JP2013118616A - Memory device - Google Patents

Memory device Download PDF

Info

Publication number
JP2013118616A
JP2013118616A JP2012209681A JP2012209681A JP2013118616A JP 2013118616 A JP2013118616 A JP 2013118616A JP 2012209681 A JP2012209681 A JP 2012209681A JP 2012209681 A JP2012209681 A JP 2012209681A JP 2013118616 A JP2013118616 A JP 2013118616A
Authority
JP
Japan
Prior art keywords
data
secret
information
flash memory
nand flash
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
JP2012209681A
Other languages
Japanese (ja)
Inventor
Yuji Nagai
裕士 長井
Hiroshi Kato
拓 加藤
Tatsuyuki Matsushita
達之 松下
Toshihiro Suzuki
俊宏 鈴木
Noboru Shibata
昇 柴田
Original Assignee
Toshiba Corp
株式会社東芝
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Toshiba Corp, 株式会社東芝 filed Critical Toshiba Corp
Priority to JP2012209681A priority Critical patent/JP2013118616A/en
Publication of JP2013118616A publication Critical patent/JP2013118616A/en
Application status is Pending legal-status Critical

Links

Images

Abstract

PROBLEM TO BE SOLVED: To provide a memory device that is advantageous to prevent unauthorized use of confidential information.SOLUTION: A memory device comprises: a first area in which first key data and unique secret data are stored and reading from the first area is restricted; and a second area in which encrypted unique secret data generated by encrypting the unique secret data is stored and reading from the second area is possible. The first key data is read from the first area and AES encryption is performed using the first key data and first numerical data received from the outside to thereby generate second key data, AES encryption is performed using the second key data and second numerical data received from the outside to thereby generate session key data, and unidirectional conversion is performed using the session key data and the unique secret data read from the first area to thereby generate authentication information data.

Description

  The present invention relates to a memory device.

In general, in a field requiring information security, a method using secret information and an encryptor shared with each other is employed as a means for proving its validity.

For example, in an IC card (Smart Card) or the like used for electronic payment, an ID and secret information for individualizing the IC card are held in the IC in the card. Furthermore, the IC card has a cryptographic processing function for performing authentication based on the ID and secret information.

In another example, in the content copyright protection technology, an authentication method called Content Protection for Recordable Media (CPRM) is defined in order to prove the validity of an SD (registered trademark) card.

Content Protection for Recordable Media (CPRM), http://www.4centity.com/ Media Identifier Management Technology (MIMT), http://www.4ecntity.com/ D. Naor, M. Naor and J. Lotspiech, "Revocation and Tracing Schemes for Stateless Receivers," Proc. CRYPTO 2001, LNCS 2139, Springer-Verlag, pp. 41-62, 2001

  A memory device capable of preventing unauthorized use of secret information is provided.

According to the embodiment, the semiconductor storage device authenticates the host device, the semiconductor storage device holds the first key information (NKey) that is concealed, and includes a random number generator, and the host device Holds the original information (HC) and the second key information (HKey) that is concealed, and the semiconductor storage device stores the third information based on the original information (HC) and the first key information (NKey). A step of generating key information (HKey), and the semiconductor memory device generates a first session key (SKey) based on the third key information (HKey) and a random number generated from the random number generator. And a step of the host device generating a second session key (SKey ′) based on the second key information (HKey) and the random number.

1 is a block diagram showing a configuration example of a memory system according to a first embodiment. The flowchart which shows the authentication flow of the memory system which concerns on 1st Embodiment. The figure which shows the structural example of the encryption FKey bundle | flux (FKB) which concerns on 1st Embodiment. 1 is a block diagram showing a configuration example of a memory system according to a first embodiment. The figure which illustrates the write-in process of the secret information by the NAND manufacturer which concerns on 1st Embodiment. The flowchart which shows the process of FIG. The figure which illustrates the writing process of FKB by the card manufacturer which concerns on 1st Embodiment. The flowchart which shows the process of FIG. The figure which shows the to-be-authenticated apparatus which concerns on the modification 1. FIG. The block diagram which shows the system which downloads FKB which concerns on the modification 1. FIG. The flowchart which shows the flow which downloads FKB which concerns on the modification 1. The block diagram which shows the structural example of the memory system which concerns on 2nd Embodiment. The block diagram which shows the structural example of the memory system which concerns on 3rd Embodiment. The flowchart which shows the authentication flow of the memory system which concerns on 3rd Embodiment. FIG. 10 is a block diagram illustrating a configuration example of a memory system according to a fourth embodiment. The flowchart which shows the authentication flow of the memory system which concerns on 4th Embodiment. The block diagram which shows the structural example of the function control which concerns on 3rd, 4th embodiment. The block diagram which shows the example of whole structure of the NAND chip which concerns on 5th Embodiment. FIG. 19 is an equivalent circuit diagram illustrating a configuration example of one block of the NAND chip in FIG. 18. The block diagram which shows the structural example of the cell array concerning 5th Embodiment. The figure which shows the read-only data of the ROM block which concerns on 5th Embodiment. The block diagram which shows the structural example 1 of ECC. The block diagram which shows the structural example 2 of ECC. The block diagram which shows the structural example 3 of ECC. The block diagram which shows the structural example 4 of ECC. The figure which shows the confidential data in the confidential block which concerns on 5th Embodiment. The figure which shows the example of the access control pattern which concerns on 5th Embodiment. The block diagram which shows the usage example of the access control pattern which concerns on 5th Embodiment. The figure which shows the test flow which concerns on 5th Embodiment. The figure which shows the data deletion flow which concerns on 5th Embodiment. The block diagram which shows the structural example of the NAND chip which concerns on 6th Embodiment. The figure which shows the calculation flow 1 of the NAND chip which concerns on 6th Embodiment. The figure which shows the calculation flow 2 of the NAND chip which concerns on 6th Embodiment. The figure which shows the test flow which concerns on 6th Embodiment. The figure which shows the test | inspection flow of the confidential information which concerns on 6th Embodiment. FIG. 10 is a timing chart illustrating an example of command mapping according to a seventh embodiment. FIG. 16 is a timing chart showing a command mapping example (Set / Get feature command) according to the seventh embodiment. The figure which shows the structural example of the memory card based on 8th Embodiment. The figure which shows the example 1 of application to the content protection which concerns on 8th Embodiment. The figure which shows the example 1 of application to HDD which concerns on 8th Embodiment. The figure which shows the example 2 of application to HDD which concerns on 8th Embodiment. The figure which shows the example 2 of application to the content protection which concerns on 8th Embodiment. The figure which shows the example 3 of application to the content protection which concerns on 8th Embodiment. The figure which shows the example 4 of application to the content protection which concerns on 8th Embodiment. FIG. 10 is a block diagram showing a configuration example of a sense amplifier and its peripheral circuits according to Modification 2. FIG. 46 is an equivalent circuit diagram of the sense amplifier and data cache in FIG. 45.

When constructing a security system that employs authentication processing, it is also necessary to assume a situation in which a device that performs the authentication processing is attacked and secret information is extracted. Therefore, a method of revoking the extracted confidential information is important.

In Advanced Access Content System (AACS), which is a copyright protection technology defined to protect the content recorded on the above-mentioned CPRM and Blu-ray Disc, the device key that is confidential information is invalidated. In addition, it uses a technology called Media Key Block (MKB). In addition, in a method adopting a protocol based on public key cryptography, a public key certificate list (Revocation List) paired with leaked private key information is used.

Take a system that plays video content recorded on an SD card using software installed on a PC. Since the CPRM processing in the SD card is implemented by hardware, it is very difficult to illegally extract confidential information. In comparison, it is often easier to extract confidential information from video playback software as an attack. In reality, there are many software that illegally decrypts content recorded on protected DVDs and Blu-ray Discs. In the unauthorized software, confidential information extracted from a legitimate software player is used.

In addition, there are cases in which it is necessary to take measures to prevent card imitation software and counterfeit cards, such as using a secret information extracted from legitimate software to impersonate an SD card and tricking legitimate software players. For example, it is possible to easily read the encryption key used for content encryption from a counterfeit SD card, so that the counterfeit SD card can be used with a regular recording device.
The video content recorded on the card can be easily decoded later.

Here, the authentication device is not only a dedicated hardware device such as a consumer device, but also a PC, for example.
In some cases, the program is provided as a program (software) that can be executed by a (personal computer) or the like, and the software is a substantial authentication device. On the other hand, the device to be authenticated is, for example, a recording medium, and even if a program called firmware is interposed in the operation of hardware constituting the recording medium, important processing and information are stored in the hardware in the cell array. Stored in a secret state. Therefore, when the software executed on the PC is an authentication device, there is a concern that the tamper resistance (resistance to attack) may be lower than that of an authentication target device such as a recording medium.

For this reason, there is a concern that by attacking an authentication device with low tamper resistance, secret information that is concealed by an authentication target device with high tamper resistance will be exposed and impersonated as a high tamper resistance device. . In order to cope with such a situation, a method for efficiently preventing unauthorized use of secret information is required.

In recent years, even in an environment where restrictions on circuit scale are imposed simultaneously, such as hardware implementation of public key encryption processing and MKB processing that require a relatively large circuit scale,
There is a tendency for the above requirements to become stronger. Therefore, there is a demand for a method for efficiently preventing unauthorized use of secret information while minimizing an increase in circuit scale.

Hereinafter, a plurality of embodiments will be described with reference to the drawings. In this description, a memory system is given as an example of the authentication device, the device to be authenticated, and the authentication method thereof, but the present invention is not limited to this. In this description, common parts are denoted by common reference numerals throughout the drawings.

[First Embodiment]
An authentication device, a device to be authenticated, and an authentication method thereof according to the first embodiment will be described.

<1. Configuration example (memory system)>
A configuration example of the memory system according to the first embodiment will be described with reference to FIG.

As shown in the figure, the memory system according to the first embodiment is a NAND that is a device to be authenticated.
Type flash memory 10, a host device 20 as an authentication device, and a controller 19 that mediates both. The host device 20 accesses the NAND flash memory 10 via the controller 19.

