and data extracted from the data storage unit. An encryption unit that transmits through the wireless communication unit, a decryption unit that writes the encrypted data received through the wireless communication unit to the data storage unit while decrypting the data, and an acceleration detection unit that detects the attitude or movement of the device itself Then, the operation control on the encryption unit or the decryption unit is performed according to the acceleration detection result by the acceleration detection unit.

  Preferably, the information recording apparatus includes a key generation unit that generates an encryption key with reference to an acceleration detection result by the acceleration detection unit, and the operation control for the encryption unit is performed by giving the encryption key to the encryption unit. Data is encrypted based on the encryption key.

  Preferably, the information recording apparatus further includes a key generation unit that generates an encryption key with reference to an acceleration detection result by the acceleration detection unit, and the operation control for the decryption unit is performed by giving the encryption key to the decryption unit. Decrypting the encrypted data based on the encryption key.

  In an information recording apparatus using wireless communication with encryption, an effect of reducing apparatus manufacturing cost can be obtained. Further, even when a user with a visual disability is used, the devices can be mutually authenticated, and usability can be improved. Furthermore, there is no need to input multi-digit data with a keyboard, a switch or the like, and it is possible to prevent usability deterioration such as authentication failure due to erroneous input. Furthermore, it is not necessary to use a wired cable only for the initial authentication, and the usability improvement of the information recording apparatus can be expected.

  The best mode of the present invention will be specifically described below with reference to the drawings.

  FIG. 1 is a diagram for explaining a functional configuration example of an information recording apparatus (target apparatus) in the first embodiment. This configuration example and its basic operation are assumed to be common to the information recording apparatuses in the first and second embodiments described below. Also, in this configuration example, a magnetic disk device (Hard Disk Drive, HDD) is assumed as a data storage unit for storing user data, but this is not limited to the form or recording principle of the data storage unit. There are no conditions imposed, and this configuration can also be applied to an information recording apparatus that uses, for example, an optical disk by magneto-optical recording or phase change recording, a semiconductor disk by flash memory, or the like as a data storage unit.

  In the information recording apparatus 100, desired external functions and operations are realized by the processor 104, which is a processing unit, controlling all of its internal function blocks in an integrated manner. In the operation of the processor 104, a control program for performing desired processing from the read-only memory (ROM) 113, which is a storage unit, into the random access memory (RAM) 112 via the data transfer arbitration circuit 103 is provided. The RAM 112 is used as a work area for the operation. The ROM 113 stores an identifier (data) uniquely assigned to the information recording apparatus 100 at the manufacturing stage. The role / function of the acceleration / attitude sensor 114 will be described later.

  A servo pattern (not shown) indicating physical position information on the recording medium is formed on a recording medium (not shown) in the head disk assembly 111 constituting the magnetic disk. This servo pattern is scanned by a reproducing element (not shown) formed on a head slider (not shown) in the head disk assembly 111, and the physical positional relationship between the servo pattern and the reproducing element is measured. Is output as an electrical signal (not shown). This signal is amplified to a predetermined signal intensity by the reproduction amplifier 108 and then input to the head / disk position control circuit 109. Further, the head / disk position control circuit 109 refers to this signal and adjusts the position of the reproducing element on the recording medium through the actuator / motor driver 110. As a result, the processor 104 can specify the target position to the head / disk position control circuit 109, thereby positioning the reproducing element at a desired position on the recording medium. In the same procedure, the processor 104 can position a recording element (not shown) formed in a fixed positional relationship with the reproducing element on the head slider at a desired location on the recording medium. It has become. These positioning operations are widely known in the magnetic disk device technology and will not be described in detail in this specification. Needless to say, all the functional blocks except the wireless interface circuit 102 and the encryption / decryption device 105 in FIG. 1 are the same as the components of a normal magnetic disk device.

