JP2011010170A - Electronic device, and method for preventing unauthorized use thereof - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an electronic device that enforces a preventive function for unauthorized use because of the leakage of the content stored in the external memory such as a memory card or the like, and to provide a method and a program for preventing the unauthorized use.SOLUTION: At least first to third master key distributed information are generated according to a master key, at least first and second password distributed information are generated according to the password, and enciphered distributed information that the first master key distributed information are enciphered based on the password are generated. After they are generated, the second master key distributed information, the first password distributed information and the enciphered distributed information are stored in a storage device. At the same time, the third master key distributed information and the second password distributed information are stored in a freely attachable/detachable memory, and when starting electronic devices, the distributed information are read out from the storage device and the external memory to restore the master key and the password. After storing them, the information are distributed again and the respective distributed information in the storage device and the external memory are updated.

Description

  The present invention relates to an electronic device having an unauthorized use prevention function and an unauthorized use prevention method for an electronic device.

  As a conventional electronic device having an unauthorized use prevention function, a predetermined information (password) is encrypted by using a device encryption key unique to the electronic device to be encrypted information, which is written in a memory card, When the memory card is inserted into the mounting means of the electronic device, the encrypted information recorded on the memory card is read, the encrypted information is decrypted using the device encryption key, and the encrypted information is decrypted. In such a case, some electronic devices are made available (see Patent Document 1). When transferring encrypted information between an electronic device and a memory card, in addition to the device encryption key unique to the electronic device, the card encryption key of the memory card and the electronic device and the memory card are used together to increase security. A common encryption key is used.

Table 2005/085975

  In the above-mentioned conventional electronic device, if the storage contents of the memory card are leaked, the electronic device may be illegally used. Therefore, in order to improve safety, the encryption key must be invalidated promptly. There is. However, even if leakage of the stored contents of the memory card occurs, it takes time until the user notices it, so there is a risk of unauthorized use before the invalidation process is executed.

  Therefore, in the problem to be solved by the present invention, the above-mentioned drawbacks are cited as an example, and an electronic device that has been strengthened in a function to prevent unauthorized use due to leakage of stored contents of an external memory such as a memory card, It is an object of the present invention to provide an unauthorized use prevention method and program.

  An electronic apparatus according to a first aspect of the present invention is an electronic apparatus that encrypts and stores information using a master key, and stores at least first to third master key distribution information according to the master key by a secret sharing method. Master key distribution information generation means for generating, password distribution information generation means for generating at least first and second password distribution information according to a password input by a secret sharing method, and the first to third master key distribution information Is generated, encrypted shared information generating means for generating encrypted shared information by encrypting the first master key shared information based on the password, the first to third master key shared information, the first When the first and second password distribution information and the encrypted distribution information are respectively generated, the second master key distribution information and the second When the password sharing information and the encrypted sharing information are stored, and the first to third master key sharing information and the first and second password sharing information are respectively generated, the third master key External memory control means for storing shared information and the second password shared information in an external memory detachable from the mounting unit, and stored in the storage device when the external memory is mounted in the mounting unit Master key restoration means for restoring the master key according to the second master key distribution information and the third master key distribution information stored in the external memory, and the external memory is attached to the attachment unit When the first password distribution information stored in the storage device and the second password distribution information stored in the external memory Password restoring means for restoring a password, and when the master key is restored by the master key restoring means and the password is restored by the password restoring means, the master key distribution information generating means is a secret sharing method. According to the restored master key, the at least first to third master key sharing information is generated under different conditions from the previous time, and the password sharing information generating unit is configured to perform the secret sharing method according to the restored password. It is characterized in that at least the first and second password distribution information is generated under different conditions from the previous time.

  An unauthorized use prevention method according to an eleventh aspect of the present invention is a method for preventing unauthorized use of an electronic device in which information is encrypted and stored using a master key, and at least a first to a second according to the master key by a secret sharing method. A master key shared information generating step for generating third master key shared information, a password shared information generating step for generating at least first and second password shared information in accordance with a password input by a secret sharing method, and the first When the third master key distribution information is generated, an encrypted distribution information generating step of generating the encrypted distribution information by encrypting the first master key distribution information based on the password; When the master key distribution information, the first and second password distribution information, and the encrypted distribution information are generated, respectively. Storing the second master key distribution information, the first password distribution information, and the encrypted distribution information in a storage device; the first to third master key distribution information and the first and second passwords; When each piece of shared information is generated, the third master key shared information and the second password shared information are stored in an external memory that is detachable from the mounting unit, and the external memory is installed in the mounting unit. A master key restoring step of restoring the master key according to the second master key distribution information stored in the storage device when mounted and the third master key distribution information stored in the external memory; The first password distribution information stored in the storage device and stored in the external memory when the external memory is mounted in the mounting unit A password restoring step for restoring the password according to the second password distribution information, and when the master key is restored in the master key restoring step and the password is restored in the password restoring step The master key distribution information generation step generates the at least first to third master key distribution information according to a master key restored by a secret sharing method under different conditions from the previous time, and the password distribution information generation step includes: According to the secret sharing method, the at least first and second password sharing information is generated under different conditions from the previous time according to the restored password.

  A program according to a twelfth aspect of the invention is a program for preventing unauthorized use of an electronic device that encrypts and stores information using a master key, and at least according to the master key by a secret sharing method. A master key distribution information generation step for generating first to third master key distribution information, and a password distribution information generation step for generating at least first and second password distribution information according to a password input by a secret sharing method; When the first to third master key distribution information is generated, an encrypted distribution information generation step of generating the encrypted distribution information by encrypting the first master key distribution information based on the password; Thru | or 3rd master key distribution | distribution information, said 1st and 2nd password distribution | distribution information, and said encryption component When each piece of information is generated, storing the second master key distribution information, the first password distribution information, and the encrypted distribution information in a storage device; and the first to third master key distribution information And storing each of the third master key distribution information and the second password distribution information in an external memory detachably attached to a mounting unit when the first and second password distribution information is generated, The master key is changed according to the second master key distribution information stored in the storage device and the third master key distribution information stored in the external memory when the external memory is attached to the attachment unit. A master key restoring step for restoring, and the first password distribution information stored in the storage device when the external memory is attached to the attachment unit. A password restoration step for restoring the password in accordance with the second password distribution information stored in the external memory; the master key is restored in the master key restoration step; and the password is restored in the password restoration step. Then, at least the first to third master key distribution information is generated in the master key distribution information generation step according to the restored master key by a secret distribution method under different conditions from the previous time, and the password distribution information And generating at least the first and second password sharing information under a condition different from the previous time in accordance with the restored password by the secret sharing method.

