JP2013046334A - Information security system, host, device, control method thereof, and program thereof - Google Patents

Abstract

PROBLEM TO BE SOLVED: To derive a value of which uniqueness of a device is enhanced.SOLUTION: An IC card includes an oscillation circuit containing a plurality of oscillators having intrinsic oscillation frequency caused by variation in manufacture. Two of the plurality of oscillators are selected, and the selected oscillators are oscillated, to obtain an actual measurement count value C based on the oscillation frequency (steps S600-S605). Then, a response value Re and a corrected count value Cc are derived which is obtained by correcting the actual measurement count value C that has been obtained based on a correction value Cave, which is a value based on an average of the frequencies when an oscillator having the same arrangement and wiring as a selected oscillator of a plurality of IC cards 20 is oscillated (steps S610-S625).

Description

  The present invention relates to an information security system, a host, a device, a control method thereof, and a program thereof.

  Conventionally, a technology called PUF (physical unclonable function) is known in information security systems. This PUF uses unique physical features that cannot be controlled at the time of manufacture, and it is difficult for third parties to duplicate these unique physical features to prevent counterfeiting and leakage of confidential information To do. As a specific example of such a PUF, an oscillator having a specific oscillation frequency is used, and a slight variation at the time of manufacturing the oscillation frequency of this oscillator is used as a specific physical characteristic.

  For example, Patent Document 1 describes that a ring oscillator configured so that an output oscillates by connecting a NOT circuit and a NAND circuit in series is used as a PUF. Then, in a device in which a plurality of ring oscillators are arranged, the oscillation frequency of two ring oscillators selected from a plurality of ring oscillators is measured, and a value based on the magnitude relationship of the measured oscillation frequencies is output as an output bit. Is described. As a result, it is possible to output a unique value as an output bit by utilizing the fact that the magnitude relationship of the oscillation frequency of the selected ring oscillator changes due to variations in manufacturing. For example, even if the same ring oscillator is manufactured, the variation in oscillation frequency at the time of manufacture cannot be reproduced. Therefore, the above magnitude relationship is not always the same, and the output bits are not always the same value. The correct correspondence between the selection of the ring oscillator and the output bit is checked and stored in advance when the ring oscillator is manufactured, and the correspondence between the selection of the ring oscillator and the output bit is stored in advance. It is supposed that it can be determined whether or not the device provided with the ring oscillator is genuine by performing the determination of whether or not they match with each other a plurality of times.

International Publication No. 2008/056612

  Here, the oscillation frequency of the oscillator changes due to variations in manufacturing, and also changes due to differences in the arrangement and wiring of the oscillator. For example, if the wiring is long, the signal is delayed by that amount, so that the oscillation frequency becomes small. If the change in the oscillation frequency due to the difference in the placement and wiring of the oscillator is large, the influence of variations during manufacturing on the oscillation frequency becomes relatively small. If the correspondence between the selected oscillator and the output unique value is biased due to the placement and wiring of the oscillator, even if it is a counterfeit product that cannot reproduce the manufacturing variations, The uniqueness (difference) of the device is reduced, such as increasing the possibility that the value will be the same as the regular product, which is a problem from the viewpoint of security.

  The present invention has been made in view of the above-described problems, and has as its main object to derive a value that further enhances the uniqueness of a device.

The information security system of the present invention
An information security system comprising a host and a device,
An oscillation circuit having a plurality of oscillators with inherent oscillation frequencies due to manufacturing variations;
Selecting means for selecting at least one oscillator of the plurality of oscillators;
An acquisition means for oscillating the selected oscillator and acquiring an actually measured frequency-related value based on the frequency of the oscillation;
The acquired actual measurement frequency related value is corrected based on an average frequency related value that is a value based on an average frequency when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Correction means for deriving a corrected frequency-related value;
With
The oscillation circuit and the selection unit are included in the device,
The acquisition unit has the device or the host,
The correction means has the device or the host,
Is.

  In the information security system of the present invention, the device has an oscillation circuit having a plurality of oscillators having inherent oscillation frequencies caused by manufacturing variations. First, at least one oscillator is selected from the plurality of oscillators, the selected oscillator is oscillated, and a measured frequency-related value based on the frequency of the oscillation is acquired. Subsequently, the obtained measured frequency-related value is corrected based on the average frequency-related value, which is a value based on the average frequency when the oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Derived frequency-related values after correction. In this way, by correcting the measured frequency-related value with the average frequency-related value, it is possible to remove the change in the oscillation frequency caused by the placement and wiring of the oscillator from the measured frequency-related value, making the device more unique. An enhanced corrected frequency-related value can be derived. The “oscillator having the same arrangement and wiring as the selected oscillator” includes an oscillator in which the arrangement of circuits and elements inside the oscillator and the wiring in the oscillator are the same as the selected oscillator.

  Here, the reason why the change in the oscillation frequency due to the placement and wiring of the oscillator can be removed by the correction will be described. First, the measured frequency-related value is a value affected by both the change in the oscillation frequency due to the manufacturing variation of the oscillator and the change in the oscillation frequency due to the placement and wiring of the oscillator. If the oscillator has the same arrangement and wiring, the change in the oscillation frequency due to the arrangement and wiring of the oscillator is about the same, whereas the change in the oscillation frequency due to the manufacturing variation of the oscillator is different for each oscillator. Different. Therefore, in the average frequency-related value, the change in the oscillation frequency due to the manufacturing variation cancels each other, and the influence of the change in the oscillation frequency due to the arrangement and wiring remains. Therefore, by correcting the measured frequency related value with this average frequency related value, it is possible to remove the change in the oscillation frequency caused by the arrangement and wiring from the measured frequency related value. Note that the average frequency-related value may be any value that can eliminate the change in the oscillation frequency due to the arrangement and wiring, so the frequency when the oscillator with the same arrangement and wiring as the actually selected oscillator is oscillated. Any value may be used as long as it is based on the average of the two, and it is not necessary to be based on the frequency when the actually selected oscillator itself is oscillated.

  Note that the measured frequency-related value may be, for example, the number of oscillations in a predetermined period or the time required for oscillation a predetermined number of times. When two or more oscillators are selected, the measured frequency-related value may be, for example, a difference or ratio of the number of oscillations in a predetermined period, or a difference or ratio of the time required to oscillate a predetermined number of times. The average frequency related value may be, for example, an average of actually measured frequency related values in a plurality of devices. When two or more oscillators are selected, the average frequency-related value is, for example, the difference or ratio of the number of oscillations in a predetermined period or the predetermined number of times for oscillators having the same arrangement and wiring as the two selected oscillators. It is also possible to derive the difference or ratio of the time required for the calculation and average it by deriving it over a plurality of devices. Alternatively, the average frequency-related value is obtained by averaging the number of oscillations in a predetermined period or the time required for oscillation over a plurality of devices for each of two or more selected oscillators, and calculating the average difference or ratio Also good. The corrected frequency-related value may be, for example, the difference or ratio between the actually measured frequency-related value and the average frequency-related value.

  In the information security system of the present invention, the oscillator may be a ring oscillator in which an odd number of inversion circuits are connected in series in a ring shape. The ring oscillator can be configured using only the logic elements and wirings inside the IC, and the difference between the devices tends to appear in the oscillation frequency characteristics because the manufacturing variation of the devices affects the delay of the logic elements. The significance of applying to is high. Note that the inverting circuit is a circuit that inverts an output value with respect to an input value, and may be, for example, at least one of a NOT gate, a NAND gate, and a NOR gate. Further, the number of stages of the inverting circuit of the ring oscillator may be an odd number, for example, the number of stages may be three or more, or may be seven. Further, the ring oscillator may be configured such that an odd number of inversion circuits and other delay circuits that are not inversion circuits are connected in series in a ring shape. In particular, when the number of inverting circuits is one, it is preferable that the inverting circuit and the delay circuit are connected in series in a ring shape. The number of stages and the presence / absence of a delay circuit can be appropriately selected so that, for example, an oscillation frequency suitable for handling an output signal from a ring oscillator is obtained.

  In the information security system of the present invention, the oscillator has an odd number of inversion circuits connected in series in a ring shape, and a plurality of inversion circuits are connected in parallel in at least one or more stages. A plurality of signal paths can be selected depending on which of the inverting circuits is used as the path of each stage, and each signal path has an oscillation frequency unique to each signal path resulting from manufacturing variations of the inverting circuits constituting the signal path. The selecting means is means for selecting at least one oscillator among the plurality of oscillators, and selecting any one of the plurality of signal paths for the selected oscillator, and the obtaining means Is means for oscillating the selected oscillator along the selected signal path and obtaining the measured frequency related value based on the frequency of the oscillation. The correction means sets the acquired measured frequency-related value to an average frequency when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated in the selected signal path. It is good also as a means to derive | lead-out the said frequency-related value after correction | amendment correct | amended based on the said average frequency relevant value which is a value based on. In this way, the oscillation frequency inherent to the oscillator varies depending on which inverting circuit connected in parallel in each stage of one oscillator, so that the number of oscillators can be increased in a pseudo manner. . Since the corrected frequency-related value varies depending on which oscillator is selected, the corrected frequency-related value is less likely to be predicted by a third party as the number of oscillators increases, which may improve security. it can.

  In the information security system of the present invention, the correction means may be configured such that the selected signal path of the selected oscillator is not a predetermined reference signal path, and only one inverting circuit is different from the reference signal path. When the offset signal path is not an offset signal path, a reference value that is the average frequency related value when an oscillator having the same arrangement and wiring as the selected oscillator is oscillated in the reference signal path for the plurality of devices, An offset value that is a difference between the average frequency-related value and the reference value when an oscillator having the same arrangement and wiring as the selected oscillator is oscillated in the offset signal path for the device. The sum of the offset value and the reference value corresponding to an inverting circuit different from the reference signal path among the signal paths As means for deriving the corrected frequency-related value obtained by deriving the average frequency-related value corresponding to the selected signal path and correcting the acquired actual frequency-related value based on the derived average frequency-related value Also good. In this way, the average frequency related value of the signal path that is not the reference signal path and not the offset signal path can be derived by a simple process of calculating the sum of the reference value and the offset value. When the selected signal path of the selected oscillator is the offset signal path, the correction unit is configured to output the offset value corresponding to an inverting circuit different from the reference signal path among the selected signal paths. And the reference value is derived as the average frequency related value corresponding to the selected signal path, and the obtained actual frequency related value is corrected based on the derived average frequency related value. It may be a means for deriving a post-frequency related value.

  In the information security system of the present invention, the correction means may be configured such that the selected signal path of the selected oscillator is not a predetermined reference signal path, and only one inverting circuit is different from the reference signal path. When the offset signal path is not an offset signal path, a reference value that is the average frequency related value when an oscillator having the same arrangement and wiring as the selected oscillator is oscillated in the reference signal path for the plurality of devices, An offset value that is a ratio of the average frequency-related value and the reference value when an oscillator having the same arrangement and wiring as the selected oscillator for the device is oscillated in the offset signal path is used. Product of the offset value and the reference value corresponding to an inverting circuit different from the reference signal path among the signal paths As means for deriving the corrected frequency-related value obtained by deriving the average frequency-related value corresponding to the selected signal path and correcting the acquired actual frequency-related value based on the derived average frequency-related value Also good. In this way, the average frequency related value of the signal path that is neither the reference signal path nor the offset signal path can be derived by a simple process of taking the product of the reference value and the offset value. The offset value may be a value obtained by dividing the average frequency related value when an oscillator having the same arrangement and wiring as the selected oscillator for a plurality of the devices is oscillated in the offset signal path by the reference value. Good. Further, the correction means, when the selected signal path of the selected oscillator is the offset signal path, the offset value corresponding to an inverting circuit different from the reference signal path among the selected signal paths. And the reference value is derived as the average frequency-related value corresponding to the selected signal path, and the obtained actual frequency-related value is corrected based on the derived average frequency-related value. It may be a means for deriving a post-frequency related value.

  In the information security system of the present invention, the selection means is means for selecting two oscillators of the plurality of oscillators, and the acquisition means oscillates the two selected oscillators, and the two oscillators Means for obtaining the measured frequency-related value, which is a value based on a difference in frequency, and the correction means uses the obtained measured frequency-related value as the two selected oscillators for the plurality of devices. Means for deriving the corrected frequency-related value by correcting based on the average frequency-related value, which is a value based on an average difference between the frequencies of the two oscillators when the oscillators of the arrangement and wiring are oscillated It is good. This increases the number of oscillator selection patterns as compared to selecting only one oscillator. Since the corrected frequency-related value differs depending on the oscillator selection pattern, the greater the number of oscillator selection patterns, the less likely the corrected frequency-related value is predicted by a third party, thereby improving security. . The value based on the difference between the frequencies of the two oscillators may be, for example, the difference or ratio of the number of oscillations in a predetermined period, or the difference or ratio of the time required to oscillate a predetermined number of times. May be simultaneously oscillated and the other oscillation frequency when one oscillator oscillates a predetermined number of times may be used. The value based on the average difference between the frequencies of the two oscillators may be the average of the difference or ratio of the number of oscillations in the predetermined period of the two oscillators, or the difference or ratio of the time required to oscillate the predetermined number of times. Alternatively, the number of oscillations in a predetermined period or the time required to oscillate a predetermined number of times may be averaged over a plurality of devices for each of the two oscillators, and the average difference or ratio may be used. Alternatively, the value based on the average difference between the frequencies of the two oscillators is obtained by simultaneously oscillating the two oscillators and deriving the other number of oscillations for a plurality of devices when one oscillator oscillates a predetermined number of times. Also good.

  In the information security system of the present invention, the acquisition unit and the correction unit may be included in the host. In general, a device is often more limited than a host in terms of circuits and processing capabilities that can be mounted, and thus is highly meaningful.

  In the information security system of the present invention, eigenvalue storage means for storing the oscillator included in the device and the predetermined eigenvalue based on the specific oscillation frequency of the oscillator in association with each other, and the oscillator selected from the eigenvalue storage means Determining means for determining whether or not the device is normal based on whether or not the read eigenvalue matches the derived corrected frequency-related value. The eigenvalue storage means and the determination means may be included in the host. In this way, in order to determine whether or not the device is legitimate using the corrected frequency-related value with higher uniqueness, for example, whether the device is legitimate using the measured frequency-related value as it is. Compared with the case of determining whether or not, the accuracy of the determination is increased and the security is improved.