Here, a manufacturing process of a semiconductor product such as the NAND flash memory 10 will be briefly described. The manufacturing process of a semiconductor product can be mainly divided into a pre-process for forming a circuit on a substrate wafer and a post-process for cutting the wafer into individual pieces and then enclosing wiring or a resin package.

When the controller 19 is configured to be included in the NAND flash memory 10 in the previous process, the controller 19 is not included in the previous process but is included in the same package in the subsequent process. There are various cases such as a case where it is provided as a chip different from 10. In the following, including FIG. 1, a case where the controller 19 is provided as a chip different from the NAND flash memory 10 is described as an example.

Hereinafter, unless otherwise noted, the exchange of data and instructions between the host device 20 and the NAND flash memory 10 is often mediated by the controller 19. Even in this case,
Since the controller 19 does not change the essential contents of the above-described data and instructions, details may be omitted. Details of configuration examples of the NAND flash memory 10 and the controller 19 will be described later.

The host device 20 is configured not only when it is configured with dedicated hardware such as a consumer device, but with a combination of dedicated hardware and firmware that operates the host device 20, and all the functions of the device are PC. The case where it implement | achieves with the software which operate | moves above is also assumed. This embodiment is basically applicable regardless of the configuration of the host device 20.

Each component and data processing shown in FIG. 1 will be described below. In the present embodiment, the secret identification information SecretID recorded in the device to be authenticated is read in a concealed state from a third party, and at the same time, it is confirmed that the data has been read from a legitimate device to be authenticated. A configuration example in the case of applying the method to a memory system using a NAND flash memory 10 is shown.

1-1. NAND flash memory
In the present embodiment, the NAND flash memory 10 is a device to be authenticated.

As shown, the NAND flash memory 10 according to this embodiment includes a cell array (
Cell array 11 and a data cache (Data
Cache) 12, data generation circuits (Generate) 13, 14, unidirectional converter (Oneway) 15
Is provided. The data generation circuits (Generate) 13 and 14 and the one-way converter (Oneway) 15 constitute an authentication circuit 17.

The cell array 11 includes a readable / writable area (Read / Write area) 11-1 in which both reading and writing from the outside are possible, a hidden area 11-2 in which both reading and writing from the outside are prohibited, ROM area where writing from outside is prohibited (ROM area)
) 11-3 and the like.

The readable / writable area (general area) 11-1 is an area where both data writing and data reading from the outside of the NAND flash memory 10 are possible. Read / write area 11
−1 includes key management information FKBv (Famil), which is an encrypted FKey bundle prepared to conceal FKey v.
y Key Block) is recorded. Unlike other data recorded in the NAND flash memory 10, FKBv is not only for manufacturing the NAND flash memory 10 but also for general users by connecting a controller to the NAND flash memory 10, for example, an SD card. It is also possible to configure such that the storage medium is downloaded and recorded from the server according to the user's request after the storage medium is manufactured or after the storage medium is sold. Details will be described later.

Here, the key management information FKBv is information used to decrypt the secret information FKey v based on the secret information IDKey k held by the host device 20 and the index information k of the secret information IDKey k , or This is information used to decrypt the secret information FKey v based on the secret information IDKey k held by the host device 20 and the identification information of the host device 20.

The key management information FKBv is not only uniquely prepared for each NAND flash memory 10, but also, for example, a manufacturing lot (lo
t) Information that can be commonly assigned to a plurality of NAND flash memories 10 (information that can be associated), such as a unit or a wafer unit. Further, the index information v of the key management information FKBv may be identification information or version number information of the key management information FKBv.

The secret area 11-2 is an area (Read / Write inhibit) in which both data writing and data reading from the outside of the NAND flash memory 10 are prohibited. Secret area 11−
In 2, secret information NKey i used by the NAND flash memory 10 in the authentication process and secret identification information SecretID of the NAND flash memory 10 are recorded.

The ROM area 11-3 is an area in which data writing from outside the NAND flash memory 10 is prohibited and data reading is permitted. In the ROM area 11-3, index information v (index of v) indicating the secret information FKey v concealed by the key management information FKBv
FKey), secret identification information SecretID (E-SecretID) encrypted by the secret information FKey v , and index information i (index of NKey) indicating the secret information NKey i are recorded.

In this embodiment, an error correction code is generally added so that correct identification information can be read even when an error occurs in data when index information i or index information v is recorded. Recorded in state. However, in order to simplify the description, error correction encoding and decoding processing are not particularly illustrated here.

In the ROM area 11-3, for example, OTP (One Time P
region), or a general region that can be read and written in the manufacturing process of the NAND flash memory 10 and that can be read-only by rewriting the management flag after shipment. . Alternatively, a method may be used in which a write command for the area is a special command different from the general area, and the special command is not provided to the recipient of the NAND flash memory 10. In addition, although it is handled as a general area on the NAND flash memory 10, the controller 19 may be configured to limit the function provided to the host device 20 to reading only.

As will be described later, the information recorded in the ROM area 11-3 is associated with the information recorded in the secret area 11-2. Therefore, if the information recorded in the ROM area 11-3 is altered, the NAND The authentication function of the flash memory 10 cannot be used effectively. Therefore, since there is no security concern due to tampering, it is not always necessary to use the ROM area, and a general area where reading and writing can be performed may be substituted. In this case, the ROM area 11-3 in the drawing may be read as the read / write area (general area) 11-1. In relation to this, a part of the data described in the ROM area 11-3 may be recorded in the readable / writable area (general area) 11-1. For example, index information v (index of FKey) is recorded in a readable / writable area (general area), and encrypted secret identification information (E-SecretID) and index information v (index of FKey) are stored in ROM area 11-3. A configuration of recording is also possible. About the structural example of the said ROM area | region 11-3, it is applicable also to the ROM area | region 11-3 mentioned later as other embodiment and a modification in this specification.

The encrypted secret identification information E-SecretID is data obtained by encrypting the secret identification information SecretID that is uniquely (uniquely) attached to each NAND flash memory chip 10 with the secret information FKey v . Alternatively, the same encrypted secret identification information E-SecretID is recorded when the same content data is recorded in pre-recording (pre-recording) content distribution such that the content is recorded and sold in the NAND flash memory in advance. For example, the same encrypted secret identification information can be recorded in a plurality of NAND flash memories according to the application.

  The data cache 12 temporarily stores data read from the cell array 11.

The data generation units 13 and 14 are circuits that generate output data by a predetermined calculation from a plurality of input data.

The data generation unit 13 generates the secret information HKey i, j by converting the constant HC j received from the host device 20 using the secret information NKey i described above. The data generation unit 14 is connected to the host device 2
By converting the random number RN h received from 0 using the secret information HKey i, j , the session key SKey i,
Generate j . The data generation units 13 and 14 may be implemented by hardware (circuit) or software, or a combination of both hardware and software.

When the data generators 13 and 14 are implemented as circuits, in order to reduce the overall circuit scale, the data generators 13 and 14 are the same as the unidirectional converter 15 described later or a circuit that uses a unidirectional converter,
It is also possible to use an (Advanced Encryption Standard) encryptor or the like. Similarly, two data generation units illustrated as different components in order to make the data processing procedure easy to understand can repeatedly use the same circuit. In this example, HKey i, j = AES_E
A configuration such as (NKey i , HC j ), SKey i, j = AES_E (HKey i, j , RN h ) can be taken.

The one-way converter 15 performs one-way conversion on the input data and the key data input separately, and outputs the input data subjected to the one-way conversion. The unidirectional converter 15 may be implemented in hardware (circuit) or software, or a combination of both hardware and software.

The unidirectional converter 15 converts the secret identification information SecretID read from the secret area 11-2 by a unidirectional function using the session key SKey i, j generated by the data generation circuit 14, and generates a unidirectional function. Conversion identification information Oneway-ID (= Oneway (SKey i, j , SecretID)) is generated.
Further, when the unidirectional converter 15 is mounted as a circuit, as described above, the data generation unit 14 or the like can be used to reduce the overall circuit scale. In this example, a configuration such as Oneway-ID = AES_E (SKey i, j , SecretID) (+) SecretID can be adopted.

Although not shown, an output unit that outputs data to the host device 20 via the controller 19 is actually arranged as a component.

1-2. Host device
In the present embodiment, the host device 20 is an authentication device.

As shown in the figure, the host device (Host) 20 according to this embodiment includes a decryption unit (Decrypt) 2.
1. FKB processing part (Process FKB) 22, memory (Memory) 23, random number generation part (RNG: Random
A number generator 24, a selection unit (Select 2) 25, a data generation unit (Generate) 26, a one-way converter (Oneway) 27, a data verification unit (Verify) 28, and the like. In addition, for example, an error correction processing unit (not shown) can be provided as a constituent element as necessary.

The decryption unit 21 combines the input data with the separately input key data, and outputs the decrypted input data. In the present embodiment, the decryption unit 21 reads the encrypted secret identification information E-SecretID from the NAND flash memory 10 via the controller 19. Then, the encrypted secret identification information E-SecretID is decrypted using the secret information FKey input from the FKB processing unit 22 (data selection unit 22-2) described later, and the secret identification information SecretID is output.

The FKB processing unit 22 reads the key management information FKBv read from the NAND flash memory 10.
, Secret information IDKey k concealed in the memory 23 and index information of the secret information IDKey k
Decryption is performed using k, and the generated confidential information FKey is output to the decryption unit 21. In this embodiment, FKB
The processing unit 22 includes a data selection unit (Select 1) 21-1 and a decryption unit (Decrypt) 22-2.

The first-stage data selection unit 21-1 uses the index information k recorded in the memory 23 from the encrypted FKey bundle (key management information FKBv) read from the NAND flash memory 10. 23, data that can be decrypted is selected by the secret information IDKey k concealed in the data 23 and output to the decrypting unit 22-2.

The decryption unit 22-2 decrypts the data selected by the data selection unit 22-1 using the secret information IDKey k concealed in the memory 23, and outputs the generated concealment information FKey to the decryption unit 21. .