It is a block diagram which shows the 1st Example of this invention. It is a block diagram which shows the structure of the control apparatus in the electronic device of FIG. It is a block diagram which shows the structure of the encryption / decryption part in the control apparatus of FIG. FIG. 3 is a block diagram illustrating a configuration of a distribution / restoration unit in the control device of FIG. 2. It is a figure which shows roughly the production | generation of the distributed information from each of a master key and a password, and the flow of the storage. FIG. 5 is a diagram schematically showing restoration of a master key and a password. It is a figure which shows roughly the decompression | restoration of a master key when there is no memory token at the time of starting of an electronic device. It is a flowchart which shows the main routine of the comprehensive control part in the control apparatus of FIG. It is a flowchart which shows the initialization routine in a main routine. It is a flowchart which shows the password starting routine in a main routine. It is a flowchart which shows the distributed information update routine in a main routine. It is a block diagram which shows the 2nd Example of this invention. It is a figure which shows roughly the production | generation of the shared information from each of the master key A and the password A in the electronic device of FIG. 12, and the flow of the storage. It is a figure which shows the memory content of each memory area of the memory | storage device in the electronic device of FIG. It is a figure which shows the memory content of each memory token in the electronic device of FIG. It is a figure shown about collation of a storage area. FIG. 4 is a diagram schematically showing restoration of a master key A. It is a figure which shows roughly the decoding of the information encrypted with the master key A. It is a figure which shows the decompression | restoration of the password A schematically. It is a figure which shows roughly the decompression | restoration of the master key A when there is no memory token at the time of starting of an electronic device. It is a block diagram which shows the 3rd Example of this invention. It is a figure which shows roughly the production | generation of the shared information from each of the master key A and the password A in the electronic device of FIG. 21, and the flow of the storage. FIG. 22 is a diagram illustrating a management area of a storage device in the electronic device of FIG. 21 and storage contents of each storage area. It is a figure shown about collation of a tag. FIG. 4 is a diagram schematically showing restoration of a master key A. It is a figure which shows roughly the decoding of the information encrypted with the master key A. It is a figure which shows the decompression | restoration of the password A schematically.

  In the electronic device of the invention according to claim 1, the unauthorized use prevention method of the invention of claim 11, and the program of the invention of claim 12, the distributed information stored in the storage device and the external memory is stored in the electronic device. Updated with every use. Therefore, even if the stored content of the regular external memory where the shared information is stored leaks, if the authorized user uses the electronic device, the shared information that is the stored content leaked by updating the shared information is invalidated. It is possible to prevent unauthorized users from using electronic devices.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings.

  FIG. 1 shows the configuration of an electronic apparatus as a first embodiment of the present invention. The electronic device is, for example, an information encryption recording device, and includes a storage device 11, a memory reader / writer 12, an input device 13, a display device 14, and a control device 15.

  The storage device 11 is composed of a hard disk or an optical disk drive, and stores encrypted information as well as distributed information described later. The memory reader / writer 12 is an external memory control means, and has a mounting portion (not shown), and a memory token 16 as an external memory is detachably mounted on the mounting portion. The memory token 16 is, for example, a readable / writable memory card. The input device 13 commands the operation of the electronic device to the control device 15 in accordance with a user operation input. The input device 13 may be an interface for inputting information to be stored. The display device 14 displays a guide screen for operating the input device 13 and the operating state of the electronic apparatus. The control device 15 is connected to the storage device 11, the memory reader / writer 12, the input device 13, and the display device 14 in the electronic device, and controls them.

  As shown in FIG. 2, the control device 15 includes a storage device control unit 21, a memory reader / writer control unit 22, a display device control unit 23, an input device control unit 24, a random number generation unit 25, an encryption / decryption unit 26, a distribution / Restoration unit 27, total control unit 28, and temporary memory 29.

  The storage device control unit 21 controls writing and reading of information including shared information described later to the storage device 11. The memory reader / writer control unit 22 controls writing and reading of information including distributed information to the memory token 16 by the memory reader / writer 12.

  The display device control unit 23 controls the display device 14. The input device control unit 24 controls the input device 13.

  The random number generator 25 generates a random number for a master key and the like which will be described later. The encryption / decryption unit 26 encrypts information used in the electronic apparatus and decrypts the encrypted information. The distribution / restoration unit 27 generates distribution information necessary for distributing and storing information used in the electronic device in the memory token 16 and the storage device 11, and restores the original master key from the distribution information. . The configuration of each of the encryption / decryption unit 26 and the distribution / restoration unit 27 will be described later.

  The overall control unit 28 includes a storage device control unit 21, a memory reader / writer control unit 22, a display device control unit 23, an input device control unit 24, a random number generation unit 25, an encryption / decryption unit 26, a distribution / decoding unit in the control device 15. It is connected to the restoration unit 27 and the temporary memory 29 and controls them.

  The temporary memory 29 is a RAM (random access memory) that temporarily stores information necessary for the control operation during the control operation of the general control unit 28.

  The encryption / decryption unit 26 includes an encryptor 261 and a decryptor 262 as shown in FIG. The encryptor 261 encrypts the information input as the plaintext input using the key input as the key information input and outputs the encrypted information as a ciphertext output. The decryptor 262 decrypts the information input as the ciphertext input using the key input as the key information input, and outputs it as a plaintext output.

  As shown in FIG. 4, the distribution / restoration unit 27 includes a distribution unit 27A including an encoder 271, a verification information generator 272, and a distributed information generator 273, and a recovery unit including an information verifier 274 and a distributed information decoder 275. 27B.

  In the distribution unit 27A, the encoder 271 encodes the input information. The verification information generator 272 generates verification information necessary for verifying the shared information from the input information. The shared information generator 273 generates a plurality of shared information from the verification information and the encoded output of the encoder 271.

  In the restoration unit 27B, the information verifier 274 has a function of verifying whether or not a plurality of pieces of shared information input using the verification information are correct, and eliminating and correcting erroneous shared information. The shared information decoder 275 restores the original information from the correct shared information output from the information verifier 274. As a method of realizing the distribution / restoration unit 27, VSS (Verifiable Secret Sharing) can be cited. A known Feldman or Pedersen can be used as the VSS.

  For example, in Feldman's VSS, distributed information is generated from secret information of a master key and a password using a generator polynomial of the following equation (1).

Here, q is a prime number, and a number larger than both the secret information value and the distributed information number n is selected in advance. Secret substitutes constant term of the generator polynomial, i.e., a _0. The remaining k−1 coefficients a _i (1 ≦ i ≦ k−1) constituting the generator polynomial are arbitrarily selected to satisfy 1 ≦ a _i ≦ q−1 for all a _i . For example, it is selected from random numbers uniformly distributed in the range from 1 to q-1.

The variance information is obtained by assigning a value to the variable x of the generator polynomial. The m-th (1 ≦ m ≦ n) shared information Share _m is

Can be obtained as

In Feldman's VSS, the power residue of each coefficient used in the generator polynomial is generated with verification information. One prime number p satisfying p = βq + 1 (β is a natural number) is determined, and one element included in the subgroup of the prime field Z _p whose order is q is g. Using this g

A set of k values of is used as verification information.