  In the information security system of the present invention, encrypted data output means for outputting, to the device, encrypted data encrypted based on the predetermined specific value based on the specific oscillation frequency of the selected oscillator in the device; Decryption means for decrypting the output encrypted data based on the derived corrected frequency-related value, and the encrypted data output means is included in the host, and the decryption means is provided by the device. It is good also as what it has. In this way, if the corrected frequency-related value with higher uniqueness does not match the eigenvalue, the encrypted data cannot be correctly decrypted. Can be prevented.

The host of the present invention is a host for exchanging information with a device including an oscillation circuit having a plurality of oscillators having unique oscillation frequencies caused by manufacturing variations,
An acquisition means for acquiring an actual measurement frequency related value based on a frequency of oscillation when at least one oscillator selected from the plurality of oscillators is oscillated;
The acquired actual measurement frequency related value is corrected based on an average frequency related value that is a value based on an average frequency when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Correction means for deriving a corrected frequency-related value;
It is equipped with.

  The host of the present invention exchanges information with a device having an oscillation circuit having a plurality of oscillators having unique oscillation frequencies caused by manufacturing variations. Specifically, first, an actually measured frequency-related value based on the oscillation frequency when at least one selected oscillator among the plurality of oscillators is oscillated is acquired. Subsequently, the obtained measured frequency-related value is corrected based on the average frequency-related value, which is a value based on the average frequency when the oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Derived frequency-related values after correction. In this way, by correcting the measured frequency-related value with the average frequency-related value, it is possible to remove the change in the oscillation frequency caused by the placement and wiring of the oscillator from the measured frequency-related value, making the device more unique. An enhanced corrected frequency-related value can be derived. In this host, various aspects of the host of the information security system described above may be adopted, and a configuration that realizes each function of the host of the information security system described above may be added.

The device of the present invention
An oscillation circuit having a plurality of oscillators with inherent oscillation frequencies due to manufacturing variations;
Selecting means for selecting at least one oscillator of the plurality of oscillators;
An acquisition means for oscillating the selected oscillator and acquiring an actually measured frequency-related value based on the frequency of the oscillation;
The acquired measured frequency-related value is corrected based on an average frequency-related value that is a value based on an average frequency when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. A correction means for deriving a frequency-related value after correction,
It is equipped with.

  The device of the present invention includes an oscillation circuit having a plurality of oscillators having inherent oscillation frequencies due to manufacturing variations. Then, at least one oscillator is selected from the plurality of oscillators, the selected oscillator is oscillated, and a measured frequency related value based on the frequency of the oscillation is acquired. Subsequently, the obtained measured frequency-related value is corrected based on the average frequency-related value, which is a value based on the average frequency when the oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Derived frequency-related values after correction. In this way, by correcting the measured frequency-related value with the average frequency-related value, it is possible to remove the change in the oscillation frequency caused by the placement and wiring of the oscillator from the measured frequency-related value, making the device more unique. An enhanced corrected frequency-related value can be derived. In this device, various aspects of the device of the information security system described above may be adopted, and a configuration that realizes each function of the device of the information security system described above may be added.

The host control method of the present invention includes:
A host control method for exchanging information with a device having an oscillation circuit having a plurality of oscillators having unique oscillation frequencies caused by manufacturing variations,
(A) obtaining an actually measured frequency-related value from the device based on the frequency of oscillation when at least one oscillator selected from the plurality of oscillators is oscillated;
(B) The obtained actual measurement frequency related value is based on an average frequency related value that is a value based on an average of frequencies when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Deriving a corrected frequency-related value corrected by
Is included.

  In this host control method of the present invention, at least one selected oscillator is oscillated among a plurality of oscillators in an oscillation circuit having a plurality of oscillators having inherent oscillation frequencies caused by manufacturing variations of the device. Acquire actual measurement frequency related value based on frequency of oscillation. Subsequently, the obtained measured frequency-related value is corrected based on the average frequency-related value, which is a value based on the average frequency when the oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Derived frequency-related values after correction. In this way, by correcting the measured frequency-related value with the average frequency-related value, the change in the oscillation frequency caused by the placement and wiring of the oscillator can be removed from the measured frequency-related value, making the oscillator more unique. An enhanced corrected frequency-related value can be derived. In this host control method, various aspects of the host of the information security system described above may be adopted, and steps for realizing the functions of the host of the information security system described above may be added. .

The device control method of the present invention includes:
A method for controlling a device including an oscillation circuit having a plurality of oscillators having inherent oscillation frequencies due to manufacturing variations,
(A) selecting at least one oscillator from the plurality of oscillators;
(B) oscillating the selected oscillator and obtaining a measured frequency related value based on the frequency of the oscillation;
(C) Based on an average frequency related value that is a value based on an average of frequencies when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated, the acquired actually measured frequency related value. Deriving a corrected frequency-related value corrected by
Is included.

  In this device control method of the present invention, at least one oscillator is selected from a plurality of oscillators in an oscillation circuit having a plurality of oscillators having inherent oscillation frequencies due to manufacturing variations of the device, and the selected oscillator is selected. And the measured frequency related value based on the frequency of the oscillation is acquired. Subsequently, the obtained measured frequency-related value is corrected based on the average frequency-related value, which is a value based on the average frequency when the oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Derived frequency-related values after correction. In this way, by correcting the measured frequency-related value with the average frequency-related value, the change in the oscillation frequency caused by the placement and wiring of the oscillator can be removed from the measured frequency-related value, making the oscillator more unique. An enhanced corrected frequency-related value can be derived. In this device control method, various aspects of the information security system device described above may be adopted, and steps for realizing each function of the information security system device described above may be added. .

  A first program of the present invention is for causing one or a plurality of computers to realize each step of the above-described host control method. If the first program is executed by the computer, the above-described host control method of the present invention is realized, so that the same effects as the host control method of the present invention can be obtained. The second program of the present invention is for causing one or more computers to realize the steps of the device control method described above. If the second program is executed by a computer, the device control method of the present invention described above is realized, and thus the same operational effects as those of the device control method of the present invention can be obtained. The first program and the second program may be recorded on a computer-readable recording medium (for example, hard disk, ROM, FD, CD, DVD, etc.), or a transmission medium (communication network such as the Internet or LAN). ) May be distributed from one computer to another via the Internet, or may be exchanged in any other form.

1 is a configuration diagram showing an outline of the configuration of an information security system 10. FIG. FIG. 2 is a configuration diagram showing an outline of the configuration of a PUF circuit 50. FIG. 3 is a configuration diagram showing an outline of the configuration of an oscillator 53. The flowchart which shows an example of an average value storage routine. 4 is an explanatory diagram showing an example of an average value table 46. FIG. The flowchart which shows an example of an eigenvalue storage routine. The flowchart which shows an example of a main average period derivation process. FIG. 6 is an explanatory diagram illustrating an example of a unique value table 47. A sequence showing a state of IC card authentication processing. The flowchart which shows an example of a determination process. 1 is a configuration diagram showing an outline of the configuration of an information security system 110. FIG. The sequence which shows the mode of a circuit data provision process. The flowchart which shows an example of a decoding process. The table which shows the difference rate D of the eigenvalue with a correction | amendment of Experimental example 1. FIG. 10 is a table showing a difference rate D of uncorrected eigenvalues in Experimental Example 1. The table which shows the difference rate D of the eigenvalue with a correction | amendment of Experimental example 2. FIG. The table which shows the difference rate D of the eigenvalue without correction of Experimental example 2. The table which shows the average value and standard deviation of measured oscillation frequency. The table which shows the average value and standard deviation of the oscillation frequency after correction.

[First Embodiment]
FIG. 1 is a configuration diagram showing an outline of a configuration of an information security system 10 according to the first embodiment. As illustrated, the information security system 10 includes an IC card 20, a card reader 30, and a server 40. The information security system 10 purchases ATM (Automated Teller Machine) services such as depositing and refunding cash and paid contents to a user who is the owner of the IC card 20 by using information stored in the IC card 20. It is an apparatus that provides a service such as a content purchase service. In the present embodiment, the information security system 10 provides an ATM (Automated Teller Machine) service.

  The IC card 20 is a cash card used for an ATM service, and includes an IC chip 21 configured as a microprocessor including a CPU, a ROM, a RAM, and the like. The IC chip 21 includes a control unit 22 that controls the entire IC chip 21, a storage unit 24 that stores various data such as an ID for identification of the IC card 20, and a PUF that outputs a unique value of the IC card 20. Circuit 50. In this embodiment, the IC card 20 is a contact type, but may be a non-contact type. Although not shown in the figure, there are a plurality of IC cards 20 having the same configuration, and each IC card 20 is owned by a different user.

  The PUF circuit 50 measures the value based on the oscillation frequency of the oscillator 53 by counting the oscillation frequency of the selected oscillator 53 by counting an oscillation circuit 52 including a plurality of oscillators 53, a selection circuit 54 for selecting the oscillator 53, and the selected oscillator 53. And a measurement circuit 56. FIG. 2 is a configuration diagram showing an outline of the configuration of the PUF circuit 50.

  In the oscillation circuit 52, five oscillators 53 of a first oscillator 53a to a fifth oscillator 53e each having a unique oscillation frequency due to manufacturing variations are arranged at predetermined positions, and predetermined wiring is performed. In the oscillation circuit 52, as shown in FIG. 2, the output units from the respective oscillators 53 are connected to the input units of the main oscillator selector 55a and the sub-oscillator selector 55b of the selection circuit 54 by wires.

  FIG. 3 is a configuration diagram showing an outline of the configuration of the oscillator 53. The internal configurations of the first oscillator 53a to the fifth oscillator 53e are the same. For this reason, FIG. 3 shows the configuration of one oscillator 53. The oscillator 53 includes six inverters 60 and three path selectors 66, and an odd number of stages (three stages in this embodiment) of inverters (NOT gates) 60 are connected in series in a ring shape. A plurality (two in this embodiment) of inverters 60 is configured as a ring oscillator connected in parallel. Specifically, the oscillator 53 includes a first inverter 61a and a second inverter 61b connected in parallel as the first-stage inverter 60, and a third inverter 62a connected in parallel as the second-stage inverter 60. A fourth inverter 62b is provided, and a fifth inverter 63a and a sixth inverter 63b connected in parallel as the third-stage inverter 60 are provided. The first inverter 61a to the sixth inverter 63b are inverting circuits that invert the output value with respect to the input value. The oscillator 53 includes a first path selector 66a, a second path selector 66b, and a third path selector 66c as three path selectors 66. The first path selector 66 a outputs any one output selected from the first-stage inverter 60 to the second-stage inverter 60. The input section of the first path selector 66a is connected to the first stage inverter 60, that is, the output sections of the first inverter 61a and the second inverter 61b by wiring, and the output section of the first path selector 66a has two stages. The first inverter 60, that is, the third inverter 62a and the input portion of the fourth inverter 62b are respectively connected by wiring. The second path selector 66b outputs any one output selected from the second-stage inverter 60 to the third-stage inverter 60. The input part of the second path selector 66b is connected to the second stage inverter 60, that is, the output parts of the third inverter 62a and the fourth inverter 62b by wiring, and the output part of the second path selector 66b is three stages. The input part of the inverter 60 of the eye, that is, the fifth inverter 63a and the sixth inverter 63b is connected by wiring. The third path selector 66c outputs any one output selected from the third-stage inverter 60 to the first-stage inverter 60. The input part of the third path selector 66c is connected to the output part of the third stage inverter 60, that is, the fifth inverter 63a and the sixth inverter 63b, respectively, and the output part of the third path selector 66c is one stage. The first inverter 61, that is, the input portions of the first inverter 61a and the second inverter 61b are respectively connected by wires. The output section of the third path selector 66c is also connected to the output section of the oscillator 53 by wiring, and the output section of the oscillator 53 is connected to the input sections of the main oscillator selector 55a and the sub oscillator selector 55b of the selection circuit 54, respectively. The wiring in the oscillation circuit 52 is made so as to be connected to (see FIG. 2). The first route selector 66a, the second route selector 66b, and the third route selector 66c are configured such that route selection signals p, q, and r are input from the control unit 22, respectively. The route selection signals p, q, r The inverter 60 selected at each stage is determined by the value of. Specifically, the first route selector 66a selects the first inverter 61a when the route selection signal p is 0, and selects the second inverter 61b when the value is 1. The second path selector 66b selects the third inverter 62a when the path selection signal q is 0, and selects the fourth inverter 62b when the value is 1. The third path selector 66c selects the fifth inverter 63a when the path selection signal r is 0, and selects the sixth inverter 63b when the path selection signal r is 1.

  The oscillator 53 can select a plurality of signal paths according to which one of the inverters 60 connected in parallel is selected as the path of each stage by using the path selection signals p, q, and r. A signal path of the oscillator 53 determined by the path selection signals p, q, r is referred to as a signal path W (p, q, r). Since the signal path W (p, q, r) selected by the path selection signals p, q, r is composed of three stages of inverters 60 connected in series, the output of the oscillator 53 oscillates at the oscillation frequency. To do. For example, consider a case where the signal path W (0, 0, 0), that is, the first inverter 61a, the third inverter 62a, and the fifth inverter 63a are selected and the input of the first inverter 61a is 0. In this case, the output of the first inverter 61a and the input of the third inverter 62a are the value 1, the output of the third inverter 62a and the input of the fifth inverter 63a are the value 0, the output of the fifth inverter 63a is the value 1, A value 1 is output from the oscillator 53. Further, since the value 1 which is the output of the fifth inverter 63a becomes the input of the first inverter 61a, the input of the first inverter 61a changes from the value 0 to the value 1. Then, the output of the first inverter 61a and the input of the third inverter 62a have a value of 0, the output of the third inverter 62a and the input of the fifth inverter 63a have a value of 1, the output of the fifth inverter 63a has a value of 0, and the oscillator The output of 53 has the value 0. In this way, the output of the oscillator 53 repeats the value 0 and the value 1, that is, oscillates. The oscillation frequency of the oscillator 53 is a value unique to each signal path resulting from manufacturing variations of the respective inverters 60 constituting the signal path W (p, q, r).