The memory 23 stores index information k, secret information IDKey k , secret information set HKey i, j (i = 1,...
, m. J is a fixed value in the HKey i, j ), and the constant HC j is recorded, and at least the secret information IDKey k and the secret information set HKey i, j (i = 1,..., M) are hosted. It is kept secret from the outside of the device 20. Here, the constant HC j is NAND at the time of authentication request (Request authentication).
This is a constant of the host device 20 that is held in advance for transmission to the type flash memory 10. Details will be described later.

The random number generator 24 generates and outputs a random number RN h used for authentication processing.

The data selector 25 in the second stage is a ROM area 11-3 of the NAND flash memory 10.
From the secret information set HKey i, j concealed by the host device 20 using the index information i read out from the data cache 12 from the secret information HKe necessary for authentication processing
Select y i, j .

The data generation unit 26 is a calculation unit that generates output data by a predetermined calculation from a plurality of input data. In the present embodiment, the data generation unit 26 converts the random number RN h generated by the host device 20 itself using the secret information HKey i, j that the host device 20 conceals , thereby obtaining the session key SKey i, Generate j . As the data generation unit 26, for example, the above-described AES encryptor or the like can be used.

The unidirectional converter 27 converts the secret identification information SecretID output from the decryption unit 21 by a unidirectional function using the session key SKey i, j output from the data generation unit 26 , thereby converting the unidirectional conversion. Identification information Oneway-ID is generated.

The data verification unit 28 receives the unidirectional conversion identification information Oneway-ID received from the NAND flash memory 10 and the unidirectional conversion identification information Oneway-ID obtained from the unidirectional converter 27 in the host device 20. Compare whether or not. When both values of the one-way conversion identification information Oneway-ID match (OK), it is determined that the secret identification information SecretID obtained by the decryption unit 21 is a regular ID, and the obtained secret is obtained. The identification information SecretID is handed over to the subsequent processing. on the other hand,
If they do not match (NG), the secret identification information SecretID is determined to be an invalid ID, and a message to that effect is output.

In addition, when the secret information possessed by the host device 20 such as IDKey k , HKey i, j is leaked and the unauthorized host device having the leaked information is manufactured by an unauthorized manufacturer, the unauthorized host device is invalidated. As a means, IDKe possessed by unauthorized host device from key management information (FKBv)
It is also possible to take measures such as excluding information from which FKey can be derived at y k . This correspondence will be described later with reference to FIG. In this correspondence, it is useful to have a relationship between the secret information IDKey k, the index information k, the secret information HKey i, j, and the host constant HC j . If this is relevant, both the secret information IDKey k and HKey i, j possessed by the unauthorized host device can be specified by observing HC j notified by the unauthorized host device during authentication. As the method of association, and to share all or part of the information of HC j and IDKey k, or be composed of a result of the cryptographic processing IDKey k all or part of the information of HC j, the IDKey k A method such as composing all or part of information by the result of cryptographic processing of HC j can be used. Furthermore, it is desirable to use HKey i, j in addition to FKey and IDKey k in generating key management information (FKBv). This will be described later in the section explaining the configuration example of the FKB.

Here, if the host device 20 is a dedicated hardware device such as a consumer device, the secret information IDKey k and the secret information HKey i, j are encrypted in an internal dedicated memory by a method unique to the manufacturer. If the program is recorded or executed on a PC, etc., it is kept in a state where it can be protected from unauthorized analysis by tamper resistant software (TRS) technology, or the security module is built-in It is recorded in a state where measures such as concealment using the module function are taken.

The controller 19 controls the NAND flash memory 10 to perform data transfer with the host device 20 and the like. For example, the controller 19 interprets an instruction received from the host device 20, converts the instruction into an instruction conforming to the interface specification of the NAND flash memory 10, and then sends the instruction to the NAND flash memory 10. The controller 19 can adopt various interface standards as required, such as the SD Memory standard, SDIO standard, eMMC standard, and the like.

Further, the controller 19 secures a part of the general area 11-1 and stores control data necessary for its own operation. The controller 19 may have a function of converting a logical address received from the host device 20 into a physical address of the NAND flash memory.
Further, in order to level out the fatigue of the cell array 11, it may have a function of performing so-called wear leveling. However, at least the secret area 11-2 is not subject to wear leveling.

Further, the configuration example of the memory system is not limited to that described above. For example, other components such as an error correction processing unit (not shown) can be provided as necessary. Furthermore,
There may be a plurality of secret information NKey i included in the NAND flash memory 10. That is, a combination of the secret information NKey i and the corresponding index information i is defined as one slot, and a plurality of slots are recorded in the NAND flash memory 10. Here, a slot number is assigned to each of the slots, and the host device 20 reads the index information i of each slot number and selects one to perform authentication. In this case, the host device 2
0 notifies the NAND flash memory 10 of information corresponding to the selected slot number, and the NAND flash memory 10 performs authentication processing using the information corresponding to the notified slot number. Furthermore, all information included in the NAND flash memory 10 may be set as one slot, and a plurality of information slots may be provided. That is, the secret information NKey i , index information i, key management information (FKBv), index information v (index of FKey), secret identification information SecretID, encrypted secret identification information (E-SecretID) as one slot, A plurality of slots are recorded in the NAND flash memory 10. Here, a slot number is assigned to each of the slots, and the host device 20 reads the index information i of each slot number and selects one to perform authentication. In this case, the host device 20 is N
Notifying the AND flash memory 10 of information corresponding to the selected slot number,
The NAND flash memory 10 performs an authentication process using information corresponding to the notified slot number.

In the above description, the NAND flash memory 10 has a method having a plurality of slots. However, the present invention is not limited to this, and any configuration in which a part of information is shared by a plurality of slots is possible. For example, secret identification information SecretID, encrypted secret identification information (E-SecretID
), Key management information (FKBv), index information v (index of FKey) can be shared by a plurality of slots, and other information can be individually stored for each slot.

Further, the method in which the NAND flash memory 10 has a plurality of slots and slot numbers and the host device 20 notifies which slot is used for authentication can be applied to all other embodiments described later in this specification. It is.

<2. Authentication flow>
Next, an authentication flow of the memory system according to the first embodiment will be described with reference to FIG.

(Step S11)
When authentication is started (Start), the host device 20 sends an encrypted FKey bundle (FKB: Family Key Block), which is key management information, and encrypted secret identification information Sec from the NAND flash memory 10.
Read retID (E-SecretID).

(Step S12)
Subsequently, the host device 20 selects the data selection unit (Select1) 2 from the read key management information FKB.
Encrypted confidential information that can be decrypted by the host device 20 by performing data selection processing according to 2-1.
The FKey is read, and the secret information FKey is obtained by decrypting the secret information IDKey k using the decryption unit 22-2. Further, the host device 20 obtains the obtained confidential information.
Using FKey, the encrypted secret identification information E-Se read from the NAND flash memory 10
Secret identification information SecretID is obtained by decrypting cretID.

(Step S13)
Subsequently, the host device 20 requests the NAND flash memory 10 to read the index information i.

(Step S14)
Subsequently, in response to a request from the host device 20, the NAND flash memory 10 loads the index information i from the cell array 11 and outputs it to the host device 20.

(Step S15)
Subsequently, the host device 20 generates a random number RN h that is necessary when an authentication request is made. By using the random number RN h for the authentication process, it is possible to use a different shared key with the NAND flash memory 10 each time in the following process.

(Step S16)
Subsequently, the host device 20 sends a constant HC j and a random number RN h held in advance together with an authentication request (Request authentication) to the NAND flash memory 10.

(Step S17)
Subsequently, the NAND flash memory 10 loads the secret information NKey i (i = 1,..., M) and the secret identification information SecretID from the secret area 11-2 and stores them in the data cache 12.

(Step S18)
Subsequently, the NAND flash memory 10 generates secret information HKey i, j by data generation processing in the data generation circuit 13 using the secret information NKey i that is concealed and the constant HC j received from the host device 20. To do.

(Step S19)
Subsequently, the NAND flash memory 10 uses the received random number RN h to generate a session key SKey i, j (= Generate (HKey i, j , R) by data generation processing in the data generation circuit 14.
N h )) is generated.

(Step S20)
Subsequently, the NAND flash memory 10 performs one-way conversion processing in the one-way converter 15 on the secret identification information SecretID by using the generated session key SKey i, j , and the one-way conversion identification information Oneway- Generate ID (= Oneway (SKey i, j , SecretID)). The generated one-way conversion identification information Oneway-ID is sent to the host device 20.

(Step S21)
In parallel with Step S18, the host device 20 uses the received index information i to store the NAND flash memory 10 from the secret information set HKey i, j (i = 1,..., M) concealed in advance. Secret information HKey i, j necessary for the authentication process is selected.

(Step S22)
Subsequently, the host device 20 uses the selected secret information HKey i, j and the generated random number RN h ,
The session key SKey i, j (= Generate (HK
ey i, j , RN h )).

(Step S23)
Subsequently, the host device 20 uses the generated session key SKey i, j to generate the secret identification information Sec.
The retID is subjected to a unidirectional conversion process in the unidirectional converter 27, and the unidirectional conversion data Onewa
Generate y-ID.

(Step S24)
Subsequently, the host device 20 determines whether or not the one-way conversion identification information Oneway-ID received from the NAND flash memory 10 matches the one-way conversion identification information Oneway-ID generated by itself. . When both values of the above one-way conversion identification information Oneway-ID match (OK)
In this case, it is determined that the secret identification information SecretID obtained by the decryption unit 21 is a regular ID, and the secret identification information SecretID is delivered to the subsequent processing. On the other hand, in the case of mismatch (NG), the secret identification information
It is determined that SecretID is an invalid ID, and that fact is output to the subsequent processing.

  With the above operation, the authentication flow according to the first embodiment is ended (End).

Here, as shown in the configuration example of the memory system, when the NAND flash memory 10 has a plurality of slots, the host device 20 needs to notify the NAND flash memory 10 of the slot number used for authentication. In this case, the slot number may be notified in Step S16, or may be notified in Step prior to Step S16.

<3. About FKB (Family Key Block) >
Next, the key management information FKB (Family Key Block) according to the first embodiment will be described in more detail with reference to FIG.