  First, when restoring user data (not shown) on the recording medium of the magnetic disk device, the processor 104 positions the reproducing element at a desired position on the recording medium as described above. Next, the recording mark, which is the distribution of the inverted magnetic domains reflecting the user data, is read by the reproducing element, and the reading result is input to the reproducing amplifier 108 as a reproducing signal. The reproduction amplifier 108 amplifies the reproduction signal to a predetermined signal intensity and inputs the amplified signal to the ECC processing / modulation / demodulation circuit 106. The ECC processing / modulation / demodulation circuit 106 performs demodulation, which is the reverse processing of the modulation processing performed at the time of recording, and ECC detection / correction processing for detecting and correcting errors during recording / playback, and the result is an encryption / decryption unit (part) To 105, separating into 64-bit blocks.

  The encryptor / decryptor 105 separately receives a 56-bit encryption key (not shown) from the processor 104 and uses it to encrypt 64-bit plain text user data read from the recording medium, To encrypted user data. The encrypted user data is temporarily stored in the RAM 112 via the data transfer arbitration circuit 103. After that, a predetermined amount of encrypted user data is stored in the RAM 112, and as soon as the wireless interface circuit 102 is ready, the encrypted user data passes through the data transfer arbitration circuit 103 and the wireless interface circuit 102. Then, the data is transmitted from an antenna (not shown) connected to the external interface 101 to a host device (not shown) outside the information recording apparatus 100. The transmitted encrypted user data is decrypted by using a separately prepared encryption key (common key) after being received by the host device, that is, decrypted into plain text and used on the host device side. In the information processing apparatus 100 of the present embodiment, information is exchanged with the outside using only the wireless interface circuit 102 constituting the wireless communication unit.

  Also, when recording user data from the host device on a recording medium in the information recording device 100, plain text user data (not shown) to be recorded using an encryption key prepared in advance by the host device. Is encrypted and transmitted from a wireless interface circuit (not shown) which is a wireless communication unit on the host device side to the space. The transmitted encrypted user data is received by the antenna connected to the external interface 101 of the information recording apparatus 100 and stored in the RAM 112 through the wireless interface circuit 102 and the data transfer arbitration circuit 103. Next, the encrypted user data to be recorded stored in the RAM 112 is input to the encryption / decryption device 105 for each 64-bit block through the data transfer arbitration circuit 103 again. The encryption / decryption device 105 decrypts the encryption using a 56-bit encryption key (encryption key used for encryption in the host device) given separately from the processor 104, and encrypts the 64-bit encryption user.・ Restore the data to 64-bit plain text to be recorded.

  In the present embodiment, the encryption / decryption unit 105, which is an encryption / decryption unit, has been described as a hardware configuration separate from the processor 104. It goes without saying that the encryption / decryption unit 105 may have an encryption unit and a decryption unit configured as separate circuits, or the encryption / decryption unit 105 may have a program configuration executed by the processor 104. In the latter case, this program is stored in the ROM 113, which is a storage unit. In this case, the function of the encryption / decryption unit is built in and executed by the processing unit configured by the processor 104.

  The user data (plaintext data) restored to plaintext is given ECC data (not shown) for error detection and correction by the ECC processing / modulation / demodulation circuit 106, and further subjected to predetermined modulation processing. To the recording driver 107. Further, the recording driver 107 drives the recording element to form a local reversed magnetic domain distribution on the recording medium, thereby recording the user data sent from the host device on the recording medium.

  As described above, the information recording apparatus 100 according to this embodiment does not have an AT Attachment (ATA) interface or a Small Computer System Interface (SCSI) interface that is an interface for connecting a host of a normal magnetic disk device. , Only the wireless interface circuit 102 is provided. In general, in wireless communication, it is difficult to specify the receiver to receive on the transmitter side, so it is necessary to perform encryption in preparation for interception and data theft by the receiver that is not intended by the transmitter side. In order to realize this safely, an interface for inputting an arbitrary encryption key to the encryption / decryption device inside the wireless communication device is required. However, the information recording apparatus 100 according to the present embodiment does not even have an interface for inputting the encryption key, and the encryption key is obtained from the monitoring result by the acceleration / attitude sensor 114 built in the information recording apparatus 100 as described later. Generate. As a result, the encryption key itself or monitor result data for generating the encryption key is not input / output via the external interface of the information recording apparatus 100, and the safety of encryption communication is further enhanced. There is a great merit in terms of manufacturing cost and physical size of the information recording apparatus 100 by reducing the number of physical interfaces.