As shown in FIG. 2, the selection circuit 54 includes a main oscillator selector 55a and a sub oscillator selector 55b. In the main oscillator selector 55a, the output units of the first oscillator 53a to the fifth oscillator 53e drawn from the oscillation circuit 52 are connected to their input units by wiring, and their output units are connected to the first circuit of the measurement circuit 56. It is connected to the input part of the counter 57a by wiring. The main oscillator selector 55a outputs the output of any one of the first oscillator 53a to the fifth oscillator 53e to the first counter 57a of the measurement circuit 56.
The sub-oscillator selector 55b is configured such that each output unit of the first oscillator 53a to the fifth oscillator 53e drawn from the oscillation circuit 52 is connected to its own input unit by wiring, and its output unit is the second of the measurement circuit 56. It is connected to the input part of the counter 57b by wiring. The sub oscillator selector 55b outputs the output of any one of the first oscillator 53a to the fifth oscillator 53e selected to the second counter 57b of the measurement circuit 56. The oscillator 53 selected by the first counter 57a is referred to as a main oscillator, and the oscillator 53 selected by the second counter 57b is referred to as a sub oscillator. The main oscillator selector 55a and the sub oscillator selector 55b are configured such that the main oscillator selection signal k1 and the sub oscillator selection signal k2 are input from the control unit 22, respectively. The oscillator 53 selected by the value is determined. The main oscillator selection signal k1 and the sub-oscillator selection signal k2 have any one of values 1 to 5, and each correspond to the first oscillator 53a to the fifth oscillator 53e. Note that the main oscillator selection signal k1 and the sub oscillator selection signal k2 do not become the same value at the same time, and different oscillators 53 are selected as the main oscillator and the sub oscillator.

  The measurement circuit 56 includes a first counter 57a, a second counter 57b, and an output determination unit 58. The first counter 57a has its own input unit connected to the output unit of the main oscillator selector 55a by wiring and its own output unit connected to the input unit of the output determination unit 58 by wiring.

  The first counter 57a counts the number of oscillations of the output signal of the main oscillator (for example, the number of rising edges of the signal) input via the main oscillator selector 55a, and outputs the count number to the output determination unit 58. The second counter 57b has its own input unit connected to the output unit of the sub-oscillator selector 55b by wiring, and its own output unit connected to the input unit of the output determination unit 58 by wiring. The second counter 57b counts the number of oscillations of the output signal of the sub-oscillator input via the sub-oscillator selector 55b, and outputs the count to the output determination unit 58.

  The output determination unit 58 has its own input unit connected to the output units of the first counter 57 a and the second counter 57 b by wiring, and its output unit is connected to the control unit 22. When the count number of the first counter 57a is input, the output determination unit 58 derives the oscillation period of the main oscillator from the timing at which the count number changes, and the derived oscillation period is determined as the actual measurement period T (k, p, q, r). The actual measurement period T (k, p, q, r) means an actual measurement value of the oscillation period when the oscillator 53 corresponding to the oscillator number k is oscillated through the signal path W (p, q, r). The oscillator number k is one of values 1 to 5 and corresponds to the first oscillator 53a to the fifth oscillator 53e, respectively. As described above, the oscillation frequency of the oscillator 53 becomes a value unique to each signal path resulting from manufacturing variations of the respective inverters 60 constituting the signal path W (p, q, r). p, q, r) is also a unique value corresponding to the oscillator number k and the path selection signals p, q, r. Further, the output determination unit 58 receives the count numbers of the first counter 57a and the second counter 57b, and the input count number of the second counter 57b is a predetermined count value Cp (for example, a hexadecimal number × 4 digit notation). 8000), the count number of the first counter 57a is output to the control unit 22 as an actual count value C. Here, the main oscillator determined by the main oscillator selection signal k1 is a main signal path W (p1, q1, r1) determined by the main oscillator path selection signals p, q, r (hereinafter referred to as main path selection signals p1, q1, r1). The oscillation frequency when oscillating at r1) is f1, and the sub-oscillator determined by the sub-oscillator selection signal k2 is a sub-oscillator path selection signal p, q, r (hereinafter referred to as sub-path selection signals p2, q2, r2). Assuming that the oscillation frequency when oscillating in the sub-signal path W (p2, q2, r2) determined by is f2, the actually measured count value C is a value represented by the following equation (1). Here, the oscillation frequency f1 is a specific value corresponding to the main oscillator selection signal k1 and the main path selection signals p1, q1, and r1, and the oscillation frequency f2 is the sub-oscillator selection signal k2 and the subpath selection signals p2, q2, and r2. Since the measured count value C is a corresponding unique value, the oscillation frequency f1 is the main oscillator selection signal k1, the main path selection signals p1, q1, r1, the sub oscillator selection signal k2, the sub path selection signals p2, q2, r2. It is a unique value corresponding to the combination. A combination of the main oscillator selection signal k1, the main path selection signals p1, q1, and r1, the sub oscillator selection signal k2, and the sub path selection signals p2, q2, and r2 is referred to as a challenge CH. The first counter 57a outputs the count number as a gray code to the output determination unit 58, and the output determination unit 58 outputs an actual count value C obtained by converting the gray code into a normal binary code. . In this way, the error of the actually measured count value C can be suppressed to a maximum value of 1 without synchronizing the output of the first counter 57a and the output of the second counter 57b.

C = f1 / f2 × Cp (1)

  Here, the reason why the oscillation frequency becomes a unique value for each oscillator 53 and each signal path W (p, q, r) will be described in detail. The six inverters 60 constituting the oscillator 53 are the same, and the rated value (for example, 170 MHz) of the oscillation frequency of the oscillator 53 is the same regardless of which signal path W (p, q, r) is selected. is there. Similarly, since the internal configurations of the first oscillator 53a to the fifth oscillator 53e are the same, the rated value of the oscillation frequency is the same. However, a slight difference occurs in the delay time of the inverter 60 due to variations in the manufacturing of the inverter 60, so in practice every first oscillator 53a to fifth oscillator 53e and every signal path W (p, q, r). A difference occurs in the oscillation frequency. This variation is, for example, about several percent or less of the rated value of the oscillation frequency. In addition, even if the internal configuration is the same, the delay time varies depending on the arrangement and wiring of the oscillator 53, so that the oscillation frequency also varies. Note that the difference in the arrangement and wiring of the oscillator 53 includes the arrangement of circuits and elements in the oscillator and the wiring in the oscillator. For example, in the oscillation for each signal path W (p, q, r) in the oscillator 53. For example, the arrangement and wiring of the inverter 60 used are different. Specifically, for example, in the signal path W (0, 0, 0), the third stage inverter 60 is the fifth inverter 63a, whereas in the signal path W (0, 0, 1), the third stage inverter. Since 60 is the sixth inverter 63b, the arrangement of the third stage inverter 60 used for oscillation, the wiring from the second path selector 66b to the third stage inverter 60, and the third stage inverter 60 to the third path selector Even in the same oscillator 53, such as the wiring up to 66c, the oscillation frequency varies depending on the signal path W (p, q, r). For example, even if the first oscillator 53a and the second oscillator 53b have the same signal path W (0, 0, 0), the lengths of the wires constituting the signal path are different. Even in the signal path, a difference occurs in the oscillation frequency. Oscillator 53 is unique to each of first to fifth oscillators 53a to 53e and to each signal path W (p, q, r) due to such variations in manufacturing of inverter 60 and differences in the arrangement and wiring of oscillator 53. It oscillates at the oscillation frequency.

  The card reader 30 is connected to the server 40 via the network 11 and functions as a terminal of the server 40. The card reader 30 includes a control unit 32 that controls the entire card reader 30, a storage unit 34 that stores various data, and a card slot 36 into which the IC card 20 can be inserted. The card reader 30 exchanges data with the server 40 via the network 11 and exchanges data with the IC card 20 inserted into the card slot 36.

  The server 40 determines whether or not the IC card 20 is a regular card, and includes a control unit 41 that controls the entire server 40 and a storage unit 45 that stores various data. The control unit 41 includes an acquisition unit 42, a correction unit 43, and a determination unit 44, and the storage unit 45 includes an average value table 46 and an eigenvalue table 47. The acquisition unit 42 has a function of oscillating the main oscillator and the sub-oscillator of the IC card 20 and acquiring the above-described actual count value C that is a value based on the difference between the oscillation frequencies. The correction unit 43 has an average difference between the frequencies of the two oscillators 53 when the oscillators 53 having the same arrangement and wiring as the main oscillator and the sub-oscillator that have obtained the actual count values C for the plurality of IC cards 20 are oscillated. A function of deriving the corrected count value Cc by deriving the value based on the average value table 46 and correcting the actual count value C acquired by the acquisition unit 42 based on the value derived from the average value table 46. . The determination unit 44 reads the eigenvalue I corresponding to the main oscillator and the sub-oscillator of the IC card 20 from the eigenvalue table 47, and determines whether the IC card 20 is normal depending on whether or not the read eigenvalue I matches the corrected count value C. It has a function of determining whether or not it is a thing. The average value table 46 is a table that stores values used by the correction unit 43 to correct the actually measured count value C in association with each oscillator 53. The eigenvalue table 47 associates the combination of the main oscillator, main signal path, sub-oscillator, and sub-signal path of the IC card 20 with a predetermined eigenvalue I based on the specific oscillation frequency of the main oscillator and the sub-oscillator. It is a stored table.

  Next, the operation of the information security system 10 configured as described above will be described. First, the process in which the server 40 creates the average value table 46 and the eigenvalue table 47 and stores them in the storage unit 45 will be described, and then the operation of the entire information security system 10 will be described.

  First, the process in which the server 40 creates the average value table 46 in advance and stores it in the storage unit 45 will be described. FIG. 4 is a flowchart showing an example of the average value storage routine. In this routine, a plurality (for example, several hundred to several tens of thousands) of IC cards 20 are prepared, the IC chip 21 of the prepared IC card 20 and the server 40 are connected, and the control unit 41 of the server 40 establishes the network 11. This is executed by the control unit 41 after making it possible to directly exchange information with a plurality of IC cards 20 without intervention. This average value storage routine is executed in advance before distributing the IC card 20 to the user. This average value storage routine acquires and stores an average value as a value from which a change in the oscillation frequency due to the placement and wiring of the oscillator 53 can be removed. Therefore, the IC card 20 used in this routine may be an IC card having the same configuration including the placement and wiring of the oscillator 53 and the IC card 20 constituting the information security system 10, and the IC card constituting the information security system 10 is not necessarily used. It need not be the card 20, that is, the IC card 20 to be distributed to the user later. Therefore, for example, the average value storage routine may be executed before the IC card 20 constituting the information security system 10 is manufactured or before the server 40 is connected to the network 11.

  When this average value storage routine is executed, the control unit 41 first sets one of the connected IC cards 20 as a processing target IC card (step S200). Subsequently, the oscillator number k is set to a value 1 (step S205), and the actual measurement period T (k, 0, 0, 0), T (k, 1, 0, 0), T (k, 0, 1, 0). ), T (k, 0, 0, 1) are acquired (step S210). The actual measurement period T (k, p, q, r) is an actual measurement value of the oscillation period when the oscillator 53 corresponding to the oscillator number k is oscillated in the signal path W (p, q, r) as described above. . The signal path W (0, 0, 0) is a reference signal path, the signal paths W (1, 0, 0), W (0, 1, 0), and W (0, 0, 1) are offset signal paths. Called. The offset signal path is a signal path in which only one value of the path selection signals p, q, r is different from that of the reference signal path. In other words, the offset signal path is a signal path in which only one inverter 60 is different from the reference signal path. In the present embodiment, for example, the actual measurement period T (k, 0, 0, 0) is acquired as follows. The acquisition unit 42 transmits the value k as the main oscillator selection signal k1 and the values 0, 0, 0 as the main path selection signals p1, q1, and r1 to the control unit 22, and the corresponding measurement cycle T (k , 0, 0, 0), the acquisition unit 42 controls the control unit 22. In response to this, the control unit 22 sets the transmitted main oscillator selection signal k1 in the main oscillator selector 55a, and sets the main path selection signals p1, q1, and r1 in the path selector 66 of the main oscillator. When the measurement period T (k, 0, 0, 0) corresponding to the main oscillator selection signal k1 and the path selection signals p, q, r is output from the output determination unit 58, the control unit 22 acquires this. 42, and the acquisition unit 42 acquires the actual measurement cycle T (k, 0, 0, 0). The main route selection signals p1, q1,... Are also measured for the actual measurement periods T (k, 1, 0, 0), T (k, 0, 1, 0), T (k, 0, 0, 1). It was obtained in the same manner except that the value of r1 was different. Note that the measurement period is not measured for the signal path W (p, q, r) that is neither the reference signal path nor the offset signal path. This is because, in the processing described later, it is set so that the average value of such a path is obtained by calculation from the average value of the actual measurement period T of the reference signal path and the average value of the actual measurement period T of the offset signal path. is there.

  Subsequently, the control unit 41 determines whether or not the oscillator number k is an upper limit value (value 5 in the present embodiment) (step S215). If the oscillator number k is not the upper limit value, the oscillator number k is set to a value of 1. Increment (step S220), the processing after step S210 is performed. As a result, for the first oscillator 53a to the fifth oscillator 53e, the actual measurement periods T (k, 0, 0, 0), T (k, 1, 0, 0), T (k, 0, 1, 0), T (k, 0, 0, 1) is acquired sequentially. On the other hand, when the oscillator number k is the upper limit value in step S215, it is determined whether there is an unprocessed IC card 20 among the plurality of connected IC cards 20 (step S225). When there is an unprocessed IC card 20, the processes after step S200 are performed. As a result, the actual measurement period T is sequentially acquired for all the IC cards 20 connected to the server 40.