In order to generate key management information FKB suitable for the NAND flash memory 10 in which the secret identification information SecretID is recorded, IDKey i (i = 1,..., N) (secret key information prepared in advance)
By using the Set of IDKey i 's 1 single one of IDKey i of), and one by one encrypt the FKey v (Encrypt). That is, the key management information FKB is encrypted FKey v (E- FKey v , i) = Encrypt (IDKey i , FKey v )
This set of encrypted FKey v is called an encrypted FKey bundle.

The configuration of the key management information FKB is not limited to this embodiment. For example, a specific IDK
If ey i is exposed, the host device 20 that holds the IDKey i encrypts the FKey.
In order not to be able to decrypt the FKey from the bundle, it is newly configured by deleting the encrypted FKey v (E-FKeyv, i in the above example) that can be decrypted with the secret information IDKey i from the FKB. When the NAND flash memory 10 in which the recorded FKB is recorded is used, it is possible that the host device 20 cannot obtain (decode) the correct FKey v and secret identification information SecretID. In this way, it is possible to provide a function for invalidating the host device 20 that holds the secret information IDKey i .

As described above, in addition to the FKey and IDKey k in generating the key management information (FKBv), the secret information IDKey k, the index information k, the secret information HKey i, j, and the host constant HC j are associated with each other. HKey i, j can also be used. For example, (E- FKey v , i) = Encry
pt (Encrypt (IDKey i , FKey v ), HKey i, j ), (E- FKey v , i) = Encrypt (Encrypt (Encrypt (HKey i, j ,
FKey v ), IDKey i ), (E-FKey v , i) = Encrypt (HKey i, j , IDKey i (+) FKey v ) may be employed. This has the effect of preventing the combination of secret keys IDKey i , HKey i, j of different devices when keys are leaked from a plurality of host devices 20. In other words, unless it is a correctly combined IDKey i , HKey i, j , it becomes impossible to decode FKey, and by observing HC j , HKey i, j associated with this is found, and IDKey i is also As a result, the IDKey i that has been exposed can be invalidated.

The method for generating the key management information FKB is not limited to this embodiment. For example, even if the key management information FKB is generated using the MKB (Media Key Block) technique used in CPRM (see Non-Patent Document 1) or the MKB technique disclosed in Non-Patent Document 3, the host device 20 It is possible to provide a function for disabling.

Here, MKB technology means that in the situation where multiple devices have different secret information, it is possible to invalidate the device while efficiently using common secret information (Media Key) (for devices that are not subject to invalidation). It is a technology for sharing well, and is also called Broadcast Encryption.

For example, when the MKB technique is applied, a configuration example of the memory system is shown in FIG. The memory system shown is different from FIG. 1 in that an FKB processing unit (Process FKB) 22 is shown as a superordinate concept. Even in this case, the data corresponding to K or IDKey i is associated with the HKB i, j or HC j corresponding to the FKB decrypted by the node number of the host device 20 or the host key group assigned to the node number. This makes it possible to identify and invalidate the exposed key.

<4. About writing confidential information and FKB>
Next, writing of secret information and key management information FKB to the NAND flash memory 10 will be described.

4-1. When writing at the time of manufacturing NAND flash memory
First, a case where secret information or key management information FKB is written when the NAND flash memory 10 is manufactured, for example, will be described with reference to FIGS. Here, description will be made in accordance with the flow of FIG.

The license administrator 40 generates the following data: key management information FKBv (v = 1, ..., n), confidential information FKey v (v = 1, ..., n), index information v (v = 1,…, n),
Secret information NKey i and index information i. As described above, FKBv is obtained by encrypting FKey v . Further, v may be a plurality of values. For example, when the license manager 40 generates three values 1, 2, and 3 as v, the license manager 40 associates (FKB1, FKey 1 ), (FKB2, FKey 2 ) with the generated v. ), (FKB3, FKey 3 ).

The license administrator 40 generates FKey v (v = 1, ..., n), v (v = 1, ..., n), NKey among the generated data.
i and i are passed to the memory manufacturer 30. When transferring these data, for example, the license manager 40 obtains the public key of the memory manufacturer 30 in advance, encrypts the data using the public key, and transmits it to the memory manufacturer 30. Use safe means such as

In addition to the NAND flash memory 10, the memory manufacturer 30 holds data 31 such as FKBv (v = 1,..., N) passed from the license manager 40, and selects units 32 and 33. , A generation unit 34 and an encryption unit 35.

(Step S31)
With the above configuration, first, the memory manufacturer 30 generates secret identification information SecretID in the generation unit (SecretID Generator) 34.

(Step S32)
Subsequently, the memory manufacturer 30 that has received the data 31 selects one value from v and selects the value 3.
Select by 2. Further, the selection unit 32 selects the FKey v corresponding to the selected v . The memory manufacturer 30 encrypts the generated SecretID using the selected FKey v , and generates encrypted secret identification information E-SecretID.

(Step S33)
Subsequently, the memory manufacturer 30 writes the value of v as index information v (index of FKey) in the ROM area 11-3 of the NAND flash memory 10.

Further, the memory manufacturer 30 writes the value of the index information i (index of NKey) in the ROM area 11-3 of the NAND flash memory 10 and the value of NKey i in the secret area 11-2.

Further, the memory manufacturer 30 transfers the secret identification information SecretID value to the secret area 11-2 of the NAND flash memory 10, and the encrypted secret identification information E-SecretID value to the ROM area 11-.
Write to 3 respectively.

With the above operation, predetermined secret information and key management information FKB can be written when the NAND flash memory 10 is manufactured (End). Note that the order of writing the above values is after the encryption processing by the encryption unit 35 because the encrypted secret identification information E-SecretID is a value that cannot be obtained unless the encryption processing is performed. However, there is no restriction on the order of other writing operations, and writing may be performed in an order other than the above example.

Further, the memory manufacturer 30 gives the NAND flash memory 10 for which the writing process has been completed to a card manufacturer (Card Vendor).

Thus, in this embodiment, the index information v (index of FKey) or the like can be written in advance in the NAND flash memory 10.

4-2. When the FKB is written by the card manufacturer (Card Vendor)
Next, the case where the card manufacturer 50 writes the FKB will be described with reference to FIGS.
Here, the description will be made along the flow of FIG.

A card manufacturer (Card Vendor) 50 receives the NAND flash memory 10 in which the predetermined information v and the like are written from the memory manufacturer 30.

Then, a controller 19 for controlling the NAND flash memory 10 such as an SD card is coupled to a storage medium (here, Card
) 55 is manufactured.

The card manufacturer 50 includes data (FKBv) 51 received from the license manager 40 and a selection unit 52 in addition to the storage medium (Card) 55.

  The process in which the card manufacturer 50 writes the key management information FKBv is as follows.

(Step S35)
First, the card manufacturer 50 receives the key management information FKBv as data 51 from the license manager 40. At this time, the above-described safe means is used for delivery of the data 51.

Then, the card manufacturer 50 uses the value of the index information v recorded in the ROM area 11-3 of the NAND flash memory 10 (via the controller 19) as the data cache 1
Read to 2 etc.

(Step S36)
Subsequently, the card manufacturer 50 selects the key management information FKBv corresponding to the read value of the index information v by the selection unit 52.

(Step S37)
Subsequently, the card manufacturer 50 writes the selected key management information FKBv into the read / write area 11-1 of the NAND flash memory 10 via the controller 19.

<Effect>
As described above, according to the authentication device, the device to be authenticated, and the authentication method according to the first embodiment, at least the following effects (1) to (3) can be obtained.

(1) Even if secret information is leaked from the host device 20, unauthorized use of the secret information of the NAND flash memory 10 using the leaked information can be prevented.
Here, as described above, the host device 20 that is an authentication device is provided not only as a dedicated hardware device such as a consumer device but also as a program that can be executed by a PC or the like, for example. It may become. On the other hand, the NAND flash memory 10 that is the device to be authenticated is a recording medium, and even when a program called firmware is present, important processes and information are kept secret in the hardware in the cell array 11. Is memorized.

Therefore, in reality, for example, there is a concern that software executed on a PC has a lower tamper resistance (resistance to attack) than a recording medium. Therefore, by attacking the host device (authentication device) 20 with low tamper resistance, secret information concealed in the NAND flash memory 10 (authenticated device) with high tamper resistance is also exposed, and tamper resistance is improved. There is concern about impersonating a high device.

Therefore, in the configuration and the authentication method according to the first embodiment, as described above, the NAND flash memory 10 having a relatively high tamper resistance is used for the first key information (NKey i ) to the second key information (HKey The first key information (NKey i ) that can generate i, j ) is concealed in the cell array 11. On the other hand, the host device 20 from the second key information (HKey i, j) to conceal the second key information (HKey i, j) can not be generated first key information (NKey i) only into the memory 23 .

Therefore, the NAND flash memory 10 uses the constant HC j received from the host device 20.
And the first key information (NKey i ) concealed by itself, the second key information (HKey i, j ) concealed by the authentication device 20 is generated. The NAND flash memory 10 generates the session key SKey i, j using the second key information (HKey i, j ) and the random number RN h .

The host device 20 uses the second key information (HKey i, j ) selected by the index information i and a random number.
A session key SKey i, j is generated using RN h . As a result, the NAND flash memory 10 and the host device 20 share the same session key SKey i, j .

Thus, in this embodiment, the secret level of information concealed by the NAND flash memory (authenticated device) 10 and the secret level of information concealed by the host device (authentication device) 20 can be made asymmetric. . For example, in the present embodiment, the NAN having a relatively high tamper resistance.
The secret level of information concealed by the D-type flash memory 10 can be set higher than the secret level of information concealed by the host device 20 having relatively low tamper resistance.

Therefore, even if information concealed by the host device 20 is leaked, since the secret level of the information concealed by the NAND flash memory 10 having relatively high tamper resistance is higher, the NAND using the leaked information is performed. The type flash memory 10 cannot be “spoofed”. Therefore, it is advantageous in that unauthorized use of the secret information of the NAND flash memory 10 using the leaked information can be prevented. As a result, for example, it is possible to reliably determine that the ID information read from the host device 20 is the information read from the target device to be authenticated 10 and invalidate the unauthorized use of the other party.