  Verification of shared information is performed by evaluating the following formula. Since the values of the first term and the third term are equal from the generation formula of the shared information, if the first term that can be calculated from the shared information is equal to the second term that can be calculated from the verification information, it is determined that the shared information is correct. Is done.

A value of m assigned to the memory token 16 and the storage device 11 is set in advance in the general control unit 28. For example, the value of m assigned to the memory token 16 is set as m _token , and the value of m assigned to the storage device 11 is set as m _storage so that the shared information Share _token stored in the memory token 16 is

And then, the store distributed information Share _storage in the storage device 11

Can be generated as The values of m _token and m _storage are set using the random number generator 25, and the values are stored in the memory token 16 and the storage device 11 for restoration.

  In an electronic device having such a configuration, a master key and a password are used to prevent unauthorized use. The master key exists only in the electronic device and is not directly output to the outside. The password is specified by an input operation on the input device 13 by the user. The master key and password are stored in the memory token 16 as distributed information and output to the outside. The master key is used as key information of the encryption / decryption unit 26 when encrypting and decrypting information to be stored in the electronic device. When an electronic device is used by a user, the information encrypted in the encryptor 261 with the master key is stored in the storage device 11, and the encrypted information stored in the storage device 11 is stored in the master key. Decoding is performed in the decoder 262.

  FIG. 5 schematically shows the flow of generation and storage of shared information from each of the master key and password. As shown in FIG. 5, the master key is generated as a random number by the random number generator 25. The generated master key is made into three pieces of shared information M1, M2, and M3 (master key shared information) by the distribution unit 27A. At this time, the original master key can be restored if any two or more of these three pieces of shared information M1, M2, and M3 are set by setting numerical values of parameters. On the other hand, when a password is specified by an input operation, the distribution unit 27A converts the two pieces of shared information P1 and P2 (password shared information) according to the password. At this time, the parameter is set so that the original password cannot be restored without both of the shared information P1 and P2.

Parameters include the coefficient in the above formula (1), the set of the number n of shared information and the restoration threshold k, the set of primes p and q, the set of m _token and m _storage , or the value necessary for generating verification information g can be used. When n and k are used as parameters, for example, k = 2 and n = 3 in the distribution of the master key, and k = n = 2 in the distribution of the password. When the numerical values of the parameters excluding the coefficient of the above formula (1) are set, they are stored in the storage device 11 until the next use of the electronic device, that is, the restoration of the master key and the password. Among the parameters, the coefficient of the above equation (1) is deleted if the dispersion information can be generated correctly. Note that the parameter value may be a fixed value. In this case, the fixed value is stored in the storage device 11, or as a code in the control program of the control device 15 held in the storage device 11 or the control device 15. Can be embedded. For example, it can be set as a variable value in the source file.

  The shared information M2 (first master key shared information) is encrypted with the password by the encryptor 261 of the encryption / decryption unit 26 to become encrypted shared information M2 '. The encryptor 261 of the encryption / decryption unit 26 uses the shared information M2 as plaintext input and the password as key information input, whereby the encrypted shared information M2 'is obtained as ciphertext output.

  Among these pieces of shared information, shared information M1, P1 (third master key shared information and second password shared information) is stored in the memory token 16 attached to the memory reader / writer 12, and shared information M3, P2 (second Master key distribution information and first password distribution information) and encrypted distribution information M2 ′ are stored in the storage device 11. The remaining shared information M2 is deleted if the total control unit 28 can confirm the normal end of the shared information storage process. The memory token 16 storing the shared information M1, P1 is managed by the user.

  When the user uses the electronic apparatus again, the memory token 16 is prepared and is attached to the memory reader / writer 12. By detecting the attachment by a detection means (not shown), the electronic device has shared information M1, P1 stored in the attached memory token 16, and shared information M3, P2 stored in the storage device 11 and encrypted distribution. The master key and password are restored according to the information M2 ′.

  6 (a) and 6 (b) schematically show restoration of the master key and password. As shown in FIG. 6A, when restoring the master key, when the electronic device is activated, the shared information in the memory token 16 is read by the memory reader / writer 12 and the memory reader / writer control unit 22 is read. To the general control unit 28. The shared information M1 stored in the memory token 16 and the shared information M3 stored in the storage device 11 are used as shared information input in the recovery unit 27B of the distribution / restoration unit 27. First, the information verifier 274 verifies the contents. Is done. As a result of the verification, if it is verified that both the shared information M1 and the shared information M3 are correct, the shared information decoder 275 outputs the original master key. The restored master key is stored in the temporary memory 29 for later processing.

  As shown in FIG. 6B, when the electronic device is activated when the password is restored, the shared information in the memory token 16 is read by the memory reader / writer 12 and the memory reader / writer control unit 22 is activated. To the integrated control unit 28. The shared information P1 stored in the memory token 16 and the shared information P2 stored in the storage device 11 are input to the shared information in the recovery unit 27B of the distribution / restoration unit 27. First, the information verifier 274 stores the contents. Validated. As a result of the verification, if it is verified that both of the shared information P1 and the shared information P2 are correct, the shared information decoder 275 outputs the original password. The restored password is stored in the temporary memory 29 for later processing.

  The numerical values of the parameters used in the distribution / restoration unit 27 when restoring the master key and the password are the same as those used at the time of dispersion except for the coefficient of the equation (1).

  When the master key and password are restored, the master key and password are redistributed. That is, as shown in FIG. 5, the master key is converted into three pieces of shared information M1, M2, and M3 by the distribution unit 27A, and the password is converted into two pieces of shared information P1 and P2 by the distribution unit 27A. Here, the parameters used in the distribution / restoration unit 27 are different from those used in the previous distribution. Therefore, in the re-distribution, the shared information M1, M2, M3, P1, and P2 and the encrypted shared information M2 ′ that are different from the previous distribution are generated, so that the new shared information M1 and P1 are stored in the memory token 16. Is done.

  FIG. 7 schematically shows restoration of the master key in the case where there is no memory token 16 when the electronic device is activated. In this case, the authorized user knows the password. Therefore, when the user inputs a password, the shared information M2 is decrypted by the decoder 262 of the encryption / decryption unit 26 according to the password and the encrypted shared information M2 ′ stored in the storage device 11. . That is, in the decryptor 262, the shared information M2 is decrypted with the password as key information input and the encrypted shared information M2 'as ciphertext input. Further, the master key is restored by the restoration unit 27B of the distribution / restoration unit 27 according to the distribution information M2 and the distribution information M3 stored in the storage device 11. Thereby, even if there is no memory token 16 when the electronic device is activated, the electronic device can be used as long as the user remembers the password.

  If the wrong password is input, the wrong shared information M2 is decrypted correspondingly, and as a result, the wrong master key is restored. For this reason, an electronic device cannot be used.