  If there is no unprocessed IC card 20 in step S225, the oscillator number k is set to the value 1 (step S230), and the actual measurement period T (k, 0, 0) acquired for the plurality of IC cards 20 connected to the server 40 is set. , 0), T (k, 1, 0, 0), T (k, 0, 1, 0), and T (k, 0, 0, 1) are averaged periods Tave (k, 0) , 0, 0), Tave (k, 1, 0, 0), Tave (k, 0, 1, 0), Tave (k, 0, 0, 1) are derived (step S235). For example, when the measurement cycle T is measured for a thousand IC cards 20, the average value of the thousand measurement cycles T (k, 0, 0, 0) is calculated as the average cycle Tave (k, 0, 0, 0). The same applies to the average period Tave (k, 1, 0, 0), Tave (k, 0, 1, 0), Tave (k, 0, 0, 1).

  Then, the control unit 41 stores the derived average period Tave (k, 0, 0, 0) in the storage unit 45 as the average value table 46 in association with the oscillator number k as the reference value Tb (k) (step S240). ). Subsequently, offset values To (k, 1, 0, 0), To (k, 0, 1, 0), To (k, 0, 0, 1) derived from the following equations (2) to (4). Are associated with the oscillator number k and stored in the storage unit 45 as the average value table 46 (step S245). As can be seen from the equations (2) to (4), the offset values To (k, 1, 0, 0), To (k, 0, 1, 0), To (k, 0, 0, 1) are , Respectively, is the difference between the average period Tave (k, 1, 0, 0), Tave (k, 0, 1, 0), Tave (k, 0, 0, 1) and the reference value Tb (k). Then, it is determined whether or not the oscillator number k is an upper limit value (value 5 in this embodiment) (step S250). If the oscillator number k is not the upper limit value, the oscillator number k is incremented by 1 (step S255). ), The process after step S235 is performed. On the other hand, when the oscillator number k is the upper limit value in step S250, this routine ends.

To (k, 1, 0, 0) = Tave (k, 1, 0, 0) −Tb (k) (2)
To (k, 0, 1, 0) = Tave (k, 0, 1, 0) −Tb (k) (3)
To (k, 0, 0, 1) = Tave (k, 0, 0, 1) −Tb (k) (4)

  By executing the average value storage routine in this way, the average value table 46 is created and stored in the storage unit 45. FIG. 5 is an explanatory diagram showing an example of the average value table 46. As shown in this figure, in the average value table 46, the reference value Tb (k), offset value To (k, 1, 0, 0), To (k, 0, 1, 0) and To (k, 0, 0, 1) are associated with each other. Here, as described above, the reference value Tb (k) is an oscillation period T (k, 0, 0, 0) when the oscillator 53 corresponding to the oscillator number k is oscillated in the reference signal path. It is the value measured and averaged for 20. If the same signal path and the same oscillator 53 are used, the change in the oscillation frequency caused by the placement and wiring of the oscillator 53 is almost the same in any IC card 20, whereas the change in the oscillation frequency caused by manufacturing variations. The minutes differ for each IC card 20. For this reason, the reference value Tb (k), which is the average value of the oscillation period T (k, 0, 0, 0), cancels out the changes in the oscillation frequency due to manufacturing variations, resulting from the placement and wiring of the oscillator 53. This value remains the effect of the change in oscillation frequency. As described above, the average period Tave (k, p, q, r), which is an average value of the oscillation periods, is determined by the rated value of the oscillation frequency and the change in the oscillation frequency caused by the placement and wiring of the oscillator 53. It becomes a fixed value. The offset value To (k, 1, 0, 0) is the difference between the average period Tave (k, 1, 0, 0) and the reference value Tb (k), and the signal path is the signal path W (1 , 0, 0) or the signal path W (0, 0, 0) is different, the value corresponding to the difference in oscillation frequency due to this difference is the offset value To (k, 1, 0, 0). ) Specifically, the wiring used as a signal path differs depending on whether the second inverter 61b is selected as the first-stage inverter 60 of the oscillator 53 and when the first inverter 61a is selected. A value corresponding to the difference in the determined delay time is the offset value To (k, 1, 0, 0). For example, as the wiring from the output of the third path selector 66c to the input of the second inverter 61b is longer than the wiring from the output of the third path selector 66c to the input of the first inverter 61a, the average period Tave (k, 1 , 0, 0) is larger than the reference value Tb (k), and the offset value To (k, 1, 0, 0) is also larger. Similarly, a value corresponding to a difference in oscillation frequency due to a difference between whether the signal path is the signal path W (0, 1, 0) or the signal path W (0, 0, 0) is an offset value To ( k, 0, 1, 0), corresponding to the difference in oscillation frequency due to the difference between the signal path W (0, 0, 1) and the signal path W (0, 0, 0). The value to be used is the offset value To (k, 0, 0, 1).

  Next, processing in which the server 40 stores the eigenvalue table 47 in advance will be described. FIG. 6 is a flowchart showing an example of the eigenvalue storage routine. This routine is executed after the IC card 20 constituting the information security system 10 is manufactured and before the IC card 20 is distributed to the user. Also, this routine connects the IC chip 21 of the IC card 20 distributed to the user and the server 40 so that the control unit 41 of the server 40 can directly exchange information with the plurality of IC cards 20 without going through the network 11. It is executed by the control unit 41 after making the state. Note that the eigenvalue storage routine may be executed before the server 40 is connected to the network 11. Further, before executing the eigenvalue storage routine, the average value table storage routine is executed, and the average value table 46 is created.

  When this eigenvalue storage routine is executed, the control unit 41 first sets one of the IC cards 20 connected to the server 40 as the IC card to be processed (step S300), and the IC card 20 to be processed. ID is acquired (step S305). Specifically, the control unit 41 controls the control unit 22 to transmit the ID stored in the storage unit 24 of the processing target IC card 20, and acquires the ID transmitted from the control unit 22. Subsequently, the challenge CH to be processed is set, that is, the main oscillator selection signal k1, the main path selection signals p1, q1, r1, the sub oscillator selection signal k2, the sub path selection signals p2, q2, r2 are set (step S310). ). Here, in the present embodiment, there are 20 combinations of the main oscillator selection signal k1 and the sub oscillator selection signal k2, and the main path selection signal p1 for one combination of the main oscillator selection signal k1 and the sub oscillator selection signal k2. , Q1, r1 and 8 combinations of sub-path selection signals p2, q2, r2, there are 20 × 8 × 8 = 1280 challenge CHs. In step S310, one of the 1280 challenge CHs that have not been processed is set as the challenge CH to be processed.

  Subsequently, the control unit 41 acquires an actual measurement count value C corresponding to the challenge CH to be processed from the IC card 20 (step S315). Specifically, this processing is performed as follows. First, the acquisition unit 42 instructs the control unit 22 to transmit the challenge CH to be processed to the control unit 22 of the IC card 20 to be processed and to transmit the actual count value C corresponding to the challenge CH to the server 40. In response to this, the control unit 22 sets the main oscillator selection signal k1 included in the transmitted challenge CH to the main oscillator selector 55a, sets the sub oscillator selection signal k2 to the sub oscillator selector 55b, and sets the main path selection signal. p1, q1, r1, and sub-path selection signals p2, q2, r2 are set in the path selector 66 of the main oscillator and the sub-oscillator, respectively. Then, when the actual measurement count value C corresponding to the challenge CH is output from the output determination unit 58, the control unit 22 transmits this to the acquisition unit 42, and the acquisition unit 42 acquires the actual measurement count value C.

  Next, the correction unit 43 of the control unit 41 derives an average period Tave (k1, p1, q1, r1) corresponding to the main oscillator selection signal k1, main path selection signals p1, q1, r1 of the challenge CH to be processed. The main average period deriving process is performed (step S320). The average period Tave (k1, p1, q1, r1) is also referred to as a main average period T1ave. Here, the description of the eigenvalue storage routine will be interrupted, and the main average period derivation process will be described. FIG. 7 is a flowchart illustrating an example of the main average period derivation process.

  In the main average period deriving process, the correction unit 43 first determines whether or not the main signal path W (p1, q1, r1) is the reference signal path (step S400). In the present embodiment, since the reference signal path is the signal path W (0, 0, 0), it is determined whether or not the main path selection signals p1, q1, and r1 are all zero. When the main signal path W (p1, q1, r1) is the reference signal path, the value of the reference value Tb (k1) stored in the average value table 46 is derived as the main average period T1ave (step S410). Then, the main average period deriving process is terminated. As described in the average value storage routine, since the reference value Tb (k1) is the average period Tave (k1, 0, 0, 0), the main signal path W (p1, q1, r1) is the reference signal path. The reference value Tb (k1) is used as T1ave as it is.

  On the other hand, when it is determined in step S400 that the main signal path W (p1, q1, r1) is not the reference signal path, the correction unit 43 determines whether the main signal path W (p1, q1, r1) is the offset signal path. Is determined (step S420). In this embodiment, since the offset signal paths are signal paths W (1, 0, 0), W (0, 1, 0), W (0, 0, 1), the main path selection signals p1, q1, r1 Is a value (1, 0, 0), a value (0, 1, 0), or a value (0, 0, 1). When the main signal path W (p1, q1, r1) is an offset signal path, the reference value Tb (k1) stored in the average value table 46 and the offset value To (k1, p1, q1, r1) The sum is derived as the main average period T1ave (step S430), and the main average period deriving process is terminated. As described in the average value storage routine, the offset values To (k1, 1, 0, 0), To (k1, 0, 1, 0), and To (k1, 0, 0, 1) are average cycles Tave ( k1, 1, 0, 0), Tave (k 1, 0, 1, 0), Tave (k 1, 0, 0, 1) and the difference between the reference value Tb (k 1) and the main signal path W (p 1 , Q1, r1) is the offset signal path, the main average period T1ave is derived in this way.

  When the main signal path W (p1, q1, r1) is not the offset signal path in step S420, the correction unit 43 determines whether or not the main path selection signal p1 is 0 (step S440). When the route selection signal p1 is not 0, the offset value To (k1, p1, 0, 0) stored in the average value table 46 is read (step S445). Subsequently, when the main route selection signal p1 is 0 or after reading the offset value To (k1, p1, 0, 0), it is determined whether the main route selection signal q1 is 0 (step) S450), when the main route selection signal q1 is not 0, the offset value To (k1, 0, q1, 0) stored in the average value table 46 is read (step S455). Next, when the main route selection signal q1 is 0 or after reading the offset value To (k1, 0, q1, 0), it is determined whether or not the main route selection signal r1 is 0 (Step S1). S460) When the main route selection signal r1 is not 0, the offset value To (k1, 0, 0, r1) stored in the average value table 46 is read (step S465). Then, when the main route selection signal r1 is 0 or after reading the offset value To (k1, 0, 0, r1), the offset values To (k1, p1, 0, 0), To (k1, 0, q1, 0), To (k1, 0, 0, r1), the sum of the offset value read in steps S445, S455, and S465 and the reference value Tb (k1) is derived as the main average period T1ave ( Step S470), the main average period deriving process is terminated. Thus, when the main signal path W (p1, q1, r1) is neither the reference signal path nor the offset signal path, the main path selection signals p1, q1, r1 have values different from the reference signal path, that is, not the value 0. The offset value corresponding to the main route selection signal that is not 0 is read from the average value table 46, and the sum of the read offset value and the reference value Tb (k1) is derived as the main average period T1ave. .

  Here, the reason why the main average period T1ave is derived in this way will be described. For example, when the average period Tave (k1, 1, 1, 0) is compared with the average period Tave (k1, 0, 0, 0), both indicate whether the first inverter 60 of the oscillator 53 is the second inverter 61b. There is a difference whether it is the first inverter 61a and a difference that the second-stage inverter 60 is the fourth inverter 62b or the third inverter 62a. Therefore, an offset value To (k1, 1, 0, 0) that is a value corresponding to a difference in oscillation frequency depending on whether the first-stage inverter 60 is the second inverter 61b or the first inverter 61a; An offset value To (k1, 0, 1, 0) that is a value corresponding to the difference in oscillation frequency depending on whether the second-stage inverter 60 is the fourth inverter 62b or the third inverter 62a is a reference value. It is considered that a value approximate to the average period Tave (k1, 1, 1, 0) can be obtained by summing up Tb (k1). As described above, when the main signal path W (p1, q1, r1) is neither the reference signal path nor the offset signal path, the average period Tave (k1, p1, q1) is calculated using the offset value To and the reference value Tb (k1). , R1), the measurement period T (k, p, q, r) and the average period Tave (k, p, q, r) are derived in advance for all signal paths p, q, r. Compared to the case where the average value table 46 is stored, the time required to create the average value table 46 is shortened and the data amount of the average value table 46 is reduced. This is why the measurement cycle is not measured for the signal path W (p, q, r) that is not the reference signal path and is not the offset signal path in the average value storage routine.

  Returning to the eigenvalue storage routine of FIG. When the main average period T1ave is derived in step S320, the correction unit 43 of the control unit 41 calculates the average period Tave (k2, k2) corresponding to the sub-oscillator selection signal k2, sub-path selection signals p2, q2, r2 of the challenge CH to be processed. p2, q2, r2) (also referred to as sub-average period T2ave) is derived (step S325). This process is performed in the same manner as the main average period derivation process described with reference to FIG. That is, when the sub signal path W (p2, q2, r2) is the reference signal path, the value of the reference value Tb (k2) is derived as the sub average period T2ave, and the sub signal path W (p2, q2, r2) is In the case of the offset signal path, the sum of the value of the reference value Tb (k2) and the offset value To (k2, p2, q2, r2) is derived as the sub average period T2ave. Also, when the sub signal path W (p2, q2, r2) is neither the reference signal path nor the offset signal path, the sub path selection signals p2, q2, r2 have values different from the reference signal path, that is, those not having the value 0. The offset value corresponding to the sub route selection signal that is not 0 is read from the average value table 46, and the sum of the read offset value and the reference value Tb (k1) is derived as the sub average period T1ave.