(2) It is advantageous in mounting.
As described above, in the configuration of this embodiment, under the environment in which restrictions on circuit scale are imposed simultaneously, such as hardware implementation of public key encryption processing and MKB processing requiring a relatively large circuit scale is difficult. It is.

However, according to the present embodiment, it is not necessary to use public key encryption processing that requires a relatively large circuit scale although the key information is asymmetric. Furthermore, as described above, the host device (
By making the secret level of information concealed between the authentication device (20) and the NAND flash memory (authenticated device) 10 asymmetric, information leaked from one device alone cannot impersonate the other device. Authentication means is used to share the session key SKey i, j , which is secret information, between the authentication device 20 and the device to be authenticated 10.

Therefore, it can be said that it is advantageous in mounting even in a severe environment where the above restrictions are imposed. Furthermore, as described above, the circuit scale can be further reduced by sharing the data generation circuit and the encryptor constituting the memory system as the same processing.

(3) It is advantageous for simplification of the manufacturing process and reduction of manufacturing cost.
The NAND flash memory 10 according to this embodiment includes a read / write area 11-1,
Depending on the application, key management information (FKBv) that is unique (unique) for each NAND flash memory 10 or is commonly assigned to a plurality of NAND flash memories 10 such as a manufacturing lot unit is provided. Furthermore, the ROM area 11-3 includes encrypted secret identification information (E-SecretID) that is uniquely (uniquely) attached to each NAND flash memory 10.

When key management information (FKBv) is shared in units of production lots, unique (unique) information that must be recorded for each NAND flash memory 10 is converted into encrypted secret identification information (E-SecretID). ) Can be reduced only to data with a small data size.
In other words, common key management information (FKBv) and unique encryption secret identification information (E-Secret
ID) and encryption in two stages can suppress the data size of the unique encrypted secret identification information (E-SecretID) to be written in the NAND flash memory 10.

For example, as shown in FIG. 5 and FIG. 6 above, at the time of manufacturing a NAND flash memory, the memory manufacturer 30 receives information (E−) specific to each NAND flash memory 10 received from the license manager 40. Write SecretID).

The encrypted key management information (commonly attached to the NAND flash memory 10)
As for FKBv), the card manufacturer 50 or the like can write in the NAND flash memory 10 in common. For example, as shown in FIGS. 7 and 8, the card manufacturer 50 writes the common key management information FKBv for each NAND flash memory 10 received from the license manager 40. Therefore, the NAND that the memory manufacturer 30 must write
It is possible to reduce the size of data unique to each type flash memory 10.

Here, when writing information that is unique and has a large data size to the NAND flash memory 10 when the NAND flash memory 10 is manufactured, the manufacturing process becomes complicated, the manufacturing time becomes longer, and the manufacturing cost increases. . However, according to the configuration and method according to the present embodiment, the common key management information FKBv and the unique encrypted secret identification information (E-Secret
Such a complicated manufacturing process becomes unnecessary by encrypting it in two steps separately from ID), which is advantageous in that the manufacturing process can be simplified and the manufacturing cost can be reduced. Further, since the manufacturing time can be shortened, there is a merit in that the power consumption can be reduced.

The host device 20 also generates an E-SecretID by encrypting the SecretID, which is a value unique to the NAND flash memory, using the secret information FKey, and further using the IDKey k.
By adopting a configuration in which the key management information FKB is generated by encrypting the FKey, it is possible to enjoy the same advantages as those of the NAND flash memory 10.

[Modification 1 (when FKB is downloaded and written later)]
Next, an authentication apparatus, an apparatus to be authenticated, and an authentication method according to Modification 1 will be described. In this description, the description of the same parts as those in the first embodiment is omitted.

<About FKB writing>
The writing of the encrypted FKey bundle (FKB) will be described.
In the processing in the first modification, the encrypted FKey bundle (FKB) is a NAND flash memory 1.
This is a process that is not particularly necessary when data is written at the time of manufacture of zero. However, when the NAND flash memory 10 and the controller 19 are combined, for example, when a general user obtains a storage media product such as an SD card and is written later in the market when using the card, the necessary FKB It relates to the writing process.

FIG. 9 shows a state in which the key management information FKB is data recorded on the unrecorded storage medium (Card) 55 as described above.
As shown in the figure, the NAND flash memory 10 includes secret information NKey i and secret identification information S.
ecretID is recorded in the secret area 11-2. Secret ID (E) encrypted by the index information i necessary to identify the secret information NKey i , the index information v necessary to identify the key management information FKB, and the FKey v specified by the index information v -SecretID) is recorded in the ROM area 11-3.

The read / write area 11-1 is different from the first embodiment in that the key management information FKB that is an encrypted FKey bundle is not written.

Next, a case where FKB is downloaded from the server and recorded on the storage medium 55 in which the key management information FKB is not recorded as described above will be described with reference to FIG.

As shown in the figure, in this case, a data cache 12 is arranged in the NAND flash memory 10 as necessary.

The server 70 according to the present embodiment includes an FKB database (Set of FKB i 's (i = 1,..., X)) 7
1 and a selection unit 72 for selecting the key management information FKBv from the index information v.

The server 70 and the memory system (NAND flash memory 10, controller 19, and host device 20) are electrically connected to each other via the Internet 60.

The host device 20 determines whether or not new writing of the FKB is necessary, and if necessary, F
It has a function to request KB from the server.

<FKB writing flow>
Next, according to FIG. 11, an encrypted FKeyID bundle (FKB) is downloaded from the server 60 and N
A flow for writing into the AND type flash memory 10 will be described.

(Step S41)
As shown in the figure, first, when the host device 20 determines that FKB download is necessary, FKB writing is started (Start), and the host device 20 issues an FKB request to the server 60.

(Step S42)
Subsequently, the server 70 requests the index information v required for specifying the FKey v from the NAND flash memory 10.

(Step S43)
Subsequently, the NAND flash memory 10 reads v from the ROM area 11-3 and sends v to the server.

(Step S44)
Subsequently, the server 70 selects an FKBv corresponding to the received v from the FKB database 71.

(Step S45)
Subsequently, the server 70 sends the selected FKBv to the NAND flash memory 10.

(Step S46)
Subsequently, the NAND flash memory 10 reads and writes the received FKBv in the readable / writable area 11−.
Write to 1 and record.

With the above operation, the encrypted FKey bundle (FKB) download flow according to the first embodiment is ended (End).

  Other configurations, operations, and the like are substantially the same as those in the first embodiment.

<Effect>
According to the authentication device, the device to be authenticated, and the authentication method according to Modification 1, at least the same effects (1) to (3) as in the first embodiment can be obtained.

Furthermore, according to the first modification, even when the FKB is written later, this embodiment can be applied as necessary.

[Second Embodiment]
Next, a second embodiment will be described. In this description, the description of the same parts as those in the first embodiment is omitted.

Here, in the first embodiment, the NAND flash memory 10 by the host device 20 is used.
After successful authentication, both share the secret identification information SecretID. As the processing after authentication, for example, the host device 20 encrypts the content and writes the encrypted content into the NAND flash memory 10. In this case, the shared secret identification information SecretID is used. Conceivable.

The purpose of this embodiment is to protect the secret identification information SecretID even in such processing. Therefore, in this description, the description of the same part as the first embodiment is omitted.

<Memory system>
The memory system according to the second embodiment is shown as in FIG.

As shown in FIG. 12, the memory system according to the present embodiment includes a one-way converter (Oneway).
27B, the switch unit 29, and all the host devices 20 that handle the target content are further provided with information (ASSV) that is commonly held, which is different from the first embodiment.

The switch unit 29 receives the one-way conversion identification information Oneway in the data verification unit (Verify) 28.
When the determination result when both values of -ID match (OK) is input as a control signal, the signal path is turned on and the secret identification information SecretID is output to the one-way conversion unit 27B.

The one-way conversion unit (Oneway) 27B receives the secret identification information Secret input from the switch unit 29.
Information that the ID is commonly held by all host devices that handle the target content (AS
SV) to convert by one-way function, one-way conversion identification information EMID (EMID = Oneway (Secr
etID, ASSV)).

As described above, in the second embodiment, after the secret identification information SecretID is verified by the host device 20, the host device 20 holds information (ASSV) that all target host devices hold in common.
) Is used to convert the secret identification information SecretID, and the one-way conversion identification information EMID is calculated. Therefore, the host device 20 uses the one-way conversion identification information EMID instead of the secret identification information SecretID.
Can be used to perform processing such as content encryption.

Other configurations, operations, and the like are substantially the same as those in the first embodiment, and a detailed description thereof will be omitted.

<Effect>
According to the authentication device, the device to be authenticated, and the authentication method according to the second embodiment, at least the same operational effects (1) to (3) as in the first embodiment can be obtained.

Furthermore, in the second embodiment, the host device 20 includes information (ASSV) held in common by the one-way converter (Oneway) 27B, the switch unit 29, and all host devices that handle the target content. Is further different from the first embodiment.

According to the above configuration, after the secret recognition information SecretID is verified by the host device 20, the host device 20 uses the information (ASSV) held in common by all the target host devices to use the secret identification information SecretID. And unidirectional conversion identification information EMID is calculated. Therefore, the host device 20 can perform processing such as content encryption using the unidirectional conversion identification information EMID instead of the secret identification information SecretID.

As a result, although illustration is omitted here, the one-way conversion identification information EMID can be used in content encryption or the like in the subsequent process, and the secret identification information SecretID can be prevented from leaking in the subsequent process. This is further advantageous in that the confidentiality of the secret identification information SecretID can be enhanced. Details will be described later.

[Third Embodiment]
Next, a third embodiment will be described. The third embodiment relates to an example in which the NAND flash memory 10 authenticates the host device 20. In this embodiment, NA
A method for reading secret identification information SecretID recorded in the ND type flash memory 10 while keeping it secret from a third party and for reliably determining that the data is read from the NAND type flash memory 10 A method in which the NAND flash memory 10 inspects the host device 20 based on the obtained data is shown.