  In the configuration of the present embodiment, a common key encryption method that uses the same encryption key for encryption and decryption is used as a method for encrypting user data transmitted on a wireless communication path to be described later. . Various algorithms exist as the common key encryption method, but here, it is assumed to be based on the widely known Data Encryption Standard (DES) method. In DES encryption, 64-bit plaintext data is encrypted using a 56-bit common encryption key and converted to 64-bit ciphertext data. When decrypting, the 56-bit common encryption key used for encryption is used to decrypt 64-bit ciphertext data into 64-bit plaintext data. Therefore, as described above, the unit for inputting / outputting data to / from the encryption / decryption device 105 between the ECC processing / modulation / demodulation circuit 106 and the data transfer arbitration circuit 103 is an 8-byte block unit.

  Note that the encryption method that can be used in this embodiment is not limited to the DES method described here, but the Triple DES (T-DES) method in which the DES method is repeated three times, and other common key encryption methods. May be used. Therefore, the encryption key is not limited to a 56-bit length, and an encryption key of any length can be used as required for encryption strength. Furthermore, the encryption key that the processor 104 gives to the encryption / decryption device 105 is once shared with the wireless communication partner in plain text, and the shared encryption key is used for exchanging a secret key separately generated as a public key. The security strength may be increased by realizing the method. Since the detailed specifications of DES and T-DES are disclosed in Non-Patent Document 5, description thereof is omitted here.

  2, 3, 4, and 5 are diagrams for explaining a first operation example of the information recording apparatus of the present embodiment shown in FIG. In the first operation example, a method for realizing mutual authentication by applying the same movement to two information recording devices to be mutually authenticated will be described.

  First, the two information recording devices that want to establish a trust relationship through mutual authentication are shifted to a preparation state for mutual authentication. Here, it is assumed that the two information recording apparatuses to be mutually authenticated are unit A (701) and unit B (702) as shown in FIG. There is also a host device 700 that inputs / outputs user data to / from unit A (701) and unit B (702), and the host device 700 and unit A (701) have a trust relationship through mutual authentication. It is assumed that the establishment has already been completed. “Establishing a trust relationship” here means information that already shares a common key for performing cryptographic communication by the common key cryptosystem and holds the identifier of the other party as a counterpart of the cryptographic communication.

  As shown in FIG. 2, in order to shift the information recording apparatuses 701 and 702 to the mutual authentication preparation state, the user 706 needs to input the fact from the outside. In order to shift the information recording devices 701 and 702 from the normal operation in which user data is input / output to / from the host device 700 to the preparation state for mutual authentication, the installation direction of the information recording devices 701 and 702 is set to normal. When the information recording devices 701 and 702 are turned on in the “inside out” state reversed from the operation state in the gravity direction, the preparation state for mutual authentication is started (200). This can be easily realized by causing the processor 104 to monitor the direction of gravity detected by the acceleration / attitude sensor 114 incorporated in the information recording devices 701 and 702. However, the method for shifting the information recording devices 701 and 702 to the mutual authentication preparation state is not limited to this, and an appropriate method may be selected from the viewpoint of mounting cost and operability. Unit A (701) and Unit B (702), which are information recording devices 100 activated as a mutual authentication preparation state, spin up the recording medium or load a recording head or reproducing head on the recording medium. Without waiting, the operation of each mechanism inside the head disk assembly 111 is stopped.