  Subsequently, the correction unit 43 of the control unit 41 derives a correction value Cave for correcting the actual measurement count value C acquired in step S315 by the following equation (5) (step S330). Here, T2ave / T1ave in Equation (5) corresponds to the average value of f1 / f2 in Equation (1). In other words, the correction value Cave corresponds to a value obtained by obtaining the measured count values C corresponding to the same challenge CH for a plurality of IC cards 20 and averaging them. Then, when the correction value Cave is derived, the correction unit 43 of the control unit 41 derives the corrected count value Cc obtained by correcting the actual count value C acquired in Step S315 using the correction value Cave, using Expression (6) ( Step S335). As can be seen from Equation (6), the corrected count value Cc is the difference between the actually measured count value C and the correction value Cave. Here, the correction value Cave is a value corresponding to the average of the actually measured count value C, and similarly to the average period Tave (k, p, q, r) with respect to the actually measured period T (k, p, q, r), The change in the oscillation frequency due to the manufacturing variation of the oscillator 53 is canceled out from the actually measured count value C, and the influence of the change in the oscillation frequency due to the placement and wiring of the oscillator 53 remains. Therefore, the corrected count value Cc, which is the difference between the actually measured count value C and the correction value Cave, is obtained by removing the change in the oscillation frequency caused by the placement and wiring of the oscillator 53 from the actually measured count value C. This value represents a change in the oscillation frequency due to the variation. More specifically, the corrected count value Cc is a manufacturing variation of a portion related to the main signal path of the main oscillator and the sub signal path of the sub oscillator determined by the challenge CH to be processed of the oscillator 53 in the IC card 20 to be processed. The value is determined by the change in the oscillation frequency due to the above. Since this manufacturing variation is unique to the IC card 20, the corrected count value Cc is a unique value of the IC card 20, and this value is used to determine whether the IC card 20 is genuine. Judgment can be made.

Cave = T2ave / T1ave × Cp (5)
Cc = C-Cave (6)

  Next, the control unit 41 determines whether or not the corrected count value Cc is 0 or more (step S340). When the corrected count value Cc is greater than or equal to 0, the eigenvalue I is set to the value 1, and the eigenvalue I is associated with the ID acquired in step S305 and the challenge CH set in step S310 and stored as an eigenvalue table. (Step S345). On the other hand, when the corrected count value Cc is not equal to or greater than 0, the unique value I is set to 0, and the unique value I is associated with the ID acquired in step S305 and the challenge CH set in step S310 and stored as the unique value table 47. (Step S350). Since this unique value I is a unique value corresponding to the challenge CH in the IC card 20 to be processed, when it is later determined whether or not the IC card 20 is genuine, the unique value I stored here is used. The determination can be made depending on whether or not the same value is derived from the IC card 20 to be determined.

  Here, the reason why not the corrected count value Cc itself but a value corresponding to whether or not the corrected count value Cc is equal to or greater than 0 is stored as the eigenvalue I will be described. When the measured count value C corresponding to the same challenge CH for the same IC card 20 is acquired from the PUF circuit 50, the measured count value C is ideally always the same value, but in reality, it is slightly affected by errors, noise, and the like. A different value may be acquired as the actually measured count value C. For this reason, if it is determined whether or not the IC card 20 is a genuine card depending on whether or not the same value as the corrected count value Cc obtained in advance in the eigenvalue storage routine is obtained, errors or Depending on the magnitude of noise, the same value may not be obtained and correct determination may not be possible. Therefore, a value indicating whether or not the corrected count value Cc is equal to or greater than 0 is set as the eigenvalue I, in other words, the binarized value of the corrected count value Cc is set as the eigenvalue I and stored in advance even if there is an error. The same value as the eigenvalue I is obtained. For this reason, the value according to whether or not the corrected count value Cc is equal to or greater than 0 is stored as the eigenvalue I in the present embodiment. Here, if the absolute value of the corrected count value Cc is smaller than or equal to the error or noise, binarization such that the eigenvalue I does not become the same value due to error or noise even if binarization is performed. The stability of the eigenvalue I may decrease. As a method of dealing with such a case, for example, when the absolute value of the corrected count value Cc derived in step S335 is equal to or less than a predetermined threshold, the challenge CH to be processed outputs an unstable eigenvalue I, and thus authentication. Considering that it is not suitable for the use, it is good also as not storing in the eigenvalue table in step S345 or S350. By doing so, it is possible to prevent the use of a challenge CH that generates an unstable eigenvalue I at the time of authentication and improve the stability of authentication. If the corrected count value Cc is binarized as the eigenvalue I, the same value as the prestored eigenvalue I is more likely to coincide with the value obtained from the IC card 20 that is not a regular card. Although there is a problem, this problem can be solved by setting a plurality of challenge CHs and determining whether or not the IC card 20 is a regular card based on whether or not all the plurality of eigenvalues I match.

  When the eigenvalue I is stored in step S345 or step S350, it is determined whether there is an unprocessed challenge CH (step S355). Then, when there is an unprocessed challenge CH, the processing from step S310 is performed. On the other hand, when there is no unprocessed challenge CH, it is determined whether there is an unprocessed IC card 20 among the plurality of connected IC cards 20 (step S269). When there is an unprocessed IC card 20, the processes after step S300 are performed. When there is no unprocessed IC card 20, this routine is finished. By executing this eigenvalue storage routine, an eigenvalue table 47 that is a table of eigenvalues I for all IC cards 20 connected to the server 40 is created and stored in the storage unit 45. FIG. 8 is an explanatory diagram showing an example of the eigenvalue table 47. As shown in this figure, in the unique value table 47, the ID and challenge CH of the IC card 20 and the unique value I are associated with each other. As described above, since there are 1280 combinations of challenge CHs in this embodiment, there are 1280 unique values I for one ID of the IC card 20.

  Next, an operation of the information security system 10, particularly an operation when the server 40 determines whether or not the IC card 20 inserted into the card slot 36 of the card reader 30 is a regular card will be described. FIG. 9 is a sequence showing a state of the IC card authentication process. This process is started when the card reader 30 detects that the IC card 20 has been inserted into the card slot 36.

  When the IC card authentication process is started, first, the control unit 32 of the card reader 30 transmits an ID transmission request to the IC card 20 inserted into the card slot 36 (step S500). Subsequently, the control unit 22 of the IC card 20 that has received this transmission request reads out its own ID from the storage unit 24 and transmits it to the card reader 30 (step S505). Then, the control unit 32 transmits the ID received from the IC card 20 to the server 40 (step S510).

  When receiving the ID, the control unit 41 of the server 40 determines a challenge CH used for determining whether or not the current IC card 20 is a regular card (step S515). In the present embodiment, the control unit 41 randomly selects 128 challenge CHs out of 1280 challenge CHs and determines them as challenge CHs used for determination. Subsequently, the control unit 41 reads the eigenvalue I corresponding to the received ID and the determined challenge CH from the eigenvalue table 47 (step S520). Since the determined challenge CH is 128, 128 unique values I are read from the unique value table 47.

  Subsequently, the control unit 41 derives a correction value Cave corresponding to the determined challenge CH (step S525). This correction value Cave is the same as the correction value Cave described in step S330 of the eigenvalue storage routine of FIG. Therefore, each correction value Cave corresponding to 128 challenge CHs is derived by the same process as the process of steps S320 to S330 of the eigenvalue storage routine described above.

  Then, the control unit 41 stores the challenge CH determined in step S515, the eigenvalue I read in step S520, and the correction value Cave derived in step S525 in association with each other in the storage unit 45 (step S530). The 128 challenge CHs are transmitted to the card reader 30 (step S535). The control unit 32 of the card reader 30 transmits the challenge CH transmitted from the server 40 to the IC card 20 (step S540).

  When the challenge CH is transmitted from the card reader 30, the control unit 22 of the IC card 20 acquires the actually measured count value C corresponding to the transmitted 128 challenge CHs (step S545). Specifically, first, the control unit 22 sets the main oscillator selection signal k1 included in the transmitted challenge CH to the main oscillator selector 55a, sets the sub oscillator selection signal k2 to the sub oscillator selector 55b, and sets the main path. The selection signals p1, q1, r1 and the sub path selection signals p2, q2, r2 are set in the path selector 66 of the main oscillator and the sub oscillator, respectively. Then, the control unit 22 acquires an actual measurement count value C corresponding to the challenge CH from the output determination unit 58. This process is performed for each of the 128 challenge CHs, and 128 actually measured count values C are acquired.

  When the actual count value C is acquired, the control unit 22 transmits the challenge CH and the actual count value C in association with each other to the card reader 30 (step S550). The control unit 32 of the card reader 30 transmits the challenge CH transmitted from the IC card 20 to the server 40 (step S555).

  When the challenge CH and the actual count value C are transmitted from the card reader 30, the control unit 41 of the server 40 stores the challenge CH and the actual count value C in association with each other in the storage unit 45 (step S560). ). Through this process and step S530 described above, the storage unit 45 stores a table (hereinafter referred to as a determination table) in which the challenge CH, the eigenvalue I, the correction value Cave, and the actually measured count value C are associated with each other.

  Subsequently, the control unit 41 performs determination processing for determining whether or not the IC card 20 connected to the card slot 36 is legitimate using the determination table (step S565). Here, the description of the IC card authentication process is interrupted, and the determination process will be described. FIG. 10 is a flowchart illustrating an example of the determination process.

  When this determination process is started, the control unit 41 first sets one of the 128 challenge CHs included in the determination table of the storage unit 45 as an unprocessed challenge CH (step CH). S600). Subsequently, the determination unit 44 of the control unit 41 reads the eigenvalue I, the correction value Cave, and the actually measured count value C corresponding to the challenge CH to be processed from the determination table (step S605). Then, the correction unit 43 of the control unit 41 derives the corrected count value Cc from the read correction value Cave and the actually measured count value C (step S610). The corrected count value Cc is derived from the equation (6) as in step S335 in FIG. 6 described above. Then, the correction unit 43 determines whether or not the corrected count value Cc is equal to or greater than 0 (step S615). When the corrected count value Cc is equal to or greater than 0, the response value Re is set to 1. If the count value Cc after correction is not equal to or greater than 0 (step S620), the response value Re is set to 0 (step S625).

  Subsequently, the determination unit 44 of the control unit 41 determines whether or not the response value Re matches the eigenvalue I read in step S605 (step S630). When the response value Re matches the eigenvalue I, the determination unit 44 determines whether there is an unprocessed challenge CH (step S635). If there is an unprocessed challenge CH, the process proceeds to step S600. If there is no unprocessed challenge CH in step S635, the determination unit 44 determines that the IC card 20 inserted into the card slot 36 is a legitimate card (step S640), and ends this process. On the other hand, when the response value Re does not match the eigenvalue I in step S630, the determination unit 44 determines that the IC card 20 inserted into the card slot 36 is not a legitimate card (step S645), and ends this process. .

  Returning to the description of the IC card authentication process in FIG. If the determination process of step S565 is performed, the control part 41 will perform the process according to a determination result (step S570), and will complete | finish this process. For example, when the IC card 20 is a legitimate card in the determination process, the control unit 41 sends an ATM service (such as cash refund) desired by the user who inserted the IC card 20 to the operation unit (not shown) of the card reader 30. An instruction is transmitted to the card reader 30 to display a predetermined display screen prompting input via the card reader 30 on a display unit (not shown). Then, the card reader 30 displays a display screen, and performs processing for providing the ATM service to the user according to the subsequent user operation. For example, when the IC card 20 is not a regular card in the determination process, the control unit 41 displays on the display unit of the card reader 30 that the IC card 20 inserted into the card slot 36 is unusable. A command is transmitted to the card reader 30.

  As described above, in the IC card authentication process, the server 40 obtains the actual count value C corresponding to the 128 challenge CHs from the IC card 20 and derives it from the corrected count value Cc obtained by correcting the actual count value C. Whether or not the IC card 20 is a regular card is determined based on whether or not the response value Re matches all the unique values I stored in the unique value table 47. As described above, the corrected count value Cc is obtained by removing the change in the oscillation frequency due to the placement and wiring of the oscillator 53 from the actually measured count value C, and is determined by the challenge CH to be processed in the oscillator 53 in the IC card 20. This value is determined by the change in the oscillation frequency caused by the manufacturing variation in the part related to the main signal path of the oscillator and the sub signal path of the sub oscillator. Since this manufacturing variation cannot be reproduced even if the IC card 20 is copied, only the response value Re from the IC card 20 itself used when the eigenvalue storage routine of FIG. All match I. In addition, the corrected count value Cc is a value obtained by removing the change in the oscillation frequency due to the placement and wiring of the oscillator 53 from the measured count value C. Therefore, the uniqueness of the IC card 20 is compared with the measured count value C. Is a higher value. For example, if the measured count value C itself is stored in advance as the eigenvalue I of the eigenvalue table 47 and the response value Re is also used as the measured count value C itself, the challenge CH and the challenge CH are caused by the arrangement and wiring of the oscillator 53. Since the correspondence between the eigenvalue I and the response value Re is biased, there is a possibility that the eigenvalue I and the response value Re are likely to match even for a counterfeit product in which variations during manufacturing cannot be reproduced. In the present embodiment, by using the corrected count value Cc obtained by correcting the actual count value C, such a situation can be prevented and the uniqueness of the IC card 20 can be enhanced.

  Here, the correspondence between the components of the first embodiment and the components of the present invention will be clarified. The server 40 of the first embodiment corresponds to the host of the present invention, the IC card 20 corresponds to the device, the oscillation circuit 52 corresponds to the oscillation circuit, the selection circuit 54 corresponds to the selection means, and the acquisition unit 42 acquires The correction unit 43 corresponds to the correction unit, the eigenvalue table 47 corresponds to the eigenvalue storage unit, and the determination unit 44 corresponds to the determination unit. In this embodiment, an example of the host control method of the present invention is also clarified by describing the operation of the server 40.