  In this description, the description of the same part as the above embodiment is omitted.

<Memory system>
A memory system according to the third embodiment will be described with reference to FIG.
As illustrated, in the present embodiment, the NAND flash memory 10 further includes a function control unit 18, a random number generator 24n, and a data verification unit 28n. Further, the host device 20 is different from the first embodiment in that the host device 20 further includes a function calling unit 30.

Random number generator (RNG: Random Number Generator) 24n generates a random number RN n used for authentication.

The data verification unit (Verify) 28n receives the unidirectional conversion identification information received from the host device 20.
The determination is made by comparing the Oneway-ID and the unidirectional conversion identification information obtained from the unidirectional converter 15 in the NAND flash memory 10 device. If both values match, the host device 20
Is getting the correct Oneway-ID (OK), but is not getting the correct Oneway-ID if there is a mismatch (
NG).

The function control unit (Function Control Unit) 18 is onewa
Only when the y-ID is obtained (OK), the memory cell array 11 is enabled for the predetermined function so that the predetermined function of the NAND flash memory 10 can be used for the host device 20. Further, the constant HC j received from the host device 20 is input to the function control unit 18, and
The predetermined function may be controlled according to the constant HC j . Here, the predetermined function will be separately described later.

The function calling unit 30 has access permission information (Access) indicating that the NAND flash memory 10 has confirmed the validity of the one-way conversion identification information Oneway-ID generated by the host device 20.
When the host device 20 receives (Permission), a process for calling a predetermined function of the NAND flash memory 10 is performed.

<Authentication flow>
Next, an authentication flow of the memory system according to the third embodiment will be described with reference to FIG.

(Step S11)-(Step S14)
As shown in the figure, from the start of authentication (Start), the above steps S11 to S14 perform the same processing as in the first embodiment.

(Step S51)
Subsequently, when receiving the index information i, the host device 20 receives a random number generation request (Request R).
N n ) is sent to the NAND flash memory 10.

(Step S52)
Then, NAND-type flash memory 10 receives the request, generates a random number RN n by the random number generation unit 24n. The generated random number RN n is sent to the host device 20.

(Step S21)-(Step S23)
Subsequently, the host device 20 performs steps S21 to S23 similar to those in the first embodiment.

(Step S53)
Subsequently, the host device 20 sends an authentication request (Re
quest authentication), and sends the constant HC j and the one-way conversion identification information Oneway-ID.

(Step S17)-(Step S20)
Subsequent to steps S17 to S19 similar to the above, at the time of S20, the NAND flash memory 10 uses the generated session key SKey i, j to convert the secret identification information SecretID to the one-way in the one-way converter 15. Unidirectional conversion identification information Oneway-ID (= On
eway (SKey i, j , SecretID)) is generated.

(Step S54)
Subsequently, the NAND flash memory 10 receives the received one-way conversion identification information Oneway-I.
Confirm that D and the one-way conversion identification information generated by itself match. If they match (O
K) determines that the SecretID is a regular ID, and if there is a mismatch (NG), the SecretID
Is determined to be an illegal ID, the determination result is returned to the host device 20, and call acceptance of a predetermined function is permitted (Permission).

(Step S55)
Subsequently, the NAND flash memory 10 determines that the predetermined function of the NAND flash memory 10 can be used for the host device 20 in the function control unit 18 when the determination results in S54 match (OK). Enable (enable) certain functions
I do.

(Step S56)
Subsequently, the host device 20 uses the function calling unit 30 to access permission information (Access Permission) indicating that the NAND flash memory 10 has confirmed the validity of the one-way conversion identification information Oneway-ID generated by the host device 20. Is received by the host device 20, the NA
An instruction for calling a predetermined function of the ND flash memory 10 is returned.

(Step S57)
Subsequently, the NAND flash memory 10 receives a function call, and the function control unit 18 performs processing according to the function call command received from the host device 20.
Returns the status of the processing result (Status).

At this time, the constant HC j received from the host device 20 may be input to the function control unit 18 to control the predetermined function according to the constant HC j . The predetermined function will be described later separately.

<Effect>
According to the authentication device, the device to be authenticated, and the authentication method according to the third embodiment, at least the same effects (1) to (3) as in the first embodiment can be obtained. Furthermore, at least the following effects (4) and (5) can be obtained.

  (4) The NAND flash memory 10 can authenticate the host device 20.

In the third embodiment, the NAND flash memory 10 further includes a function control unit 18, a random number generator 24n, and a data verification unit 28n. Further, the host device 20 is different from the first embodiment in that the host device 20 further includes a function calling unit 30.

Therefore, according to the above configuration, the host device 2 is compared with the NAND flash memory 10.
Only when the host device 20 is reliable when 0 accesses, the NAND flash memory 10 can control an authentication function such as providing a predetermined function.

As described above, according to the present embodiment, it is advantageous in that a recording medium such as a NAND flash memory, which is often used as a device to be authenticated, can authenticate the host device 20 on the contrary.

(5) It is advantageous in that it is possible to provide a mechanism for further controlling whether or not to provide a predetermined function according to the unique information (such as constant HC j ) of the authenticated host device 20. Details of the predetermined function will be described later.

[Fourth Embodiment (Mutual Authentication)]
Next, a fourth embodiment will be described. The fourth embodiment relates to an example in which the NAND flash memory 10 and the host device 20 authenticate each other.

  In this description, the description of the same part as the above embodiment is omitted.

<Memory system>
A memory system according to the fourth embodiment will be described with reference to FIG.
As shown in the figure, the present embodiment includes a configuration in which the memory system according to the first embodiment and the memory system according to the third embodiment are substantially combined.

More specifically, the NAND flash memory 10 and the host device 20 are connected to the random number generator 2.
4n and 24h, generation units 14-2 and 26-2, unidirectional converters 15-2 and 26-2, and data verification units 28n and 28h. Furthermore, the host device 20 is different from the third embodiment in that the host device 20 further includes a switch unit 29B.

  About operation | movement of said each structure, it is the same as that of the said embodiment.

<Authentication flow>
Next, an authentication flow of the memory system according to the fourth embodiment will be described with reference to FIG. The authentication flow according to the present embodiment basically includes the authentication operation according to the third embodiment after the authentication operation according to the first embodiment (the host device authenticates the NAND flash memory). The operation is performed (the NAND flash memory authenticates the host device).

(Step S11)-(Step S24)
As shown in the figure, when authentication is started (Start), the same steps S11 to S24 as in the first embodiment are performed, and the host device 20 authenticates the NAND flash memory 10.

At this time, by using a random number RN h generated from the random number generating unit 24h, it performs a similar authentication.

(Step S51)-(Step S70)
Subsequently, when the verification results in the above step S24 match (OK), it is determined that the authentication of the NAND flash memory 10 is completed.

Subsequently, steps S51 to S70 similar to those in the third embodiment are performed, and the NAND flash memory 10 authenticates the host device 20.

At this time, by using a random number RN n generated from the random number generation unit 24n, it performs a similar authentication.

  With the above steps, the authentication operation according to the fourth embodiment is ended (End).

<Example of functional control configuration>
Next, a configuration example of function control will be described with reference to FIG.

Here, the function control refers to the case where the NAND flash memory 10 is the authentication device and the host device 20 is the device to be authenticated, that is, the NAND flash memory 10 authenticates the host device 20 and the host is based on the authentication result. The third function providing a predetermined function to the device 20
The control method for a predetermined function according to the fourth embodiment.

The functional control configuration shown in the figure is provided in each NAND flash memory 10 as will be described later. The function control includes a function control unit 18 provided in the authentication circuit 17, a parameter register 89, and a sequence control circuit 88.

The function control unit 18 included in the authentication circuit 17 has a predetermined function for the host device 20 based on the authentication result and the specific information (such as constant HC j ) of the host device 20 as necessary. Function control to provide The function control unit 18 updates the control parameter 890 included in the parameter register 89 based on the authentication result and unique information of the host device 20.

The control parameter 890 included in the parameter register 89 includes one or more pieces of access permission information (# 0, # 1,..., # 3). For example, the access permission information # 0 includes a block address, a page address, a read attribute, a write attribute, an erase attribute, unique information, and the like. Here, the block address indicates control over the memory cell array 11 of the block address. The page address indicates control for the memory cell array 11 of the page address. The read attribute indicates read permission information for a block address or a block address and a page address. The write attribute indicates write permission information for a block address or a block address and a page address. The erasure attribute indicates erasure permission information for a block address or a block address and a page address. The unique information indicates that the access permission information is a control parameter for the host device 20 having the unique information.

Note that each of the access permission information (# 0, # 1,..., # 3) does not need to include all of the above information, and may include information corresponding to a required control level. For example, if control based on the unique information (such as constant HC j ) of the host device 20 is not required, the unique information may not be present. Further, the page address may not be provided if control in units of pages is unnecessary. Furthermore, control with an arbitrary block address is not necessary. For example, if the control is for only a predetermined block or the NAND flash memory 10 as a whole, there is no need for the block address. Similarly, the read attribute, write attribute, and erase attribute need only include functions that require control.

The sequence control circuit 88 controls the operation sequence according to the command (CMD) given from the host device 20 according to the control parameter 890. For example, in the case of a data read command, the sequence control circuit 88 reads data in accordance with the read command that is given according to the read attribute of the access permission information in the control parameter 890 (Read).
Alternatively, it controls operations such as rejecting reading. If reading is permitted in the read attribute, data can be read from the cell array 11. The same applies to the data write operation and the data erase operation.

<Effect>
According to the authentication device, the device to be authenticated, and the authentication method according to the fourth embodiment, at least the same effects (1) to (5) as described above can be obtained.

According to the present embodiment, the NAND flash memory 10 and the host device 2 are used as necessary.
0 can be mutually authenticated.

Further, the NAND flash memory 10 according to the present embodiment realizes function control by the configuration shown in FIG. The sequence control circuit 88 can control an operation sequence according to a given command in accordance with the control parameter 890. Therefore, NAND
In the host device 20 authenticated by the type flash memory 10, the host device 20 is permitted to perform various functional operations in which the control parameter 890 is updated based on the unique information (such as the constant HC j ) of the host device 20. (Process function) is advantageous.