  Regarding the master key and password redistribution storage when there is no memory token 16, new distribution information M 1 and P 1 to be stored in the memory token 16 is stored in the temporary memory 29. When the memory token 16 is attached to the memory reader / writer 12 during use of the electronic device, the new shared information M1, P1 stored in the temporary memory 29 is written to the attached memory token 16. As the case where the memory token 16 is not present, the memory token 16 may be forgotten or lost, or the contents may be damaged even if the memory token 16 exists. Therefore, the shared information M1 and P1 stored in the temporary memory 29 is stored in the memory token 16. The memory token 16 when it is written to may be a memory token different from the previous one. The previously used memory token is automatically invalidated.

  Next, the unauthorized use prevention operation of the electronic device of the present invention using such distribution and restoration technology will be described.

  When the user turns on the power switch of the electronic device, the power is turned on to the electronic device as shown in FIG. 8 (step S1). The comprehensive control unit 28 determines whether or not the distributed information is stored in the storage device 11 via the storage device control unit 21 (step S2). When the user sets a password and a master key, shared information M3, P2 and encrypted shared information M2 'are stored at specific positions in the storage device 11. The general control unit 28 reads the shared information stored at a specific position, and verifies the shared information using the verification information included in the shared information by the information verifier 274 of the restoration unit 27B. If the verification result is correct, the distributed information is stored. As another example of the operation in step S2, the shared information is a file stored as a specific file name (for example, the distributed information M1 is “data1”), and the integrated control unit 28 may read this file. .

  If the shared information is stored in the storage device 11, the general control unit 28 determines whether the shared information is stored in the memory token 16 (step S3). The stored contents of the memory token 16 are determined by the memory reader / writer control unit 22 controlling the memory reader / writer 12 in accordance with a command from the general control unit 28. When the user sets a password and a master key, the memory token 16 stores shared information M1 and P1. If stored, the distributed information M1, P1 is read into the general control unit 28.

When shared information is stored in the memory token 16, the recovery unit 27B restores the master key according to the shared information M1 stored in the memory token 16 and the shared information M3 stored in the storage device 11 ( Step S4). As the shared information input in the restoration unit 27B, the shared information M1 and M3 are verified by the information verifier 274. If both shared information M1 and M3 are verified to be correct, the shared information decoder 275 returns the original master key. Is output. The restored master key is stored in the temporary memory 29 for later processing. If the shared information is not stored in the storage device 11 in step S2, the general control unit 28 executes an initial setting routine (step S8). The case where the shared information is not stored is a case where the shared information encrypted with the master key is not stored in the storage device 11 in a state where the user purchases the electronic device and first turns on the power. In addition, the shared information stored in the storage device 11 is lost or damaged due to some trouble, and the general control unit 28 cannot read the distributed information from the storage device 11 via the storage device control unit 21. .

  In the initial setting routine, as shown in FIG. 9, it is determined whether or not the memory token 16 is attached to the memory reader / writer 12 (step S11). When the memory token 16 is attached to the attachment part of the memory reader / writer 12, the memory reader / writer control part 22 can access the memory token 16 via the memory reader / writer 12, and therefore the general control part 28 Can determine whether the memory token 16 is attached. Here, the memory token 16 is a memory token that can be read and written by the memory reader / writer 12 simply by being attached.

  If it is determined in step S11 that the memory token 16 is not attached, the general control unit 28 displays a warning screen on the display device 14 and prompts the user to attach the memory token 16.

  When the memory token 16 is attached to the memory reader / writer 12, the general control unit 28 performs password setting (step S12) and master key setting (step S13). In step S <b> 12, the general control unit 28 displays a menu screen on the display device 14 via the display device control unit 23 and prompts the user to input an operation from the password input device 13. In response to this, when the user inputs the characters constituting the password from the input device 13 in order, the input password data is supplied to the general control unit 28 via the input device control unit 24. The comprehensive control unit 28 newly sets the supplied data as a password and stores it in the temporary memory 29 for later processing. In step S13, the general control unit 28 instructs the random number generation unit 25 to generate a random number. In response to this, the random number generation unit 25 generates a random number as data, and when the general control unit 28 receives it, the general control unit 28 newly sets the supplied data as a master key, and temporarily stores it for later processing. It is stored in the memory 29.

  Note that either the password setting in step S12 or the master key setting in step S13 may be processed first.

  If the shared information is not stored in the memory token 16 in step S3, the general control unit 28 executes a password activation routine (step S9).

  In the password activation routine, the general control unit 28 first accepts a password as shown in FIG. 10 (step S21). In step S21, the general control unit 28 displays a menu screen on the display device 14 via the display device control unit 23, and prompts the user to input an operation from the input device 13 for the password that has already been set. In response to this, when the user inputs the characters constituting the password from the input device 13 in order, the input password data is supplied to the general control unit 28 via the input device control unit 24. The comprehensive control unit 28 uses the supplied data as a password and stores it in the temporary memory 29 for later processing.

  When the general control unit 28 accepts the password in step S21, the general control unit 28 reads the encrypted shared information M2 ′ from the storage device 11 via the storage device control unit 21, and sends it to the decoder 262 of the encryption / decryption unit 26 in step S21. The accepted password is used as key information input, and the encrypted shared information M2 ′ is decrypted as ciphertext input (step S22). As a result, the shared information M2 is obtained from the decoder 262 as a plaintext output.

  The overall control unit 28 determines whether or not the decrypted shared information M2 is correct (step S23). In step S23, the information verifier 274 of the restoration unit 27B verifies the shared information M2 using the verification information included in the shared information M2. If the verification result is not correct, a password warning process is performed (step S24), and the process returns to step S21. In the password warning process, the overall control unit 28 deletes the password stored in the temporary memory 29. Thereafter, a warning screen is displayed on the display device 14 to prompt the user to input a password again.

  If the verification result is correct, the restoration unit 27B of the distribution / restoration unit 27 restores the master key using the obtained distribution information M2 and the distribution information M3 read from the storage device 11 as the distribution information input (step S25). The restored master key is stored in the temporary memory 29 for later processing.

  If the master key is restored in step S4 or step S25, since it is not unauthorized use, a shared information update routine is executed (step S5), and the electronic device can be used (step S6). When the power switch of the electronic device is turned off, the power of the electronic device is cut off (step S7). In the usable state of the electronic device in step S 6, for example, at the time of recording information, the information input from the input device 13 is encrypted by the encryptor 261 using the master key, and the encrypted information is stored in the storage device 11. Is done. Further, at the time of information reproduction, the encrypted information stored in the storage device 11 is decrypted by the decryptor 262 using the master key, and the decrypted information is displayed on the display device 14.

  In the shared information update routine of step S5, the overall control unit 28 determines whether or not a password is stored in the temporary memory 29 as shown in FIG. 11 (step S31). If stored, the numerical value of the parameter is newly set, new distribution information M1, M2, M3 corresponding to the master key stored in the temporary memory 29, and password are set in the distribution unit 27A of the distribution / restoration unit 27 The new shared information P1, P2 corresponding to is generated (step S32). Each time step S32 is executed, the numerical value of the parameter input to the distribution unit 27A is changed. The numerical value of the parameter is determined by a random number generated by the random number generator 25.