  According to the information security system 10 of the first embodiment described in detail above, the IC card 20 has the oscillation circuit 52 having a plurality of oscillators 53 having unique oscillation frequencies caused by manufacturing variations. First, at least one oscillator 53 is selected from the plurality of oscillators 53, the selected oscillator 53 is oscillated, and an actually measured count value C based on the oscillation frequency is acquired. Subsequently, the acquired actual count value C is based on a correction value Cave that is a value based on an average of frequencies when the oscillator 53 having the same arrangement and wiring as the selected oscillator in the plurality of IC cards 20 is oscillated. A corrected count value Cc and response value Re are derived. In this way, by correcting the actual count value C with the correction value Cave, the change in the oscillation frequency due to the placement and wiring of the oscillator 53 can be removed from the actual count value C, and the uniqueness of the IC card 20 It is possible to derive a corrected count value Cc and a response value Re that further increase

  The oscillator 53 is a ring oscillator in which an odd number of inverters 60 are connected in series in a ring shape. The ring oscillator can be configured using only logic elements and wirings inside the IC, and variations in the devices (IC card 20) affect the delay of the logic elements, so that differences between devices appear in their oscillation frequency characteristics. Since it is easy, the significance to apply to this invention is high.

  Furthermore, the oscillator 53 can select a plurality of selection paths W (p, q, r) depending on which inverter 60 connected in parallel in each stage of one oscillator 53 is selected. Then, the acquisition unit 42 oscillates the selected oscillator 53 along the selected signal path W (p, q, r), acquires the actual count value C based on the oscillation frequency, and the correction unit 43 acquires The corrected count value Cc obtained by correcting the actually measured count value C based on the correction value Cave is derived. By doing so, the specific oscillation frequency of the oscillator 53 varies depending on which inverter 60 connected in parallel in each stage of one oscillator 53 is selected, so the number of oscillators 53 is increased in a pseudo manner. be able to. Since the corrected count value Cc and the response value Re differ depending on which oscillator 53 is selected, the corrected count value Cc and the response value Re are predicted by a third party as the number of the oscillators 53 increases. Security can be improved.

  Furthermore, when the selected signal path of the selected oscillator 53 is not a reference signal path and is not an offset signal path in which only one inverting circuit is different from the reference signal path, a plurality of correction units 43 are provided. The same arrangement as the oscillator selected for the IC card 20 and the reference value Tb, which is the average period T when the oscillator 53 of the wiring is oscillated in the reference signal path, and the same arrangement as the oscillator selected for the plurality of IC cards 20 And an inverting circuit different from the reference signal path among the selected signal paths, using the offset period To which is the difference between the average period T and the reference value Tb when the oscillator 53 of the wiring is oscillated in the offset signal path. Is derived as an average period T corresponding to the selected signal path, and the derived average period T is derived from the sum of the offset value To and the reference value Tb. Based deriving a corrected count value Cc obtained by correcting the measured count value C by. For this reason, the average frequency related value of the signal path that is neither the reference signal path nor the offset signal path can be derived by a simple process of taking the sum of the reference value Tb and the offset value To.

  Further, the selection circuit 54 selects two oscillators from among the plurality of oscillators 53, and the acquisition unit 42 oscillates the two selected oscillators 53, and is an actual measurement that is a value based on the difference in frequency between the two oscillators. The correction unit 43 oscillates the acquired actually measured count value C in the same arrangement and wiring as the two selected oscillators 53 for the plurality of IC cards 20. The corrected count value Cc is derived by performing correction based on the correction value Cave, which is a value based on the average difference between the frequencies of the two oscillators. For this reason, compared with the case where only one oscillator 53 is selected, the number of patterns selected by the oscillator 53, that is, the total number of challenge CHs is increased.

  Also, the eigenvalue table 47 that stores the oscillator 53 of the IC card 20 and the eigenvalue I based on the unique oscillation frequency of the oscillator 53 in association with each other, and the eigenvalue I corresponding to the oscillator 53 selected from the eigenvalue table 47 are read out. The server 40 includes a determination unit 44 that determines whether or not the device is authentic depending on whether or not the read eigenvalue I matches the derived response value Re. For this reason, in order to determine whether or not the IC card 20 is legitimate by using the corrected count value Cc and the response value Re with higher uniqueness, for example, the actual measurement count value C is used as it is. Compared with the case where it is determined whether or not is genuine, the accuracy of the determination is increased and the security is improved.

  It should be noted that the present invention is not limited to the above-described embodiment, and it goes without saying that the present invention can be implemented in various modes as long as it belongs to the technical scope of the present invention.

  In the first embodiment described above, the control unit 41 of the server 40 includes the correction unit 43, but the control unit 22 of the IC card 20 may include the correction unit. In this case, the correction value Cave is transmitted from the server 40 together with the challenge CH to the IC card 20, and the IC card 20 corrects the actually measured count value C with the correction value Cave to derive the corrected count value Cc and the response value Re. The derived value may be transmitted to the server 40.

[Second Embodiment]
FIG. 11 is a configuration diagram showing an outline of the configuration of the information security system 110 according to the second embodiment. In addition, about the structure similar to 1st Embodiment among the components of 2nd Embodiment, the same code | symbol as 1st Embodiment is attached | subjected and the description is abbreviate | omitted.

  As shown in FIG. 11, the information security system 110 includes a user PC 130, an FPGA (Field Programmable Gate Array) 120 connected to the user PC 130, and a server 140. In this information security system 110, the server 140 provides the reconfigurable circuit 126 of the FPGA 120 with the encrypted data obtained by encrypting the circuit data for configuring the circuit, and only the authorized FPGA 120 can decrypt and use the encrypted data. This is the device.

  The FPGA 120 is an integrated circuit that has a function as an expansion card of the user PC 130 and can be configured and reconfigured afterwards based on circuit data provided from the server 140. The FPGA 120 includes a control unit 121 that performs overall control, a reconfigurable circuit 126 that can be configured and reconfigured later, and a startup processing unit that performs predetermined processing when the power of the FPGA 120 is turned on. 128 and a PUF circuit 50. The control unit 121 is configured as a microprocessor including a CPU, a ROM, a RAM, and the like, and includes an acquisition unit 122, a correction unit 123, and a decoding unit 124. The control unit 121 decrypts the encrypted data provided from the server 140 based on the corrected count value Cc obtained based on the actual count value C obtained from the PUF circuit 50, and uses the circuit data obtained by decrypting the encrypted data. The reconfigurable circuit 126 has a function of configuring a circuit. The acquisition unit 122 has a function of causing the main oscillator and the sub-oscillator of the PUF circuit 50 to oscillate and acquiring an actual measurement count value C that is a value based on a difference between the oscillation frequencies. When the correcting unit 123 oscillates the oscillator 53 having the same arrangement and wiring as the main oscillator and the sub-oscillator that acquired the measured count values C for the plurality of IC cards 20 with the measured count value C acquired by the acquiring unit 122 The corrected count value Cc is derived by performing correction based on the value based on the average difference between the frequencies of the two oscillators 53. The decryption unit 124 has a function of decrypting the encrypted data output from the server 140 based on the corrected count value Cc derived to the correction unit 123. The reconfigurable circuit 126 is configured as a circuit having a number of logic circuit blocks whose functions can be changed by switching the switches and wirings whose connections can be changed by switching the switches. The reconfigurable circuit 126 is in a state where the circuit is not configured when the power of the FPGA 120 is off, and the circuit is configured or changed by switching each switch while the power is on. Each switch is switched based on a switch switching signal output from the control unit 121 based on the circuit data. The activation processing unit 128 is configured as a microprocessor including a CPU, a ROM, a RAM, and the like, and data for configuring the control unit 121 and the PUF circuit 50 and the ID of the FPGA 120 are stored in the ROM. Here, like the reconfigurable circuit 126, the control unit 121 and the PUF circuit 50 of the FPGA 120 are circuits configured by switching switches, and are not configured when the power is off. The activation processing unit 128 has a function of outputting a switch switching signal based on data stored in the ROM each time the power of the FPGA 120 is turned on, and configuring the control unit 121 and the PUF circuit 50 in the FPGA 120. FIG. 11 shows a state in which the FPGA 120 is turned on and the activation processing unit 128 configures the control unit 121 and the PUF circuit 50. Here, the PUF circuit 50 is configured every time the power of the FPGA 120 is turned on. However, when the activation processing unit 128 configures the PUF circuit 50 for the same FPGA 120 based on the same data, the same PUF circuit 50 is always included. Composed. Therefore, the change in the oscillation frequency due to the manufacturing variation of the oscillator 53 of the PUF circuit 50 and the change in the oscillation frequency due to the arrangement and wiring of the oscillator 53 do not change and are output to the same challenge CH. The actual count value C does not change every time the configuration of the PUF circuit 50 is changed.

  The user PC 130 is a known general-purpose personal computer connected to the server 40 via the network 11, and includes a controller 132, an HDD 134, an expansion slot 136, a bus 137, a display device 138, and an input device 139. Yes. The controller 132 is configured as a processor including a CPU, a ROM, a RAM, and the like. The HDD 134 is a large-capacity memory that stores various application programs and various data files. The expansion slot 136 can be connected to an expansion card such as the FPGA 120, and has a function as an interface between the connected FPGA 120 and the user PC 130. The bus 137 is configured as a PCI (Peripheral Component Interconnect) bus, for example, and connects the controller 132, HDD 134, expansion slot 136, display device 138, and input device 139. The display device 138 is configured as a liquid crystal display, for example, and has a function of displaying an image based on the display data output from the control unit 20 and displaying various information to the user. The input device 139 is configured as an input device such as a keyboard and a mouse, for example, and has a function of outputting an operation signal based on an operation input from a user to the control unit 20.

  The server 140 provides circuit data of circuits configured in the reconfigurable circuit 126 to the FPGA 120 according to a user request, and includes a control unit 141 that controls the entire server 140 and a storage unit that stores various data. 145. The control unit 141 includes an acquisition unit 142, a correction unit 143, and an encrypted data output unit 148. The storage unit 145 includes an average value table 146 and an eigenvalue table 147. The acquisition unit 142 has the same function as the acquisition unit 42 except that the target for acquiring the actual count value C is the FPGA 120 instead of the IC card 20. The correction unit 143 has the same function as the correction unit 43 except that the target for deriving the corrected count value Cc is not the IC card 20 but the FPGA 120. The encryption data output unit 148 has a function of outputting, to the FPGA 120, encryption data obtained by encrypting circuit data based on the eigenvalue I based on the specific oscillation frequency of the selected oscillator 53 in the FPGA 120. The average value table 146 is a table in which values used by the correction unit 143 to correct the actual count value C are stored in association with the respective oscillators 53, and values for the PUF circuit 50 of the FPGA 120 instead of the IC card 20. Is the same as that of the average value table 46 except that it stores. The eigenvalue table 147 has the same configuration as the eigenvalue table 47 except that the eigenvalue I for the PUF circuit 50 of the FPGA 120 is stored. The storage unit 145 stores a plurality of circuit data that can be configured in the reconfigurable circuit 126 in the FPGA 120 and circuit identification information for identifying the circuit data in association with each other.

  Next, the server 140 provides the FPGA 120 with encrypted data obtained by encrypting the circuit data stored in the storage unit 145, and the FPGA 120 decrypts the circuit data. The operation at the time of acquisition will be described. FIG. 12 is a sequence showing a state of the circuit data providing process. This process is started when the power of the FPGA 120 changes from off to on. Of the processes in FIG. 12, processes similar to those in FIG. 9 are given the same step numbers, and detailed descriptions thereof are omitted.

  Here, the server 140 has already executed the same processing as the average value storage routine of FIG. 4 and the eigenvalue storage routine of FIG. 6, and creates the average value table 146 and the eigenvalue table 147 and stores them in the storage unit 145. It was supposed to be. More specifically, first, a plurality of FPGAs 120 are prepared, the prepared FPGAs 120 and the server 140 are connected, and the control unit 141 of the server 140 can directly exchange information with the plurality of FPGAs 120 without going through the network 11. After that, the control unit 141 executes processing similar to the average value storage routine of FIG. As a result, the eigenvalue table 147 in which the ID and challenge CH of the FPGA 120 and the eigenvalue I are associated with each other for all the FPGAs 120 connected to the server 140 is created and stored in the storage unit 145. In addition, the FPGA 120 before being obtained by the user is connected to the server 40 so that the control unit 141 of the server 40 can directly exchange information with the plurality of FPGAs 120 without going through the network 11. Processing similar to the storage routine is executed by the control unit 141 in advance. As a result, the unique value table 147 in which the ID and challenge CH of the FPGA 120 and the unique value I are associated with each other is created for all the FPGAs 120 connected to the server 40 and stored in the storage unit 145.

  When the circuit data providing process of FIG. 12 is started, first, the activation processing unit 128 configures the control unit 121 and the PUF circuit 50 when the power of the FPGA 120 is turned on (step S700). Subsequently, the control unit 121 configured by the activation processing unit 128 reads out the ID of the FPGA 120 stored in the ROM of the activation processing unit 128 and transmits it to the user PC 130 (step S705).

  Then, when receiving the ID from the FPGA 120, the controller 132 of the user PC 130 receives the circuit identification information of the circuit data that the user desires to provide to the FPGA 120 via the input device 139 (step S710). In this process, for example, the controller 132 controls the display device 138 to display a predetermined input screen (not shown) that prompts the user to input circuit identification information via the input device 139, and the user inputs the input to the input device 139. The controller 132 receives circuit identification information from the input device 139 based on the operation. The user has obtained the circuit identification information of the circuit data in advance by purchasing the right to use the circuit data having a predetermined function to be configured in the reconfigurable circuit 126 from the circuit data provider. It was. When the circuit identification information is received, the controller 132 transmits the ID transmitted in step S705 and the received circuit identification information to the server 140 via the network 11 (step S715).

  When the ID and the circuit identification information transmitted in step S715 are received, the control unit 141 of the server 140 performs the processes in steps S515 to S525. Accordingly, the control unit 141 determines 128 challenge CHs, reads the received ID and the eigenvalue I corresponding to the determined challenge CH from the eigenvalue table 147, and sets the correction value Cave corresponding to the determined challenge CH to the eigenvalue table 147. Derived from

  Subsequently, the control unit 141 reads circuit data corresponding to the circuit identification information transmitted in step S715 from the storage unit 145 (step S720). Next, the control unit 141 generates encrypted data obtained by encrypting the circuit data read in step S720 based on the eigenvalue I read in step S520 (step S725). In the present embodiment, the circuit data is encrypted by AES (Advanced Encryption Standard), which is one of the encryption methods, using 128 eigenvalues I corresponding to the challenge as 128-bit key information. Note that the circuit data may be encrypted by using, as key information, values obtained from 128 unique values I by a predetermined calculation.