  Next, each information recording device 100 detects an attitude change of its own casing or an externally applied acceleration using the acceleration / attitude sensor 114 and starts an operation (201) of logging in the RAM 112 over a predetermined period. To do. During this predetermined period, the user 706 who wants to mutually authenticate unit A (701) and unit B (702) and establish a trust relationship between them, unit A (701) and unit B (702) Arbitrary exercise is commonly applied to both bodies (202). For this movement, for example, as shown in Fig. 5, the unit A (701) and the unit B (702) are stacked and held at random, and the unit A (701) and the unit B (702) are stacked. An operation such as tilting can be considered. When a predetermined period elapses (203), the posture change and acceleration data of the self-casing logged during that period is processed by the processor 104 in each information recording device 100, and the feature data is extracted ( 204). The “feature data” here refers to, for example, the number of rotations and rotations of the angular velocity of the casing movement centered on a specific axis within a predetermined period, the number of rotations of the acceleration direction of the casing movement along the specific axis, Although timing etc. can be considered, it is not necessarily the limit.

  Next, the characteristic data is subjected to predetermined conversion by program processing in the processor 104, and finally processed into encryption key data having a length suitable for the encryption / decryption processing of the encryption / decryption device 105 (204). The feature data, which is the output of the acceleration / attitude sensor 114, is essentially an analog measurement value and contains a great deal of information. By converting this and converting it into a sufficiently long encryption key, it is strong enough It is possible to obtain a strong encryption strength. Therefore, it is not necessary to input data having a very large number of digits without error through a keyboard, a switch, or the like, and this implementation improves usability even in the case of a device that performs frequent association. Further, this key data is input from the processor 104 to the encryption / decryption device 105 and used as a key for the common key encryption method in each of the units A and B in the subsequent encrypted communication.

  Next, as shown in FIG. 3, the unit A (701) and the unit B (702) are included in each device under the control of the respective processors 104, together with identifier data uniquely assigned at the device manufacturing stage. Then, message data for requesting mutual authentication and verification data are transmitted to the counterpart unit through the wireless interface circuit 102 (206). At this time, each identifier data and message data of the mutual authentication request are encrypted by a key generated by each unit (205 in FIG. 2).

  If the keys generated by unit A (701) and unit B (702) match, the identifier data sent by unit B (702), the message data of the mutual authentication request, and the verification data are The data is normally decoded inside the unit A (701), and the processor 104 checks the validity of the decoded verification data. If the verification data is determined to be valid as a result of checking by the processor 104, the verification data is added to the list of common encryption keys as a communication partner with which a trust relationship has been established (207).

  In response to this, the unit A (701) proceeds to the mutual authentication establishment process shown in FIG. Conversely, if the keys generated by unit A (701) and unit B (702) do not match, the identifier data sent by unit B (702) and the message data of the mutual authentication request are stored in unit A ( 701) Discarded because it cannot be decrypted properly internally. In order to determine whether or not the decryption was successful, as described above, a hash of an appropriate length generated from the data is stored in the data block before encryption composed of the identifier data and the mutual authentication request message data. It is possible to add verification data such as value, Cyclic Redundancy Check data, check sum data, etc. on the sending unit side, and judge whether these verification data can be normally restored on the receiving unit side It is.

  Now, in FIG. 4, when unit A (701) shifts to the mutual authentication establishment process, unit A (701) next establishes a trust relationship with its own unit 700 or other host device. For the information recording device 703, the unique identifier given at the manufacturing stage and the common encryption key pair used between the counterpart devices are shared between unit A (701) and unit B (702) first. Encrypt using the same key that was created (208) and send it to unit B (702) (209). The unit B (702) decrypts the list 210 of the pair of the common encryption key at the time of this identifier and communication, and if the contents are valid, stores them in the RAM 112 in its own device.