  On the other hand, if it is not stored in the temporary memory 29, the restoration unit 27B of the distribution / restore unit 27 uses the shared information P1 read from the memory token 16 and the shared information P2 read from the storage device 11 as the shared information input, and the password is stored. It is restored and stored in the temporary memory 29 (step S33).

  Next, the overall control unit 28 causes the encryptor 261 of the encryption / decryption unit 26 to encrypt the shared information M2 obtained in step S32 with a password, thereby generating encrypted shared information M2 ′ ( Step S34). Then, the shared information M3, P2 and the encrypted shared information M2 'are stored in the storage device 11 via the storage device control unit 21 (step S35).

  After executing step S35, the overall control unit 28 determines whether or not the memory token 16 is attached to the memory reader / writer 12 (step S36). This is the same determination as in step S11 of the initial setting routine. If the memory token 16 is attached to the memory reader / writer 12, the shared information M1, P1 is stored in the memory token 16 (step S37). The shared information M1, P1 generated in step S32 is stored in the memory token 16 by the memory reader / writer control unit 22 drivingly controlling the memory reader / writer 12. In the storage, if the shared information M1, P1 is already stored in the memory token 16, overwriting is performed. Further, the storage position is predetermined.

  If the memory token 16 is not attached to the memory reader / writer 12 as determined in step S36, the shared information M1 and P1 are stored in the temporary memory 29 (step S38). When step S38 is executed, the overall control unit 28 repeats whether or not the memory token 16 is attached via the memory reader / writer control unit 22 when the electronic apparatus is in use in the subsequent step S6. Determine. This determination is the same as in step S11. If the memory token 16 is inserted and correctly inserted by the user, the shared information M1 and P1 are stored in the memory token 16 as in step S37.

  The shared information update routine (step S5) is performed immediately after execution of step S4, step S9, or step S8 of the main routine. However, the user can immediately operate the electronic device by activating the startup after power-on. It is not always necessary to perform the process immediately after the execution of step S4, step S9, or step S8 due to reasons such as to do so. As another example, the electronic device in step S6 may be used during a time period when the user is not operating and the processing amount of the general control unit 28 is small.

  According to the first embodiment, if the regular memory token storing the distributed information is attached to the electronic device, the electronic device can be used without inputting other information such as a password. . Since the distributed information stored in the memory token is updated each time the electronic device is used, even if it is a legitimate memory token in which the distributed information is stored, it will be automatically invalidated if it is not installed when the electronic device is subsequently started. Can be made. In addition, even if there is an illegal read of distributed information from a regular memory token or a memory token copied with the distributed information, if an electronic device is used with a regular memory token before it is used illegally, The use of electronic devices by unauthorized users can be prevented. In addition, even if there is no legitimate memory token, the legitimate user can use the electronic equipment by entering the password, so even if the legitimate memory token is stolen or lost, The legitimate memory token is invalidated at that time, and the security for the information stored in the storage device can be increased.

  In addition, since the shared information generated by the secret sharing method is stored in the memory token, it is possible to prevent the master key and password, which are secret information, from leaking from the memory token itself. Therefore, a security function such as a magic gate or a unique ID is not required for the memory token.

  Furthermore, since a highly versatile memory such as a USB memory or a memory card can be used as the memory token, there are few design restrictions on the memory token itself. For example, it is possible to use an elaborate memory token such as an existing sushi-type USB memory.

  In the above-described embodiment, three pieces of shared information M1, M2, and M3 are generated from the master key. However, the present invention is not limited to this, and three or more pieces of shared information may be generated from the master key. Further, although two pieces of shared information P1 and P2 are generated from the password, the present invention is not limited to this, and two or more pieces of shared information may be generated from the password.

  FIG. 12 shows the configuration of an electronic device as a second embodiment of the present invention. The electronic device of FIG. 12 includes a storage device 11, a memory reader / writer 12, an input device 13, a display device 14, and a control device 15, similarly to the electronic device of FIG. The storage device 11 has a storage area A and a recording area B.

  In the electronic device of FIG. 12, master keys A and B and passwords A and B are used to prevent unauthorized use. The master key A and password A are used for information stored in the recording area A, and the master key B and password B are used for information stored in the recording area B. Further, a memory token 16A for the recording area A and a memory token 16B for the recording area B are used.

  FIG. 13 schematically shows the flow of generation and storage of shared information from each of the master key A and the password A. As shown in FIG. 13, the master key A is generated as a random number by the random number generator 25. The generated master key A is made into three pieces of shared information M1A, M2A, and M3A by the distribution unit 27A. At this time, the parameter is set so that the original master key A can be restored if any two of the three pieces of shared information M1A, M2A, and M3A are present. On the other hand, when the password A is designated by the input operation, the distribution unit 27A converts the password A into two pieces of shared information P1A and P2A. At this time, the parameter is set so that the original password cannot be restored without both of the shared information P1A and P2A.

  The shared information M2A is encrypted using the password A by the encryptor 261 of the encryption / decryption unit 26 to become encrypted shared information M2A ′. In the encryptor 261 of the encryption / decryption unit 26, the shared information M2A is input as plain text, and the password A is used as key information input, whereby the encrypted shared information M2A 'is obtained as cipher text output.

  Among these pieces of shared information, the shared information M1A, P1A is stored in the memory token 16A attached to the memory reader / writer 12, and the shared information M3A, P2A and the encrypted shared information M2A ′ are stored in the storage area A of the storage device 11. Stored. The remaining shared information M2A is deleted if the total control unit 28 can confirm the normal end of the shared information storage process. The memory token 16A storing the shared information M1A and P1A is managed by the user.

  The master key B is generated as a random number by the random number generator 25. The generated master key B is converted into three pieces of shared information M1B, M2B, and M3B by the distribution unit 27A. At this time, the parameter is set so that the original master key B can be restored if any two or more of these three pieces of shared information M1B, M2B, and M3B are set. On the other hand, when the password B is designated by the input operation, it is made into two pieces of shared information P1B and P2B by the distribution unit 27A according to the password B. At this time, the parameter is set so that the original password cannot be restored without both of the shared information P1B and P2B.

  The shared information M2B is encrypted using the password B by the encryptor 261 of the encryption / decryption unit 26 to be encrypted shared information M2B ′. The encryptor 261 of the encryption / decryption unit 26 uses the shared information M2B as plaintext input and the password B as key information input, whereby the encrypted shared information M2B ′ is obtained as ciphertext output.

  Among these pieces of shared information, the shared information M1B and P1B are stored in the memory token 16B attached to the memory reader / writer 12, and the shared information M3B and P2B and the encrypted shared information M2B ′ are stored in the storage area B of the storage device 11. Stored. The remaining shared information M2B is deleted if the total control unit 28 can confirm the normal end of the shared information storage process. The memory token 16B in which the shared information M1B and P1B is stored is managed by the user.