Furthermore, the NAND flash memory 10 according to this example can include the function control of the configuration shown in FIG. 17 together with the third embodiment and the fourth embodiment.

[Fifth Embodiment (Configuration Example of NAND Flash Memory)]
Next, a fifth embodiment will be described. The fifth embodiment relates to a configuration example of the NAND flash memory 10 to which the authentication function according to the first to fourth embodiments is applied.

  In this description, the description of the same part as the above embodiment is omitted.

<Example of overall configuration of NAND flash memory>
An overall configuration example of the NAND flash memory 10 according to the fifth embodiment will be described with reference to FIG.
As shown in the figure, the NAND flash memory 10 includes a memory cell array 11 and its peripheral circuits.

The memory cell array 11 includes a plurality of blocks BLOCK1-BLOCKn. The configuration of each block, which will be described later with reference to FIG. 19, includes a plurality of memory cell transistors MC, word lines WL, bit lines BL, and the like. Data in the memory cell transistors MC in each block is erased collectively. Data erasure cannot be performed in memory cell transistor units or page units. That is, each block is the minimum erase unit.

The peripheral circuits are a sense amplifier 77, an input / output control circuit 84, and a logic control circuit 85.
Etc.

The sense amplifier 77 reads the data of the memory cell (memory cell transistor MC) in the memory cell array 11 through the bit line BL, and detects the state of the memory cell in the memory cell array 2 through the bit line BL.

The data cache 12 temporarily holds data read from the sense amplifier 77 or data supplied to the sense amplifier 77.

The column decoder 75 selects a specific bit line BL, a sense amplifier, and the like based on an address signal supplied from the outside of the NAND flash memory 10 via the IO terminal.

The column address buffer 74 temporarily holds an address signal, and a column decoder 75
To supply.

The row decoder 78 receives various voltages necessary for data reading, writing, or erasing from the voltage generation circuit 86 and applies such voltages to a specific word line WL based on an address signal.

The row address buffer decoder 79 temporarily holds an address signal and supplies it to the row decoder 78.

The voltage generation circuit 86 receives the reference power supply voltages VSS, VCC, voltages VSSQ, VCCQ, and the like, and generates voltages necessary for data writing, reading, erasing, and the like from these.

The input / output control circuit 84 receives various commands, address signals, and write data for controlling the operation of the NAND flash memory 10 via the IO terminal, and outputs read data. The address signal output from the input / output control circuit 84 is the address register 8
Latched by 2. The latched address signal is supplied to the column address buffer 74 and the row address buffer 79. The command output from the input / output control circuit 84 is latched by the command register 83. The status register 81 holds values for various statuses for the input / output control circuit 12.

The NAND flash memory 10 receives, as an external interface (NAND I / F), commands, addresses, IO terminals for data input / output, and various control signals for controlling operations from the outside. The control signals include, for example, chip enable / CE, command latch enable CLE, address latch enable ALE, read enable RE and / R.
E, write enable WE and / WE, write protect WP, clock DQS, / DQ
S is included.

These control signals are received at corresponding terminals and supplied to the logic control circuit 21. The logic control circuit 85 controls the input / output control circuit 84 based on the control signal, and uses the signal on the terminal IO as a command, address, or data via the input / output control circuit 84 as an address register 82 and command register 83. The access to the page buffer 12 or the like is permitted or prohibited. The logic control circuit 85 receives the latched command from the command register 83.

Among the control signals, the WE terminal supplies a data input clock, the RE terminal supplies a data output clock, the DQS terminal transmits a data input / output clock, and the CLE terminal enables data input as a command. The ALE terminal is used for enabling data input as an address, and the CE terminal is used for enabling general functions such as data input / output.

Further, the R / B terminal indicates the internal operation state of the NAND flash memory 10, and the WP terminal transmits a write prevention signal for preventing erroneous writing, and Vcc / Vss / Vccq / Vssq.
Terminals and the like are for power supply. Further, in this embodiment, as terminals (Toggle) used when data transmission is realized by a high-speed interface, the RE terminal, the WE terminal, and the DQS terminal respectively transmit complementary signals to the / RE terminal and / WE. Terminal, / DQS terminal exists.

The logic control circuit 85 includes a sequence control circuit 88 and a parameter register 89.
The authentication circuit 17 is provided. The logic control circuit 85 also receives a ready / busy signal (R / B
). Specifically, the logic control circuit 85 includes the NAND flash memory 1.
While 0 is busy, a busy signal is output.

The sequence control circuit 88 receives a command from the command register 83. Based on the received command, the sequence control circuit 88 controls the sense amplifier 77, the voltage generation circuit 86, and the like so as to execute processing (data read, write, erase, etc.) instructed by the command.

The parameter register 89 holds various control parameters 890 that define the operation of the logic control circuit 85. The control parameter 890 is referred to or updated from the sequence control circuit 88 and used for sequence control in the logic control circuit 85 and the input / output control circuit 88.

The authentication circuit 17 performs processing related to the above authentication. For example, as described above, the authentication circuit 17 also updates the control parameter 890 included in the parameter register, such as rewriting.
Further, the authentication circuit 17 receives a command for requesting authentication, performs a specific operation for authentication using specific data in the memory cell array 11, and outputs the result to the outside of the memory 10. In the course of executing this series of operations, the authentication circuit 17 permits the sequence control circuit 88 to read and write necessary data through the update of the control parameter 890.

The ready / busy circuit (RY / BY) 87 is controlled by the logic control circuit 85 to notify the R / B signal to the outside of the NAND flash memory 10 via the switch transistor.

<Configuration example of block (BLOCK)>
Next, a configuration example of a block (BLOCK) configuring the memory cell array 11 will be described with reference to FIG. Here, BLOCK1 in FIG. 18 will be described as an example. Here, as described above, since the memory cells in the block BLOCK1 are erased collectively, the block is a data erase unit.

The block BLOCK1 is composed of a plurality of memory cell units MU arranged in the word line direction (WL direction). The memory cell unit MU is arranged in the bit line direction (BL direction) intersecting the WL direction, and the eight memory cells MC0 to MC7 whose current paths are connected in series.
NAND string (memory cell string), a source side select transistor S1 connected to one end of the current path of the NAND string, and a drain side select transistor S2 connected to the other end of the current path of the NAND string It consists of.

In the present embodiment, the memory cell unit MU includes eight memory cells MC0 to MC7.
However, it is sufficient that the memory cell is composed of two or more memory cells, for example, 56, 32, etc., and is not limited to eight.

The other end of the current path of the source side select transistor S1 is connected to the source line SL. The other end of the current path of the drain-side select transistor S2 is provided above the memory cell unit MU corresponding to each memory cell unit MU, and is connected to the bit line BL extending in the BL direction.

Word lines WL0 to WL7 extend in the WL direction and are commonly connected to control gate electrodes CG of a plurality of memory cells in the WL direction. The selection gate line SGS extends in the WL direction and is commonly connected to a plurality of selection transistors S1 in the WL direction. The selection gate line SGD also extends in the WL direction and is commonly connected to a plurality of selection transistors S2 in the WL direction.

A page (PAGE) exists for each of the word lines WL0 to WL7. For example, as indicated by being surrounded by a broken line in the figure, the page 7 (PAGE 7) exists in the word line WL7. Since a data read operation and a data write operation are performed for each page (PAGE), the page (PAGE) is a data read unit and a data write unit.

<Configuration example of cell array>
Next, the structure of the memory cell array 11 is shown using FIG.
As shown in (a), the memory cell array 11 includes the plurality of blocks such as the normal block 11-1, the secret block 11-2, the ROM block 11-3, the ROM fuse block 11-4, and the protection block 11-5. (BLOCK). Each block is composed of a plurality of pages as described above. Normally, data reading and writing are performed in units of pages, and erasing is performed in units of blocks.

As described above, the normal block 11-1 is allowed to write and read data and is used for normal data holding. The normal block corresponds to the above-described readable / writable area 11-1. The number of blocks is not particularly limited.

The secret block 11-2 and the ROM block 11-3 are applied to the authentication operation as described above. The secret block 11-2 corresponds to the above-described secret area 11-2. Rom Block 11
-3 corresponds to the ROM area 11-3 described above. In any case, the number of blocks is not particularly limited.

As shown in (b), in this embodiment, read-only data is further recorded in the memory space of the ROM block 11-3.

As shown in (c), in this embodiment, secret data is further recorded in the memory space of the secret block 11-2.

As shown in (d), in this embodiment, protection data used by an authentication function described later is further recorded in the memory space of the protection block 11-5.

The ROM fuse block 11-4 is used, for example, for holding parameters for operation control of the NAND flash memory 10.

<Read-only data in ROM block>
Next, read-only data in the ROM block 11-3 will be described with reference to FIG.
As shown in (a), read-only data is recorded on a page in the memory space of the ROM block 11-3. Here, in the case of a series of read-only data A to Z,
This figure shows three examples (b-1)-(b-3) for the purpose of data error correction.

As shown in (b-1), the first data pattern 1 includes the same data (A, A,.
, B,...) Is repeatedly recorded. In this case, it is possible to correct the error by repeatedly reading the read-only data from the host device 20 and making a majority decision in the error correction unit of the host device 20 or the like. Alternatively, error correction is possible by repeatedly reading-only data from the controller 19 and making a majority decision in the error correction unit of the controller 19 or the like. Or, repeat read-only data to NAN
The error correction unit included in the D-type flash memory 10 can perform error correction by making a majority decision. For example, the number of repetitions is desirably about 16 times or more.

As shown in (b-2), the second data pattern 2 includes a complementary data pair composed of each data (A, B,...) And its inverted data (A inversion, B inversion,...). This is an example of repeated recording. In this case, the host device 20 repeatedly reads the read-only data, and the error correction can be performed by making a majority decision considering the complementary data pair in the error correction unit included in the host device 20 or the like. Alternatively, read-only data is repeatedly sent to the controller 1
9 is read out, and error correction is possible by making a majority decision considering the complementary data pair in the error correction unit of the controller 19 or the like. Alternatively, the error correction can be performed by performing majority decision considering the complementary data pair in the error correction unit included in the NAND flash memory 10 for the repeated read-only data.