  When the encrypted data is generated, the encrypted data output unit 148 sends the challenge CH determined in step S515, the correction value Cave derived in step S525, and the encrypted data generated in step S725 to the user PC 130 via the network 11. Transmit (step S730). The controller 132 of the user PC 130 transmits the challenge CH, the correction value Cave, and the encrypted data transmitted from the server 140 to the FPGA 120 via the expansion slot 136 (step S735). The control unit 121 of the FPGA 120 creates a decryption table in which the challenge CH transmitted from the controller 132 is associated with the correction value Cave, and the control unit 121 (not shown) includes the decryption table and the encrypted data transmitted from the controller 132. (Step S740).

  And the control part 121 performs the decoding process which decodes the encryption data memorize | stored by step S740 using the intrinsic | native value of the PUF circuit 50 (step S745). Here, the description of the circuit data providing process is interrupted, and the decoding process will be described. FIG. 13 is a flowchart illustrating an example of the decoding process. Note that, in the processing of FIG. 13, the same processing as the determination processing of FIG. 10 is given the same step number, and detailed description is omitted.

  When this decryption process is started, the control unit 121 performs the process of step S600 and sets one unprocessed challenge among the 128 challenges stored in step S740 as the challenge CH to be processed. Subsequently, the acquisition unit 122 of the control unit 121 acquires the actual measurement count value C corresponding to the challenge CH to be processed (step S800). This process is performed in the same manner as the process performed by the control unit 22 of the IC card 20 in step S315 of the eigenvalue storage routine of FIG. That is, the acquisition unit 122 supplies the main oscillator selection signal k1, the sub oscillator selection signal k2, the main path selection signals p1, q1, r1, and the sub path selection signals p2, q2, r2 included in the challenge CH to be processed to the PUF circuit 50. The measured count value C corresponding to the challenge CH is acquired from the output determination unit 58 of the measurement circuit 56.

  Subsequently, the decryption unit 124 reads the correction value Cave corresponding to the challenge CH to be processed from the decryption table created in Step S740 (Step S810). Then, the correction unit 123 performs the process of step S610, and derives the post-correction count value Cc from the correction value Cave read out in step S810 and the actual count value C acquired in step S800 by the above-described equation (6). And the process of step S615-S625 is performed. Accordingly, the decoding unit 124 sets the response value Re to the value 1 when the corrected count value Cc is greater than or equal to the value 0, and sets the response value Re to the value 0 when the corrected count value Cc is less than the value 0. .

  Next, the decryption unit 124 determines whether there is an unprocessed challenge CH by performing the process of step S635. If there is an unprocessed challenge CH, the process proceeds to step S600. Thus, the above-described processing is repeated until response values Re corresponding to 128 challenge CHs are set. If there is no unprocessed challenge CH in step S635, the decryption unit 124 decrypts the encrypted data stored in step S740 based on the response value Re (step S820), and ends the decryption process. In the processing of step S820, in this embodiment, 128 response values Re corresponding to the challenge are used as 128-bit key information, and the encrypted data is decrypted by the processing of decrypting AES. It is assumed that the method of encrypting the circuit data in step S725 is determined in advance between the FPGA 120 and the server 140. In this way, if the key information used for the processing in step S725 and step S820 match, the decryption in step S820 can be performed correctly. The server 140 may transmit the encrypted data to the FPGA 120 by adding information for identifying the encrypted method together with the encrypted data.

  Returning to the description of the circuit data providing process of FIG. When the decoding process of step S745 is performed, the control unit 121 configures a circuit in the reconfigurable circuit 126 based on the circuit data obtained by decoding (step S750), and ends this process. Here, when the response value Re derived by the FPGA 120 does not match the eigenvalue I derived by the server 140, the key information used for processing in step S725 and step S820 does not match, and the decryption in step S820 is performed. Is not done correctly. Therefore, the circuit data that the user wanted to provide is not configured in the FPGA 120.

  As described above, in the circuit data providing process, only when the response value Re, which is a value that further enhances the uniqueness of the FPGA 120, matches the eigenvalue I used to encrypt the circuit data in the server 140, the encryption is correctly performed. The data can be decoded to prevent the circuit data from being used by a device other than the regular FPGA 120.

  Here, the correspondence between the constituent elements of the second embodiment and the constituent elements of the present invention will be clarified. The server 140 of the second embodiment corresponds to the host of the present invention, the FPGA 120 corresponds to the device, the oscillation circuit 52 corresponds to the oscillation circuit, the selection circuit 54 corresponds to the selection unit, and the acquisition unit 122 serves as the acquisition unit. Correspondingly, the correction unit 123 corresponds to a correction unit, the encrypted data output unit 148 corresponds to an encrypted data output unit, and the decryption unit 124 corresponds to a decryption unit. In this embodiment, an example of the device control method of the present invention is also clarified by describing the operation of the server 40.

  According to the information security system 110 of the second embodiment described in detail above, the FPGA 120 acquires the actual count value C of the PUF circuit 50 corresponding to the challenge CH, and the acquired actual count value C is based on the correction value Cave. A corrected count value Cc and response value Re are derived. Therefore, the uniqueness can be further improved by removing the change in the oscillation frequency caused by the arrangement and wiring of the oscillator 53 from the actually measured count value C, and the corrected count value Cc and the response that further enhance the uniqueness of the FPGA 120. The value Re can be derived.

  Further, the server 140 outputs the encrypted data encrypted based on the eigenvalue I corresponding to the challenge CH to the FPGA 120, and decrypts the encrypted data based on the response value Re derived by the FPGA 120. As a result, since the encrypted data cannot be correctly decrypted unless the response value Re with higher uniqueness matches the eigenvalue I, it is possible to further prevent the encrypted data from being decrypted by a device other than the regular FPGA 120. .

  It should be noted that the present invention is not limited to the above-described embodiment, and it goes without saying that the present invention can be implemented in various modes as long as it belongs to the technical scope of the present invention.

  For example, in the second embodiment described above, the controller 132 accepts the circuit identification information input by the user in step S710 of FIG. 12, but the circuit identification information is stored in the FPGA 120 or the user PC 130 in advance, and the user's The controller 132 may automatically acquire the circuit identification information without any operation.

  In the first and second embodiments described above, the reference value Tb (k) and the offset values To (k, 1, 0, 0), To (k, 0, 1, 0), To (k, 0, 0, 1) is derived and stored in the storage unit 45 and the storage unit 145. However, the reference value Tb (k) and the average period Tave (k, 1, 0, 0), Tave (k, 0, 1, 0), Tave (k, 0, 0, 1) may be stored. In this case, the offset value To may be derived from the reference value Tb and the average period Tave in the main average period derivation process and the sub average period derivation in FIG. Further, without using the offset value To, the average period Tave may be derived for each path of each oscillator 53 and stored in the storage units 45 and 145.

  In the first and second embodiments described above, the count of the first counter 57a when the count number of the input second counter 57b reaches a predetermined count value Cp (for example, a value of 8000 in hexadecimal notation × four digits). Although the number is the actual count value C, any value may be used as the actual count value C as long as the value is based on the difference between the frequencies of the two selected oscillators. For example, the actual measurement count value C may be a time difference or ratio required for each of the selected oscillators to oscillate a predetermined number of times.

  In the first and second embodiments described above, the reference value Tb and the offset value To are derived using the average period Tave, that is, a value representing time, but may be derived using a value representing the frequency. . For example, in the average value storage routine, the actual measurement frequency is obtained instead of the actual measurement period T, the average frequency is obtained as the average value of the actual measurement frequencies, the average frequency in the reference signal path is set as the reference value Tb, and the average in the offset signal path The difference between the frequency and the reference value Tb may be used as the offset value To. In this case, in step S320 of the eigenvalue storage routine of FIG. 6, the same process as the main average period derivation process of FIG. 7 is performed to derive the average frequency A1 of the main signal path using the reference value Tb and the offset value To. What is necessary is just to process. Similarly, in step S325 of the eigenvalue storage routine of FIG. 7, the same process as the main average period derivation process of FIG. 7 is performed, and the average frequency A2 of the sub signal path is derived using the reference value Tb and the offset value To. What is necessary is just to process. Then, in step S330 of the eigenvalue storage routine of FIG. 6, the corrected count value Cc may be derived from Cave = A1 / A2 × Cp instead of Equation (5). Thus, even if the reference value Tb and the offset value To are values representing the frequency, the corrected count value Cc can be derived as in the present embodiment. Note that, as in this embodiment, the sum of the offset value To and the reference value Tb corresponding to an inverting circuit different from the reference signal path is used for the signal path that is not the reference signal path and is not the offset signal path. In the aspect, the case where the reference value Tb and the offset value To are derived using the value representing the time is compared with the case where the reference value Tb and the offset value To are derived using the value representing the frequency. Thus, a value derived from the sum of the offset value To and the reference value Tb is preferable because it is a more accurate value.

  In the first and second embodiments described above, the offset value To is derived from the difference between the average period T and the reference value Tb. However, the offset value To may be derived from the ratio between the average period T and the reference value Tb. Good. For example, a value obtained by dividing the average period T by the reference value Tb may be used as the offset value To. In this case, for a signal path that is neither a reference signal path nor an offset signal path, the average period T is derived from the product of the offset value To and the reference value Tb corresponding to an inverting circuit different from the reference signal path. What should I do? Even in this case, the average frequency related value of the signal path that is not the reference signal path and not the offset signal path can be derived by a simple process of obtaining the product of the reference value Tb and the offset value To. In the aspect using the product of the offset value To and the reference value Tb as described above, the reference value Tb and the offset value To are derived using the above-described value representing the time, and the value representing the frequency is used. The accuracy of the value derived by the product of the offset value To and the reference value Tb does not change between the case where the reference value Tb and the offset value To are derived.

  In the first and second embodiments described above, the server determines 128 challenge CHs and transmits them to the IC card 20 and the FPGA 120. However, the IC card 20 and FPGA 120 determine and transmit them to the server. It may be a thing.

  In the first and second embodiments described above, the oscillator 53 is configured as a ring oscillator in which three stages of inverters 60 are connected in series in a ring shape, and two inverters 60 are connected in parallel at each stage. However, the number of stages may be an odd number, and the number of parallels may be any number. Moreover, it is good also as a thing from which a parallel number differs in each stage. Further, there may be a ring oscillator in which there is no inverter 60 connected in parallel and an odd number of inversion circuits are connected in series in a ring shape. Further, the oscillator is not limited to a ring oscillator as long as it has a specific oscillation frequency due to manufacturing variations.

  In the first and second embodiments described above, the measured count value C based on the oscillation frequency of the selected oscillator 53 is derived by selecting the two oscillators 53 of the PUF circuit 50 by the challenge. Only one may be selected. In this case, for example, the oscillation frequency of the selected oscillator 53 is derived from the PUF circuit 50 as an actually measured count value, and after correction is performed by taking the difference between this actually measured count value and the average value of the oscillation frequencies of the oscillator 53 previously obtained. The count value may be derived. Even in this case, by correcting the measured count value with the average value, the change in the oscillation frequency due to the placement and wiring of the oscillator 53 can be removed from the measured count value, and the uniqueness of the PUF circuit 50 is further enhanced. A corrected count value can be derived. Further, the measured count value and the corrected count value may be derived using any value as long as it is not limited to the oscillation frequency but is related to the oscillation frequency. For example, the period of the selected oscillator 53 is derived from the PUF circuit 50 as an actually measured count value, and the corrected count value is derived by taking the difference between the actually measured count value and the average value of the period of the oscillator 53 obtained in advance. It may be a thing.

  In the first and second embodiments described above, the IC card 20 and the FPGA 120 are connected to the servers 40 and 140, the reference value Tb and the offset value To are derived in advance, the average value tables 46 and 146 are stored, and the eigenvalue I is stored. However, the server 40 and the server 140 do not derive the reference value Tb, the offset value To, and the eigenvalue I, and the average value tables 46 and 146 created separately in advance. The eigenvalue tables 47 and 147 may be received from the outside and stored in the storage units 45 and 145.

  In the first embodiment described above, information exchanged between the server 40 and the IC card 20 may be encrypted based on a unique value of the IC card 20. For example, it is assumed that the server 40 transmits encrypted data encrypted based on the eigenvalue I corresponding to the challenge CH, the plaintext challenge CH, and the correction value Cave, and the IC card 20 performs the actual measurement corresponding to the received challenge CH. The encrypted data may be decrypted based on the response value Re derived from the count value C and the received correction value Cave. Similarly, the encrypted data encrypted based on the response value Re of the IC card 20 may be transmitted to the server 40, and the server 40 may decrypt the received encrypted data based on the eigenvalue I. In this way, the security of information exchanged between the IC card 20 and the server 40 can be improved.

  Hereinafter, an example in which a PUF circuit of an information security system is actually created will be described as an example.

[Experimental Example 1]
As the PUF circuit of Experimental Example 1, a PUF circuit in which the number of oscillators 53 of the PUF circuit 50 in FIG. Specifically, an oscillation circuit in which 512 oscillators are arranged at predetermined positions and wired, a main oscillator selector that selects any one of the 512 oscillators as a main oscillator, and 512 oscillators A PUF circuit including a selection circuit including a sub-oscillator selector that selects any one of them as a sub-oscillator and a measurement circuit that outputs an actual count value C based on the oscillation frequency of the main oscillator and the sub-oscillator is created. did. Each of the 512 oscillators was configured as a ring oscillator in which seven inverters were connected in series in a ring shape. For this reason, there is no inverter connected in parallel in the oscillator constituting the PUF circuit of Experimental Example 1, and there is one signal path.

  Specifically, this PUF circuit is a side-channel attack standard evaluation board SASEBO-GII manufactured by the National Institute of Advanced Industrial Science and Technology, and an evaluation FPGA (Virtex5 series (65nm), manufactured by Xilinx), mounted on this board. Created by configuring the circuit in LX30).