  Similarly, when the unit B (702) moves to the mutual authentication establishment process, the unit B (702) next establishes a trust relationship with its own unit 704 or other information recording device 705. For the same identifier that was previously shared between Unit A (701) and Unit B (702), the unique encryption key pair used in the manufacturing stage and the common encryption key pair used between the other device It is encrypted using the key (211) and sent to unit A (701) (212). The unit A (701) decrypts the list 210 of common identifier key pairs at the time of communication with this identifier (213), and if it is valid, stores it in the RAM 112 (214). Furthermore, unit A (701) is used between unit B's identifier and unit B if it can communicate with host device 700 or other information recording device 703 that has already established a trust relationship. The encrypted key pair 216 is encrypted using a key used with another device and transmitted (215).

  As a result of the above series of operations, if it can be determined that the information recording device units A (701) and Unit B (702) that were in the mutual authentication state have performed a common movement between them, they are common with the counterpart device. It is possible to share a key necessary for encryption communication by the key method and the identifier of the other party, and to establish a trust relationship. At the same time, unit B (702), in addition to the identifiers related to host device 700 and information recording device 703 that have already established a trust relationship with unit A (701), performs encrypted communication with these devices. It is possible to obtain an encryption key necessary for performing the above. Also, an identifier relating to unit B (702) and an encryption key necessary for performing cryptographic communication with unit B (702) are distributed to these devices, and there is mutual trust between these devices. Can be established. As a result, unit B (702) participates in a communication group consisting of unit A (701) and its encrypted communication partner, and directly inputs and outputs user data through encrypted communication with the member devices constituting the unit. Is possible.

  As described above, by operating the information recording apparatus having the configuration shown in FIG. 1 according to this operation procedure example, it is not necessary to mount data display means on the encrypted wireless communication partner side of the host apparatus or the target apparatus. Cost can be reduced. In addition, even for users who are visually impaired, it is not necessary to recognize the display contents on the data display means, so that it is possible to mutually authenticate the information devices. Even in order to obtain strong encryption strength with a sufficient key length, it is not necessary to input data with a very large number of digits without error through a keyboard, switch, etc., especially in the case of a device that performs frequent associations. The usability is improved.

  Further, it is not necessary to use a wired communication path only for the initial authentication, and the problem of cost of the host device and the target device and the problem of usability by the user are solved.

  Furthermore, if an acceleration sensor that is often mounted on a magnetic disk device in recent years can be used, an operation instruction by a user such as a registration button or a release button is issued in order to start grouping registration or to cancel grouping registration. There is no need to provide a means for inputting, and the cost of the information recording apparatus can be reduced.

  Furthermore, since the access code and the encryption key itself are not exchanged using sound waves as a medium, there is no problem that authentication is unstable or impossible even in a place where noise exists. In addition, the interception of sound waves can eliminate the risk of impersonation by a malicious third party.

  In addition, it is not necessary to provide an audio output unit in an information recording apparatus having a precise positioning mechanism such as a magnetic disk device or an optical disk device, and as a result, the vibration caused by the audio output unit interferes with the positioning mechanism and adversely affects positioning accuracy. There is no risk of hindering the operation of the information recording apparatus.

  Furthermore, there is no need to mechanically dump between the audio output unit and the positioning mechanism in order to prevent this, which is advantageous in terms of the size, weight, cost, etc. of the set. Furthermore, if the audio input / output unit is not used for other functions of the set, it is not necessary to provide the audio input / output unit only for the purpose of access code exchange, which increases the cost of the set and the physical size of the set. The problem of expansion can be avoided.

  6, 7 and 8 are diagrams showing an operation example of the information recording apparatus (target apparatus) according to the second embodiment. Also in this embodiment, as described above, FIG. 1 is assumed for the structure of the information recording apparatus. In the present embodiment, as shown in FIG. 8, the user instructs the information recording device 801 to move between the host device 800 as the information terminal device to be mutually authenticated and the information recording device 801. It is a method of realizing mutual authentication by adding to Although a specific configuration example of the host device 800 is not particularly shown here, a general man-machine interface such as a keyboard, a mouse, a button, a sound input, a display, and a sound output is described in this embodiment. And an information terminal device such as a computer device having a wireless communication unit.