  As shown in FIG. 14, the storage area A of the storage device 11 stores the tag A and information encrypted with the master key A in addition to the shared information M3A and P2A and the encrypted shared information M2A '. The storage area B of the storage device 11 stores the tag B and information encrypted with the master key B in addition to the shared information M3B, P2B and the encrypted shared information M2B '.

  In the storage device 11, the tags A and B are recorded without being encrypted with the master key. This is because the tag needs to be read first to identify the storage areas A and B to be accessed, and if the tag is encrypted, the tag cannot be read until the master key is decrypted from the distributed information. . The reason why the shared information is not encrypted with the master key is that it becomes impossible to read the shared information that is required before the master key is decrypted.

  As shown in FIG. 15 (a), tag A and shared information M1A and P1A are stored in the memory token 16A, and as shown in FIG. 15 (b), tag B and shared information M1B are stored in the memory token 16B. , P1B are stored.

  When a user having the memory token 16A uses the electronic apparatus again, the memory token 16A is prepared and is attached to the memory reader / writer 12. In this electronic apparatus, the master key A and password A according to the shared information M1A, P1A stored in the attached memory token 16A, the shared information M3A, P2A stored in the storage device 11, and the encrypted shared information M2A ′. Is restored.

  Specifically, when the electronic device is activated, the tag A in the memory token 16A is read by the memory reader / writer 12 and supplied to the general control unit 28 via the memory reader / writer control unit 22. As shown in FIG. 16, the general control unit 28 checks the tag A recorded in the storage area A of the storage device 11 and inserts the memory token 16A for accessing the storage area A if they match. Judge that it was done. If it does not match the tag A because it is not the memory token 16A but another memory token, it is checked against the tag B stored in the storage area B. If it does not match the tag B, the process is terminated and the electronic device cannot be used.

  The distributed information of the memory token 16A is read by the memory reader / writer 12 and supplied to the general control unit 28 via the memory reader / writer control unit 22. As shown in FIG. 17, the shared information M1A stored in the memory token 16A and the shared information M3A stored in the storage device 11 are used as shared information input in the recovery unit 27B of the distribution / restoration unit 27. First, information verification The contents are verified by the device 274. As a result of the verification, if it is verified that both the shared information M1A and the shared information M3A are correct, the shared information decoder 275 outputs the original master key A. The restored master key A is stored in the temporary memory 29 for later processing. The numerical values of the parameters used in the distribution / restoration unit 27 at the time of restoration of the master key A are the same as those used at the time of dispersion except for the coefficient of Expression (1).

  The encrypted information stored in the storage area A of the storage device 11 is decrypted with the master key A by the decryptor 262. That is, as shown in FIG. 18, by using the encrypted information as the ciphertext input of the encryption unit 262 and the master key A as the key information input, the information is decrypted. It is displayed on the device 14.

  As shown in FIG. 19, the shared information P1A stored in the memory token 16A and the shared information P2A stored in the storage device 11 are used as the shared information input in the restoring unit 27B of the sharing / restoring unit 27. The contents are verified by the verifier 274. As a result of the verification, if it is verified that both of the shared information P1A and the shared information P2A are correct, the shared information decoder 275 outputs the original password A. The restored password A is stored in the temporary memory 29 for later processing.

  When the master key A and the password A are restored, the master key A and the password A are redistributed. That is, the master key A is converted into three pieces of shared information M1A, M2A, and M3A by the sharing unit 27A, and the password A is converted into two pieces of shared information P1A and P2A by the sharing unit 27A. Here, the parameters used in the distribution / restoration unit 27 are different from those used in the previous distribution. Therefore, in the re-distribution, the shared information M1A, M2A, M3A, P1A, P2A and the encrypted shared information M2A ′ that are different from the previous distribution are generated, so that the new shared information M1A, P1A is stored in the memory token 16. Is done.

  As for the restoration of the master key A when the memory token 16A is not present when the electronic device is activated, as shown in FIG. 20, the user who wants to use the information stored in the storage area A uses a password based on the menu screen of the display device. When A is input, the shared information in the storage area A is selected. Therefore, the shared information M2A is decrypted by the decoder 262 of the encryption / decryption unit 26 according to the password A and the encrypted shared information M2A ′ stored in the storage device 11. That is, in the decryptor 262, the shared information M2A is decrypted with the password A as the key information input and the encrypted shared information M2A 'as the ciphertext input. Further, the master key A is restored by the restoration unit 27B of the distribution / restoration unit 27 according to the distribution information M2A and the distribution information M3A stored in the storage device 11. Thus, even if the memory token 16A is not present when the electronic device is activated, the electronic device can be used as long as the user remembers only the password A.

  When the user having the memory token 16B uses the electronic device again, the restoration operation of the master key B and the password B and the redistribution operation of the master key B and the password B are performed by using the memory token 16A. Since it is similar to the case where it is used again, the description is omitted.

  In the electronic device of FIG. 12, the storage device 11 is provided with two storage areas A and B, but is not limited to two storage areas. There may be a plurality of storage areas, and there will be memory tokens corresponding to the number of storage areas.

  FIG. 21 shows the configuration of an electronic device as a third embodiment of the present invention. The electronic device of FIG. 21 includes a storage device 11, a memory reader / writer 12, an input device 13, a display device 14, and a control device 15, similarly to the electronic device of FIG. The storage device 11 has a management area, a storage area A, and a storage area B.

  In the electronic device of FIG. 21, the master keys A and B and the passwords A and B are used for preventing unauthorized use, as in the electronic device of FIG. Master key A and password A are used for information stored in storage area A, and master key B and password B are used for information stored in storage area B. Further, a memory token 16A for the storage area A and a memory token 16B for the storage area B are used.

  FIG. 22 schematically shows the flow of generation and storage of shared information from the master key A and the password A, respectively. In the flow of generation and storage of the shared information, the shared information M3A, P2A and the encrypted shared information M2A 'are stored in the management area of the storage device 11, which is the difference from that shown in FIG. Further, the shared information M3B, P2B and the encrypted shared information M2B ′ are stored in the management area of the storage device 11.

  As shown in FIG. 23, the management area of the storage device 11 includes a tag A, shared information M3A, P2A, encrypted shared information M2A ′, tag B, shared information M3B, P2B, encrypted shared information M2B ′, and area management. Information is stored. Information encrypted with the master key A is stored in the storage area A, and information encrypted with the master key B is stored in the storage area B. The area management information is management information for each area including information on the tags corresponding to the storage areas A and B, and further information on the storage position of each distributed information corresponding to the tags. The area management information is information that is added or overwritten each time one piece of distributed information is written to the management area.

  Tag A and shared information M1A and P1A are stored in the memory token 16A, and tag B and shared information M1B and P1B are stored in the memory token 16B.