[Experiment 2]
Ring oscillator with 512 oscillators, each with 28 inverters and 7-stage path selector, 7 stages of inverters connected in series in a ring shape, and 4 inverters connected in parallel at each stage Except for the points described above, a PUF circuit similar to Experimental Example 1 was created. In the oscillator of Experimental Example 2, since four inverters are connected in parallel in each of the seven stages, there are 4 ⁷ = 16384 signal paths.

[Uniqueness evaluation test]
Five PUF circuits of Experimental Example 1 and Experimental Example 2 were prepared, respectively, and a uniqueness evaluation test was performed. Specifically, it was performed as follows. First, 128 challenge CHs to be input to the five PUF circuits of Experimental Example 1 were determined. Next, the average value storage routine of FIG. 4 is performed on the five PUF circuits to derive 512 average periods Tave from the actual measurement period T, and the correction values Cave corresponding to the 128 challenge CHs are set to the respective PUFs. The circuit was derived. Subsequently, 128 actually measured count values C corresponding to the 128 challenge CHs were obtained for each PUF circuit. Then, in the same manner as in steps S610 to S625 of the determination process of FIG. 10, 128 response values Re are derived for each PUF circuit from the actually measured count value C and the correction value Cave, and are set to the 128-bit corrected eigenvalue. The ratio of bits having different values among the 128-bit corrected eigenvalues between these PUF circuits was calculated as the difference rate D. For comparison, a value obtained by binarizing 128 actually measured count values C based on whether or not the value is 0 or more is set as a 128-bit uncorrected eigenvalue, and similarly, a ratio of bits having different values among five PUF circuits Was calculated as the difference rate D. Similarly for Experimental Example 2, 128-bit corrected eigenvalues and uncorrected eigenvalues were derived in the same manner, and the ratio of bits having different values among the five PUF circuits was calculated as the difference rate D. Here, the difference rate D is preferably closer to 50% because it means that there is no bias in the derived eigenvalue. The closer the difference rate D is to 50%, the more the eigenvalue is a value that increases the uniqueness of the PUF circuit. It can be said.

(Experimental result)
The results of the uniqueness evaluation test are shown in FIGS. FIG. 14 is a table showing the eigenvalue difference rate D with correction among the five PUF circuits of Experimental Example 1. FIG. 15 is a table showing a difference rate D of eigenvalues without correction among the five PUF circuits of Experimental Example 1. FIG. 16 is a table showing the eigenvalue difference rate D with correction among the five PUF circuits of Experimental Example 2. FIG. 17 is a table showing the difference rate D of eigenvalues without correction among the five PUF circuits in Experimental Example 2. 14 to 17, the five PUF circuits are distinguished by numbers 1 to 5, and the difference rate D when two eigenvalues are compared among the five PUF circuits is represented by the vertical axis and the horizontal axis. It is shown by the numerical value of the intersection with. For example, FIG. 14 shows that the difference rate D was 36.21% when the corrected eigenvalues were compared between the first PUF circuit and the second PUF circuit of Experimental Example 1.

  14 to 17, the difference rate D is about several percent in FIGS. 15 and 17 and is a value far from 50%, whereas in FIGS. 14 and 16, the difference rate D is 50%. It was found that the value was close to. From this result, even without different PUF circuits, the uncorrected eigenvalues differ from each other by only a few percent, and the uncorrected eigenvalues tend to match values with other PUF circuits, that is, have low uniqueness. I understood it. Then, by using the corrected eigenvalue, the difference rate D of eigenvalues between different PUF circuits approaches 50%, and it has been found that the corrected eigenvalue is a value with higher uniqueness.

[Oscillation frequency distribution measurement]
With respect to the five PUF circuits of Experimental Example 2, the actually measured oscillation frequency and the corrected oscillation frequency were derived, and their distributions were examined. First, 64 signal paths were set at random for 512 oscillators of the PUF circuit, and 512 × 64 = 32768 pseudo oscillators for one PUF circuit were determined as measurement objects. The measured oscillation frequencies f1 to f32768 of the measurement target oscillator were measured, and the average value and standard deviation of the measured 32768 measured oscillation frequencies were calculated. For the other four PUF circuits, the same 32768 pseudo oscillators were measured, and the measured oscillation frequencies f1 to f32768 were measured in the same manner to calculate the average value and standard deviation. Further, the average value and standard deviation of 32768 × 5 actually measured oscillation frequencies were calculated for the entire five PUF circuits. Next, using these five PUF circuits, the average value of the five actually measured oscillation frequencies measured from each PUF circuit for each of the 32768 oscillators was obtained, and the average values were f1ave to f32768ave. Further, the average value of the actually measured oscillation frequencies of all 32768 oscillators of the five PUF circuits was obtained and set as the average value fave. Then, the corrected oscillation frequency Fn = fn / fnave × fave (n is an integer from 1 to 32768) is calculated for each PUF circuit, and the average value and standard deviation of the corrected oscillation frequencies F1 to F32768 are calculated for each PUF circuit. did. In addition, the average value and standard deviation of 32768 × 5 post-correction oscillation frequencies were calculated for all five PUF circuits.

(Measurement result)
FIG. 18 is a table showing average values and standard deviations of actually measured oscillation frequencies f1 to f32768. FIG. 19 is a table showing average values and standard deviations of the corrected oscillation frequencies F1 to F32768. 18 and 19, the five PUF circuits are distinguished by numbers 1 to 5. As can be seen from FIG. 18, the standard deviations of the actually measured oscillation frequencies are all about 25 MHz, whereas the standard deviations of the corrected oscillation frequencies are all as small as around 1 MHz. Here, the corrected oscillation frequency is a value obtained by correcting the actually measured frequency with an average value, and is thus a value obtained by removing the change in the oscillation frequency due to the placement and wiring of the oscillator from the actually measured oscillation frequency. From these facts, it was confirmed that the influence on the variation in the actually measured oscillation frequency was larger due to the placement and wiring of the oscillator than that due to the variation in manufacturing the PUF circuit. In this way, when the influence due to the placement and wiring of the oscillator is large, even if the eigenvalue of the PUF circuit is derived using the actually measured oscillation frequency without correction, the change in the oscillation frequency due to manufacturing variations can be fully utilized. Therefore, it is considered that the eigenvalue becomes a value with low uniqueness. On the other hand, if the eigenvalue is derived using the corrected oscillation frequency, it is possible to eliminate even a large variation in the actually measured oscillation frequency due to the placement and wiring of the oscillator. Therefore, a highly unique value is derived as the eigenvalue. be able to.

  10, 110 Information security system, 11 network, 20 IC card, 21 IC chip, 22 control unit, 24 storage unit, 30 card reader, 32 control unit, 34 storage unit, 36 card slot, 40,140 server, 41 control unit 42 acquisition unit 43 correction unit 44 determination unit 45 storage unit 46 average value table 47 eigenvalue table 50 PUF circuit 52 oscillation circuit 53 oscillator 53a to 53e first to fifth oscillator 54 selection circuit , 55a Main oscillator selector, 55b Sub oscillator selector, 56 Measuring circuit, 57a, 57b First and second counters, 58 Output determination unit, 60 Inverter, 61a, 61b First and second inverter, 62a, 62b Third, third 4 inverters, 63a, 63b, 5th, 6th Converter, 66 path selector, 66a to 66c 1st to 3rd path selector, 120 FPGA, 121 control unit, 122 acquisition unit, 123 correction unit, 124 decoding unit, 126 reconfigurable circuit, 128 activation processing unit, 130 user PC , 132 controller, 134 HDD, 136 expansion slot, 137 bus, 138 display device, 139 input device, 141 control unit, 145 storage unit, 148 encrypted data output unit.

Claims (15)

An information security system comprising a host and a device,
An oscillation circuit having a plurality of oscillators with inherent oscillation frequencies due to manufacturing variations;
Selecting means for selecting at least one oscillator of the plurality of oscillators;
An acquisition means for oscillating the selected oscillator and acquiring an actually measured frequency-related value based on the frequency of the oscillation;
The acquired actual measurement frequency related value is corrected based on an average frequency related value that is a value based on an average frequency when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Correction means for deriving a corrected frequency-related value;
With
The oscillation circuit and the selection unit are included in the device,
The acquisition unit has the device or the host,
The correction means has the device or the host,
Information security system. The oscillator is a ring oscillator in which an odd number of inversion circuits are connected in series in a ring shape.
The information security system according to claim 1. In the oscillator, an odd number of inverting circuits are connected in series in a ring shape, and a plurality of inverting circuits are connected in parallel in at least one or more stages, and each of the inverting circuits connected in parallel is connected to each stage. A plurality of signal paths can be selected depending on whether the signal path is selected, and each signal path has an oscillation frequency specific to each signal path due to manufacturing variations of the inverting circuits constituting the signal path.
The selection means is means for selecting at least one oscillator among the plurality of oscillators, and selecting any one signal path among the plurality of signal paths for the selected oscillator,
The acquisition means is means for causing the selected oscillator to oscillate in the selected signal path and acquiring the measured frequency related value based on the frequency of the oscillation.
The correcting means is based on an average of frequencies obtained by causing the oscillator of the same arrangement and wiring as the selected oscillator in the plurality of devices to oscillate in the selected signal path, with respect to the acquired actually measured frequency related value. Means for deriving the corrected frequency-related value corrected based on the average frequency-related value that is a value;
The information security system according to claim 1 or 2. When the selected signal path of the selected oscillator is not a predetermined reference signal path and is not an offset signal path in which only one inverting circuit is different from the reference signal path, A reference value that is an average frequency related value when an oscillator having the same arrangement and wiring as the selected oscillator for the plurality of devices is oscillated in the reference signal path; and the selected oscillator for the plurality of devices; The reference signal among the selected signal paths using an offset value that is a difference between the average frequency related value and the reference value when oscillators having the same arrangement and wiring are oscillated in the offset signal path. The average frequency corresponding to the selected signal path is the sum of the offset value and the reference value corresponding to an inverting circuit different from the path Derived as continuous values, a means for deriving the corrected frequency related value obtained by correcting the obtained actually measured frequency related value based on the average frequency related value issued conductor,
The information security system according to claim 3. When the selected signal path of the selected oscillator is not a predetermined reference signal path and is not an offset signal path in which only one inverting circuit is different from the reference signal path, A reference value that is an average frequency related value when an oscillator having the same arrangement and wiring as the selected oscillator for the plurality of devices is oscillated in the reference signal path; and the selected oscillator for the plurality of devices; The reference signal among the selected signal paths using an offset value that is a ratio of the average frequency related value and the reference value when oscillators having the same arrangement and wiring are oscillated in the offset signal path The average frequency corresponding to the selected signal path is the product of the offset value and the reference value corresponding to an inverting circuit different from the path Derived as continuous values, a means for deriving the corrected frequency related value obtained by correcting the obtained actually measured frequency related value based on the average frequency related value issued conductor,
The information security system according to claim 3. The selection means is means for selecting two oscillators of the plurality of oscillators,
The acquisition means is means for causing the selected two oscillators to oscillate and acquiring the measured frequency-related value that is a value based on a difference in frequency between the two oscillators.
The correction means uses the obtained measured frequency-related value as an average of the frequencies of the two oscillators when the oscillators having the same arrangement and wiring as the selected two oscillators for the plurality of devices are oscillated. A means for deriving the corrected frequency-related value by correcting based on the average frequency-related value that is a value based on a difference.
The information security system according to any one of claims 1 to 5. The acquisition unit and the correction unit are included in the host.
The information security system according to any one of claims 1 to 6. The information security system according to any one of claims 1 to 7,
Eigenvalue storage means for storing the oscillator included in the device and the predetermined eigenvalue based on the inherent oscillation frequency of the oscillator in association with each other;
Read the eigenvalue corresponding to the selected oscillator from the eigenvalue storage means, and whether or not the device is normal depending on whether or not the read eigenvalue matches the derived corrected frequency-related value Determination means for determining whether or not
With
The eigenvalue storage means and the determination means have the host.
Information security system. The information security system according to any one of claims 1 to 7,
Encrypted data output means for outputting to the device encrypted data encrypted based on the predetermined unique value based on the unique oscillation frequency of the selected oscillator in the device;
Decryption means for decrypting the output encrypted data based on the derived corrected frequency-related value;
With
The encrypted data output means has the host,
The device has the decoding means,
Information security system. A host for exchanging information with a device including an oscillation circuit having a plurality of oscillators having unique oscillation frequencies caused by manufacturing variations,
An acquisition means for acquiring an actual measurement frequency related value based on a frequency of oscillation when at least one oscillator selected from the plurality of oscillators is oscillated;
The acquired actual measurement frequency related value is corrected based on an average frequency related value that is a value based on an average frequency when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Correction means for deriving a corrected frequency-related value;
With a host. An oscillation circuit having a plurality of oscillators with inherent oscillation frequencies due to manufacturing variations;
Selecting means for selecting at least one oscillator of the plurality of oscillators;
An acquisition means for oscillating the selected oscillator and acquiring an actually measured frequency-related value based on the frequency of the oscillation;
The acquired measured frequency-related value is corrected based on an average frequency-related value that is a value based on an average frequency when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. A correction means for deriving a frequency-related value after correction,
With a device. A host control method for exchanging information with a device having an oscillation circuit having a plurality of oscillators having unique oscillation frequencies caused by manufacturing variations,
(A) obtaining an actually measured frequency-related value from the device based on the frequency of oscillation when at least one oscillator selected from the plurality of oscillators is oscillated;
(B) The obtained actual measurement frequency related value is based on an average frequency related value that is a value based on an average of frequencies when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated. Deriving a corrected frequency-related value corrected by
Host control method including A method for controlling a device including an oscillation circuit having a plurality of oscillators having inherent oscillation frequencies due to manufacturing variations,
(A) selecting at least one oscillator from the plurality of oscillators;
(B) oscillating the selected oscillator and obtaining a measured frequency related value based on the frequency of the oscillation;
(C) Based on an average frequency related value that is a value based on an average of frequencies when an oscillator having the same arrangement and wiring as the selected oscillator in the plurality of devices is oscillated, the acquired actually measured frequency related value. Deriving a corrected frequency-related value corrected by
A method for controlling a device including:   A program that causes one or more computers to realize each step of the host control method according to claim 12.   A program that causes one or more computers to realize each step of the device control method according to claim 13.

Images