  First, the user 803 shifts the host device 800 and the information recording device 801, whose trust relationship is to be established through mutual authentication, to a preparation state for mutual authentication. In order to shift the host device 800 to the preparation state for mutual authentication, the user 803 needs to input the fact from the outside. Since the host device 800 is generally a device that is directly or indirectly operated by a user to generate and process data and input / output information to / from the user 803, the user 803 receives instructions and information. It is considered that an input man-machine interface for input and an output man-machine interface for outputting information to the user 803 are provided.

  Therefore, in order to shift the host device 800 to the mutual authentication preparation state, the user 803 may give a predetermined operation instruction through the input man-machine interface. In addition, in order to shift the information recording device 801 from the normal operation mode in which user data is input / output to / from the host device 800 to the preparation state for mutual authentication, the installation direction of the information recording device 800 is changed as in the first embodiment. It can be realized by turning on the power of the information recording device 800 in the “inside-out” state that is reversed from the normal operation state in the direction of gravity (300). However, the method for shifting the information recording device 800 to the preparation state for mutual authentication is not limited to this, and as described above, an appropriate method may be selected from the viewpoint of mounting cost and operability. The information recording device 800 activated as a preparation state for mutual authentication (that is, the information recording device 100) does not spin up the recording medium or loads a recording head or reproducing head on the recording medium. It is the same as in the first embodiment to stand by in a state where each mechanism inside the assembly 111 is stopped.

  As shown in FIGS. 6 and 7, as in the first embodiment, the information recording apparatus 100 detects the change in posture of its own casing or the acceleration applied from the outside using the acceleration / posture sensor 114, and performs predetermined processing. The operation of logging into the RAM 112 is started over a period of (301). On the other hand, the host device 800 internally generates encryption key data to be used for encryption communication with the information recording device 801. Next, the host device 800 describes the content of the exercise that the user 803 should add to the information recording device 801 so that the previously generated encryption key data is obtained as a result of converting the logging result in the information recording device 801 into key data. The user 803 is instructed through the output man-machine interface (display device 802 in this embodiment). During this predetermined period, the user 803 who wants to mutually authenticate the host device 800 and the information recording device 801 and establish a trust relationship between them is instructed by a man-machine interface (display device 802) connected to the host device. According to the contents, a motion such as tilting or shaking is applied to the information recording device 801 (302).

  In the present embodiment, an example in which the display device 802 is used as a man-machine interface for information output is given, but particularly when the host device 800 has an audio output interface (not shown), By giving a motion instruction to the user 803 through this, it becomes possible for a user with visual disabilities to mutually authenticate the information recording device 801 and the host device 800. Therefore, the type of man-machine interface for information output should be appropriately selected according to the user situation and usage situation such as those using tactile sense in addition to these visual and auditory senses.

  When a predetermined period elapses (303), the attitude change and acceleration data of the self-casing logged during that period is processed by the processor 104 in the information recording device 100 to extract the feature data, and The feature data undergoes a predetermined conversion and is finally processed into key data of a length suitable for the encryption / decryption processing of the encryption / decryption device 105 (304). Since this feature data is essentially an analog measurement value and contains a great deal of information, it can be converted into a sufficiently long encryption key to obtain a sufficiently strong encryption strength. is there. Therefore, it is not necessary to input data having a very large number of digits without error through a keyboard, a switch, or the like, and this implementation improves usability even in the case of a device that performs frequent association. Further, this key data is input from the processor 104 to the encryption / decryption device 105, and is used as a key of the common key encryption method in the subsequent encrypted communication between the information recording device and the host device.