  When a user having the memory token 16A uses the electronic apparatus again, the memory token 16A is prepared and is attached to the memory reader / writer 12. In this electronic apparatus, the master key A and password A according to the shared information M1A, P1A stored in the attached memory token 16A, the shared information M3A, P2A stored in the storage device 11, and the encrypted shared information M2A ′. Is restored.

  Specifically, when the electronic device is activated, the tag A in the memory token 16A is read by the memory reader / writer 12 and supplied to the general control unit 28 via the memory reader / writer control unit 22. As shown in FIG. 24, the overall control unit 28 collates with the tag A recorded in the management area of the storage device 11, and as a result, if both match, the memory token 16A is inserted to access the storage area A. Judge that If it does not match the tag A because it is not the memory token 16A but another memory token, it is collated with the tag B which is another tag. If it does not match the tag B, the process is terminated and the electronic device cannot be used.

  The distributed information of the memory token 16A is read by the memory reader / writer 12 and supplied to the general control unit 28 via the memory reader / writer control unit 22. The distributed information M3A stored in the management area of the storage device 11 is supplied to the general control unit 28. The storage position of the shared information M3A in the management area is a position corresponding to the tag A based on the area management information, and the shared information M3A is read therefrom. As shown in FIG. 25, the shared information M1A stored in the memory token 16A and the shared information M3A stored in the management area of the storage device 11 serve as shared information input in the recovery unit 27B of the distribution / restoration unit 27. The information verifier 274 verifies the contents. As a result of the verification, if it is verified that both the shared information M1A and the shared information M3A are correct, the shared information decoder 275 outputs the original master key A. The restored master key A is stored in the temporary memory 29 for later processing. The numerical values of the parameters used in the distribution / restoration unit 27 at the time of restoration of the master key A are the same as those used at the time of dispersion except for the coefficient of the equation (1).

  Based on the area management information of the management area, the encrypted information stored in the storage area A of the storage device 11 is read, and the encrypted information is decrypted by the decoder 262 with the master key A. That is, as shown in FIG. 26, the encrypted information is used as the ciphertext input of the encryption unit 262, and the master key A is used as the key information input, so that the information is decrypted. It is displayed on the device 14.

  As shown in FIG. 27, the shared information P1A stored in the memory token 16A and the shared information P2A stored in the storage device 11 are read out. The storage position of the shared information P2A in the management area is a position corresponding to the tag A based on the area management information, and the shared information P2A is read therefrom. The read shared information P1A and P2A are used as shared information input in the restoration unit 27B of the distribution / restoration unit 27. First, the contents are verified by the information verifier 274. As a result of the verification, if it is verified that both of the shared information P1A and the shared information P2A are correct, the shared information decoder 275 outputs the original password A. The restored password A is stored in the temporary memory 29 for later processing.

  When the master key A and the password A are restored, the master key A and the password A are redistributed. Since this re-dispersion is as described in the electronic apparatus of FIG. 12, detailed description is omitted. The storage location of each information in the storage device 11 is as shown in FIG.

  The restoration of the master key A when the memory token 16A is not present when the electronic device is activated is managed when the user who wants to use the information stored in the storage device A inputs the password A based on the menu screen of the display device. The distributed information related to the tag A in the area is selected. Therefore, the shared information M2A is decrypted by the decoder 262 of the encryption / decryption unit 26 according to the password A and the encrypted shared information M2A ′ stored in the storage device 11. That is, in the decryptor 262, the shared information M2A is decrypted with the password A as the key information input and the encrypted shared information M2A 'as the ciphertext input. Further, the master key A is restored by the restoration unit 27B of the distribution / restoration unit 27 according to the distribution information M2A and the distribution information M3A stored in the storage device 11. Thus, even if the memory token 16A is not present when the electronic device is activated, the electronic device can be used as long as the user remembers only the password A.

  When the user having the memory token 16B uses the electronic device again, the restoration operation of the master key B and the password B and the redistribution operation of the master key B and the password B are performed by using the memory token 16A. Since it is the same as the case of using again, description is abbreviate | omitted.

  In the electronic device of FIG. 21, the storage device 11 is provided with two storage areas A and B together with the management area, but is not limited to two storage areas. A plurality of storage areas may be used, and tags corresponding to the plurality of storage areas and each piece of distributed information are stored in the management area.

  According to the second and third embodiments described above, the area of the storage device is divided into two, and different master keys, passwords, and memory tokens are used. That is, there are two storage areas managed independently in the electronic device. If there is only a single master key, the electronic device itself cannot be used unless both the corresponding password and memory token can be used. On the other hand, if the storage area is divided and managed as in the second and third embodiments, even if both the memory token and password corresponding to one storage area become unavailable, If either the memory token or password corresponding to the storage area is valid, the electronic device can be partially used.

  Further, according to the second and third embodiments described above, a plurality of users can use one electronic device independently. For example, when one electronic device is shared by two people, it becomes possible to prevent one information from being accessed by the other. Therefore, information that is not necessarily shared by all users, that is, information that is to be kept secret only for a specific user can be safely stored. As an example, a single electronic device having a large-capacity storage device can be shared by a plurality of users, and each user can use the device as if it were for their own use. As a result, it is possible to consolidate electronic devices managed by individual users.

  The present invention can be applied not only to the information encryption recording apparatus of the above embodiment but also to electronic devices such as a car navigation apparatus and a personal computer.

  In the case of a car navigation device, the memory token is small and can be carried along with a car key, for example, like a key ring. Therefore, even if the memory token is stored safely, it cannot be used even if the car navigation device main body is stolen, so the willingness to steal can be reduced.

  In the case of a personal computer, the master key stored internally as distributed information cannot be decrypted without a memory token, so the personal computer cannot be used. If you have a valid memory token, you don't need to enter your password when you start your computer. That is, the memory token can be used as a password input. Since the information to be recorded is shared information generated by the secret sharing method, even if one of the personal computer or the memory token is stolen, information regarding the master key or password cannot be obtained from the stolen one. If the PC can be started normally, the storage and distribution information of the memory token is automatically updated, so even if the memory token is stolen, a legitimate user starts up before the stolen memory token is illegally used. It can be invalidated by updating the distributed information. Therefore, if you store the memory token separately from the PC and install the memory token when using the PC, you will have the convenience of having to enter the password when starting up the PC, while ensuring the safety of the PC. Can be improved.

  Needless to say, the control device 15 in the apparatus of FIG. 1 may be configured by a computer so that the computer executes the above-described unauthorized use prevention operation according to a program stored in the memory.