  Next, the information recording apparatus 801 transmits message data for requesting mutual authentication and verification data to the host apparatus 800 through the wireless interface circuit 102 together with identifier data uniquely assigned in the apparatus manufacturing stage. (306). At this time, the identifier data and the message data of the mutual authentication request are encrypted with the key converted from the previous logging result (305). Here, when the keys generated by the host device 800 and the information recording device respectively match, the identifier data sent by the information recording device and the message data of the mutual authentication request are normally decrypted inside the host device, In response to this, the host device 800 proceeds to the next mutual authentication establishment process. Conversely, if the keys generated by the host device 800 and the information recording device 801 do not match, the identifier data sent from the information recording device and the message data of the mutual authentication request are decrypted normally inside the host device. It can't be discarded.

  In order to determine whether or not the decryption was successful, as in the first embodiment, an appropriate length generated from the data is added to the data block before encryption composed of identifier data and mutual authentication request message data. Hash values, Cyclic Redundancy Check data, check sum data, and other verification data are added on the sending unit side, and it is judged whether or not these verification data can be normally restored on the receiving unit side. That's fine.

  Further, when the host device 800 receives the identifier data and the message data of the mutual authentication request from the information recording device 800 and is able to restore it normally, the host device 800 self-identifies the identifier data, the message data of the mutual authentication success and the verification data for them. The data is encrypted with the key data held by and sent back to the information recording device (307, 308). The information recording device decrypts the encrypted data with its own key data (309), and if the verification data is valid, the information recording device establishes the communication partner with which it has a trust relationship. Add information to the list of common encryption key pairs.

  When the host device 800 and the information recording device 801 that have been in the mutual authentication state can determine that the intended movement of the host device has been applied to the information recording device through the above-described series of operations, the common key method is used with the counterpart device. It is possible to share the key and the other party's identifier that are necessary for the encrypted communication according to the above, and to establish a trust relationship.

  As described above, it is necessary to mount the data display means on the encrypted wireless communication partner side of the host device or the target device by operating the information recording device having the configuration shown in FIG. 1 according to the second operation procedure example. The cost of the apparatus can be reduced. Further, it is not necessary to use a wired communication path only for the initial authentication, and the problem of cost of the host device and the target device and the problem of usability by the user are solved.

  Furthermore, if an acceleration sensor that is often mounted on a magnetic disk device in recent years can be used, an operation instruction by a user such as a registration button or a release button is issued in order to start grouping registration or to cancel grouping registration. There is no need to provide a means for inputting, and the cost of the information recording apparatus can be reduced. Furthermore, since important information such as an access code and an encryption key itself is not exchanged through sound waves, there is no problem that authentication is unstable or impossible even in a place where noise exists.

  In addition, since this important information is not output to the outside of the device in plain text or in a form that can be easily intercepted / abused, the risk of spoofing by a malicious third party can be eliminated. Further, as described above, the problem of an increase in the cost of the set and an increase in the physical size of the set can be avoided because no sound wave or the like is used.

The figure which shows the structure of the information recording device in a 1st, 2nd Example. The figure explaining the operation example of the information recording device in a 1st Example. The figure explaining the operation example of the information recording device in a 1st Example. The figure explaining the operation example of the information recording device in a 1st Example. The figure explaining the mutual authentication operation | movement of the information recording device in a 1st Example. The figure explaining the operation example of the information recording device in a 2nd Example. The figure explaining the operation example of the information recording device in a 2nd Example. The figure explaining the mutual authentication operation | movement of the information recording device in a 2nd Example.

Explanation of symbols

  100, 701, 702, 705, 801 ... information recording device, 102 ... wireless interface circuit, 104 ... processor, 105 ... encryption / decryption device, 107 ... recording driver, 108 ... playback amplifier, 109 ... head / disk position control circuit, 110 ... actuator / motor driver, 111 ... head disk assembly, 112 ... RAM, 113 ... ROM, 114 ... acceleration / attitude sensor, 706, 803 ... user, 703, 704, 800 ... host device, 802 ... display device.

Claims (10)

An information recording apparatus for performing wireless communication with encryption,
A wireless communication unit for transmitting and receiving encrypted data;
A data storage unit capable of reading or writing data; and
An encryption unit that encrypts read data read from the data storage unit to form the encrypted data;
A decryption unit for decrypting the encrypted data received through the wireless communication unit;
An information recording apparatus comprising: an acceleration detection unit that detects an attitude or motion of the information recording apparatus; and a processing unit that generates a control signal for the encryption unit and the decryption unit based on a detection result by the acceleration detection unit. The information recording apparatus according to claim 1, wherein
The processor is
Refer to the detection result by the acceleration detection unit, generate an encryption key as the control signal,
The encryption unit is an information recording device that encrypts the read data based on the generated encryption key. The information recording apparatus according to claim 1, wherein
The processor is
Refer to the detection result by the acceleration detection unit, generate an encryption key as the control signal,
The decryption unit is an information recording device for decrypting the encrypted data based on the encryption key. The information recording device according to claim 2,
The encryption unit is
The identifier data uniquely assigned to the information recording device and the verification data for verifying the validity of the identifier data are encrypted based on the encryption key,
The wireless communication unit transmits the encrypted data to an information recording device The information recording device according to claim 3,
The encrypted data received by the wireless communication unit is data obtained by encrypting identifier data of a device that has transmitted the encrypted data, and verification data for verifying validity of the identifier data,
The decoding unit
The received encrypted data is decrypted using the encryption key into plaintext data,
The processor is
An information recording apparatus that verifies the validity of the plaintext data by using the verification data included in the obtained plaintext data. An information recording apparatus authentication method for performing wireless communication,
A wireless communication unit that transmits and receives encrypted data, a data storage unit that can read and write data, and an encryption unit that encrypts data read from the data storage unit as the encrypted data to be transmitted, A decryption unit that decrypts the encrypted data received by the wireless communication unit, an acceleration detection unit that detects the attitude or motion of the device, and the encryption unit and the decryption unit based on a detection result by the acceleration detection unit. Wireless communication is possible between the first and second information recording devices comprising the processing unit for generating the encryption key of
Each of the first information recording apparatus and the second information recording apparatus uses the encryption unit to perform identification data uniquely assigned to the self apparatus and verification data for verifying the validity of the identifier data. Encrypted with the encryption key held by, and as the encrypted data to be transmitted, transmitted to the other party via the wireless communication unit,
Each of the first and second information recording devices received from the other party uses the processing unit to determine the validity of the plaintext data obtained by decrypting the received encrypted data using the encryption key held by itself. Authentication method of information recording device verified by An authentication method for an information recording apparatus according to claim 6,
The verification data is an authentication method for an information recording apparatus, wherein the verification data is generated from a data block including the identifier data and message data of a mutual authentication request. An information recording apparatus authentication method comprising:
A first wireless communication unit; a data storage unit capable of reading or writing data; a first encryption unit for encrypting data read from the data storage unit; and detecting an attitude or movement of the device itself An information recording apparatus comprising: an acceleration detection unit; and a processing unit that generates a first encryption key with reference to an acceleration detection result by the acceleration detection unit and gives the first encryption key to the first encryption unit;
A second wireless communication unit that performs wireless communication with the information recording device; a second decryption unit that decrypts the encrypted data received through the second wireless communication unit with a second encryption key; Using an information terminal device comprising an output interface unit for outputting the operation content for the information recording device,
The information terminal device authentication method for outputting the operation content from the output interface unit so that the information terminal device generates the same encryption key as the second encryption key inside the information recording device. An information recording apparatus authentication method according to claim 8,
An information recording device authentication method, wherein an information visualization device is connected to the output interface unit, and the information terminal device visually transmits the operation content through the information visualization device. An information recording apparatus authentication method according to claim 8,
An information recording device authentication method, wherein an information sounding device is connected to the output interface unit, and the information terminal device audibly transmits the operation content through the information sounding device.

Images