DESCRIPTION OF SYMBOLS 11 Storage device 12 Memory reader / writer 13 Input device 14 Display device 15 Control device 16, 16A, 16B Memory token 26 Encryption / decryption unit 27 Distribution / restoration unit 28 General control unit

Claims (12)

An electronic device that encrypts and stores information using a master key,
Master key distribution information generating means for generating at least first to third master key distribution information according to the master key by a secret sharing method;
Password sharing information generating means for generating at least first and second password sharing information according to a password input by a secret sharing method;
When the first to third master key distribution information is generated, encrypted shared information generation means for generating encrypted distribution information by encrypting the first master key distribution information based on the password;
When the first to third master key distribution information, the first and second password distribution information, and the encryption distribution information are respectively generated, the second master key distribution information, the first password distribution information, A storage device for storing the encrypted distributed information;
When the first to third master key distribution information and the first and second password distribution information are generated, the third master key distribution information and the second password distribution information are attached to and detached from the mounting unit. External memory control means for storing in a free external memory;
The master key is changed according to the second master key distribution information stored in the storage device and the third master key distribution information stored in the external memory when the external memory is attached to the attachment unit. A master key restoring means to restore;
A password for restoring the password in accordance with the first password distribution information stored in the storage device and the second password distribution information stored in the external memory when the external memory is mounted in the mounting unit A restoration means,
When the master key is restored by the master key restoration unit and the password is restored by the password restoration unit, the master key distribution information generation unit is configured to perform the at least first operation according to the restored master key by a secret sharing method. 1st to 3rd master key distribution information is generated under conditions different from the previous one, and the password distribution information generating means sets the at least first and second password distribution information as the previous time according to the restored password by the secret sharing method. An electronic device that is generated under different conditions. Decryption means for decrypting the encrypted shared information stored in the storage device according to a password input when the external memory is not installed in the mounting unit, and obtaining the first master key shared information;
The master key restoration unit restores the master key according to the first master key distribution information obtained by the decryption unit and the second master key distribution information stored in the storage device. The electronic device according to claim 1.   The third master key distribution information generated by the master key distribution information generation means when the external memory is not attached to the attachment unit, and the second password distribution information generated by the password distribution information generation means The electronic apparatus according to claim 1, further comprising: means for storing the information in a temporary memory.   When the external memory is attached to the attachment part before the operation of the electronic device is finished, the external memory control means stores the third master stored in the temporary memory in the attached external memory. 4. The electronic apparatus according to claim 3, wherein key distribution information and the second password distribution information are stored.   5. The electronic apparatus according to claim 4, further comprising means for erasing the third master key distribution information and the second password distribution information stored in the temporary memory before the operation of the electronic apparatus ends.   The recording device updates and stores the second master key distribution information, the first password distribution information, and the encryption distribution information, and the external memory control means stores the third master key distribution information in the external memory. 2. The electronic device according to claim 1, wherein information and the second password distribution information are updated and stored.   2. The electronic device according to claim 1, wherein the encrypted and stored information is decrypted according to the restored master key.   2. The electronic device according to claim 1, wherein, in the initial setting of the electronic device, the master key is set by a random number generated by a random number generator, and the password is set by an input operation. Encrypted information is generated for each set of the password and the master key, and the master key distribution information generation unit generates the at least first to third master key distribution information, and generates the password distribution information. Means generates the at least first and second password sharing information, and the encryption sharing information generation means generates the encryption sharing information;
The encrypted information, the second master key distribution information, the first password distribution information, and the encryption distribution information, together with a tag indicating an area, for each set of the password and the master key of the storage device Stored in different storage areas,
2. The electronic device according to claim 1, wherein the third master key distribution information and the second password distribution information are stored in the external memory different for each set of the password and the master key together with the tag. . Encrypted information is generated for each set of the password and the master key, and the master key distribution information generation unit generates the at least first to third master key distribution information, and generates the password distribution information. Means generates the at least first and second password sharing information, and the encryption sharing information generation means generates the encryption sharing information;
The encrypted information is stored in a different storage area for each set of the password and the master key of the storage device,
The second master key distribution information, the first password distribution information, and the encrypted distribution information are stored in one management area of the storage device together with a tag indicating the area,
2. The electronic device according to claim 1, wherein the third master key distribution information and the second password distribution information are stored in the external memory different for each set of the password and the master key together with the tag. . A method of preventing unauthorized use of electronic equipment that encrypts and stores information using a master key,
A master key distribution information generating step for generating at least first to third master key distribution information according to the master key by a secret sharing method;
A password sharing information generation step for generating at least first and second password sharing information according to a password input by a secret sharing method;
When the first to third master key distribution information is generated, an encrypted distributed information generation step of generating encrypted distribution information by encrypting the first master key distribution information based on the password;
When the first to third master key distribution information, the first and second password distribution information, and the encryption distribution information are respectively generated, the second master key distribution information, the first password distribution information, Storing the encrypted distributed information in a storage device;
When the first to third master key distribution information and the first and second password distribution information are generated, the third master key distribution information and the second password distribution information are attached to and detached from the mounting unit. Storing in a free external memory;
The master key is changed according to the second master key distribution information stored in the storage device and the third master key distribution information stored in the external memory when the external memory is attached to the attachment unit. A master key recovery step to restore,
A password for restoring the password in accordance with the first password distribution information stored in the storage device and the second password distribution information stored in the external memory when the external memory is mounted in the mounting unit A restoration step, and
When the master key is restored in the master key restoration step and the password is restored in the password restoration step, the master key distribution information generation step performs the at least first operation according to the restored master key by a secret sharing method. 1st to 3rd master key sharing information is generated under different conditions from the previous time, and the password sharing information generation step sets the at least first and second password sharing information as the previous time according to the restored password by the secret sharing method. A method of preventing unauthorized use, characterized by generating under different conditions. A program for preventing unauthorized use of electronic equipment that encrypts and stores information using a master key.
A master key distribution information generating step for generating at least first to third master key distribution information according to the master key by a secret sharing method;
A password sharing information generation step for generating at least first and second password sharing information according to a password input by a secret sharing method;
When the first to third master key distribution information is generated, an encrypted distributed information generation step of generating encrypted distribution information by encrypting the first master key distribution information based on the password;
When the first to third master key distribution information, the first and second password distribution information, and the encryption distribution information are respectively generated, the second master key distribution information, the first password distribution information, Storing the encrypted distributed information in a storage device;
When the first to third master key distribution information and the first and second password distribution information are generated, the third master key distribution information and the second password distribution information are attached to and detached from the mounting unit. Storing in a free external memory;
The master key is changed according to the second master key distribution information stored in the storage device and the third master key distribution information stored in the external memory when the external memory is attached to the attachment unit. A master key recovery step to restore,
A password for restoring the password in accordance with the first password distribution information stored in the storage device and the second password distribution information stored in the external memory when the external memory is mounted in the mounting unit A restore step,
When the master key is restored in the master key restoration step and the password is restored in the password restoration step, the master key distribution information generation step performs the at least first operation according to the restored master key by a secret sharing method. First to third master key distribution information is generated under conditions different from the previous one, and at least the first and second password distribution information is set as the previous time according to the password restored by the secret distribution method in the password distribution information generation step. And generating the program under different conditions.

Images