Here, the reason why the complementary data pair is repeatedly recorded depends on the error mode of the NAND flash memory 10. The NAND flash memory 10 writes data by applying electrons to the floating gate FG by applying a predetermined voltage to the memory cell MC. Data is read using a threshold voltage that varies depending on whether electrons are present in the floating gate FG of the memory cell MC. Data erasing is executed by applying a voltage in the opposite direction to writing and extracting electrons from the floating gate FG to the substrate. Although the voltage application amount and the voltage application gate associated with the data read, write, and erase operations are different, the voltage is applied to the memory cell MC in any case. Due to this principle, typical error modes of the NAND flash memory 10 include read / program disturb and data retention. The lead program disturb
This is an error mode in which data changes due to a change in the amount of electrons in the floating gate FG by repeatedly reading or writing to itself or adjacent pages. For this reason, the state becomes close to weak writing, and the threshold voltage generally increases. Data retention is an error mode in which data changes when a page once written is left for a long time and electrons held in the floating gate fall out. For this reason, it becomes a state close to weak erasure, and the threshold voltage generally decreases. That is,
In these failure modes, there is a general tendency to increase or decrease, and therefore, there is a high possibility that data will error in the same direction.

Therefore, as shown in (b-2), by recording as complementary data, if the data is 1 (unrecorded state), the inverted data is 0 (recorded state). In disturb, both data move in the 0 direction, and in data retention, conversely, in the 1 direction. For this reason, it is easier to determine whether or not an error has occurred in the complementary data. In this case, for example, it is desirable that the complementary data pair is repeated at least about 8 times.

As shown in (b-3), the third data pattern 3 includes read-only data (A, B,
,, Z) is an example in which an error correction code is further used. Here, as the error correction code, NAN
Since the error occurrence format of the D-type flash memory 10 is a random error in units of bits, for example, a BCH code or an LDPC code that can correct the random bit error is desirable.

Here, in any example of the first to third data patterns, each data may be randomized. Randomization is to randomize data to be recorded by a method such as taking an exclusive OR of a generated random sequence and data to be recorded in order to eliminate data bias. As a random sequence generation method, an M sequence or the like may be used.

In addition, in any example of the first to third data patterns, each data may be recorded as a binary state. The binary state is a method of recording data by determining whether the threshold voltage in one memory cell belongs to a high level or a low level with reference to a predetermined one level, and 1 bit per memory cell. Information can be retained. Such a recording method is generally called SLC (Single Level Cell) recording. On the other hand, this is a method of recording data by determining which level the threshold voltage of one memory cell belongs to with reference to a predetermined plurality of levels, and can hold information of a plurality of bits per memory cell. . For example, when recording data with four levels belonging to the above, 2 per memory cell
Bit information can be held. Such a recording method is generally known as MLC (Multi Leve
l Called Cell) recording. Since MLC recording has a large recording capacity per cell, a higher recording density can be realized. On the other hand, recording data changes relatively easily with respect to a threshold voltage shift. For this reason, it is desirable to record the read-only data stored in the ROM block 11-3 with a smaller number of bits per cell than the normal data. For example, in the case of 4 Level recording MLC composed of 2 bits per cell, ROM data is preferably SLC recording. In addition, the number of bits per cell consists of 4 bits.
In the case of 8 level recording MLC, the ROM data is preferably 4 level recording MLC or SLC recording, in which the number of bits per cell is 2 bits.

<Example of ECC configuration>
Next, a configuration example of error correcting coding (ECC) will be described.

Here, although the first to third data structures shown in FIG. 21 are strictly different,
In the sense that a redundant word is given to the original data, the correction encoding ECC can be taken in a broad sense. Therefore, here, in any data structure, it is referred to as data and a correction code assigned thereto. At least one of the host device 20, the controller 19, and the NAND flash memory 10 needs to have a corresponding correction function.

The first example shown in FIG. 22 is an example in which the host device 20 has a correction function (ECC decode) 90. In this case, the controller 19 and the NAND flash memory 10 do not perform correction processing, pass signed data (Data) to the host device 20, and the host device 20 performs correction processing by the correction function (ECC decode) 90, Predetermined data (Data) is generated.

The second example shown in FIG. 23 is an example in which the controller 19 has a correction function (ECC decode) 90. In this case, the NAND flash memory 10 does not perform the correction process, and the controller 19 performs the correction process and passes the corrected data (Data) to the host device 20.

In the third example shown in FIG. 24, the NAND flash memory 10 has a correction function (ECC decode
) 90. In this case, the NAND flash memory 10 performs a correction process, and passes the corrected data (Data) to the host device 20 via the controller 19.

In the fourth example shown in FIG. 25, both the controller 19 and the host device 20 have the correction function 90.
-1, 90-2. In this case, first, the assigned correction code has a double structure, and either the controller 19 or the host device 20 performs a correction process on either the inner code or the outer code. .

The NAND flash memory 10, the controller 19, and the host device 20 are not limited to the above case, and can make corrections while cooperating according to their correction functions.

<Confidential data in the concealment block 11-2>
Next, an example of the holding state of the secret data in the secret block 11-2 will be described using FIG.

As shown in (a), the secret data is recorded on the page in the memory space in the secret block 11-2. Here, when the confidential data is a series from A to Z, three examples are shown in the figure.

In the data pattern 1 shown in (b-1), a plurality of secret data (A, A,... B, B,.
)) And the access control pattern B1.

In the data pattern 2 shown in (b-2), a plurality of secret data (A, A,... B, B,.
)) And its inverted data, and the access control pattern B2.

In data pattern 3 shown in (b-3), a plurality of secret data (A, B,... Z), an error correction code, and an access control pattern B3 are stored.

One of the purposes in each example is error correction as well. The other purpose is the secret block 11
-2 or control related to reading, writing, and erasing of the page in the block 11-2. Since the area stores confidential data, and the above-described authentication circuit 17 holds information used only inside the NAND flash memory 10, all operations related to reading, writing, and erasing from the outside are all performed. It is necessary to ban. On the other hand, in the initial stage of manufacture of the NAND flash memory 10, since the same area is not recorded, secret data must be recorded at any stage of manufacture. Further, as a characteristic of the memory cell of the NAND flash memory 10, since the data holding performance may be insufficient in the initial state of the memory cell, it is checked whether or not the memory cell can hold the data as specified. Therefore, it is necessary to perform read, write, and erase operations.

Therefore, the area 11-2 can be read, written, and erased at the manufacturing stage, but at the time of shipment after the manufacture is completed, it is necessary to prohibit all reading, writing, and erasing of the area 11-2. is there. As information for performing this state change, access control patterns B1, B2, and B3 are recorded in the area 11-2.

The access control patterns B1, B2, and B3 may be recorded for each page, or may be recorded only on the first page in the block. Further, the recording positions of the access control patterns B1, B2, and B3 within the page may be a general data area or a redundant area. Here, the redundant area is an area used by a controller or the like for assigning a correction code, or an area used by the NAND flash memory 10 to record information for indicating an internal status or the like for each page. .

The secret data and the access control patterns B1, B2, and B3 are preferably recorded in the binary (SLC) mode as with the ROM data.

Next, a configuration example of an access control pattern is shown using FIG.
First, the access control pattern needs to be composed of at least a plurality of bits in order to prevent loss due to an error.

The access control pattern B1 of the first example is provided with a plurality of control flag bits A to Z,
These control flag bits are set in a predetermined pattern. When the NAND flash memory 10 receives an access request for reading, writing, erasing or the like for the area from the host device 20, the NAND flash memory 10 compares the access control pattern B1 of the area 11-2 with a predetermined pattern and matches the two. A configuration is adopted in which access is prohibited when the rate exceeds a predetermined rate.

The second example of access control pattern B2 is a method of repeatedly recording a control flag. This is effective in reducing the probability that a predetermined pattern will error.

The third example of access control pattern B3 is a method of recording each control flag and inverted data of each control flag. As described above, this method is also effective in reducing the probability of error.

<Use example of access control pattern>
Next, an access control pattern detection method and a detection result utilization method will be described.

As shown in FIG. 28, the access pattern read from the secret area 11-2 in the memory cell array 11 is input to the pattern detection circuit 91 in the logic control circuit 85.

The pattern detection circuit 91 performs pattern recognition processing on the input access control pattern, determines whether or not the matching rate is equal to or higher than a predetermined probability, and performs access control. The coincidence rate is calculated from the error probability in the memory cell array of the NAND flash memory 10 and the data amount of the access control pattern. For example, it is desirable to set the false detection probability to be at least 10 −3 or less. The pattern detection circuit 91 inputs an enable signal for controlling data reading, data writing, and data erasing to the sequence control circuit 88 based on the detection result.

The sequence control circuit 88 reads data according to the enable signal of the detection result,
Controls data writing and erasing.

<Test flow>
Next, according to FIG. 29, N using the access control pattern (for example, B1-B3).
The inspection flow of the manufacturing process of the AND type flash memory 10 will be described.

(Step S71, S72)
In the manufacturing process, first, data not corresponding to the access control pattern is stored in the secret area 11.
-2 and test. At this stage, access to the secret area 11-2 is permitted.

However, the security level differs depending on whether access for all data reading, data writing, and data erasing is permitted or whether data writing and data erasing are permitted. When a high security level is required, even if all access is prohibited by the access control pattern, there is a possibility that access is erroneously permitted due to deterioration of data in the access control pattern. In this case, since the confidential data may be read out, the data reading is prohibited even in the test process in step S71, that is, the reading in the hard wired level of the NAND flash memory 10 is originally performed in the area. You can also choose not to allow.

Or, if the access control pattern has sufficient data deterioration tolerance, for example, when the access control pattern is repeatedly recorded many times or a strong error correction code is added, the convenience of testing is ensured. Therefore, control including data reading may be performed according to an access control pattern. In this case, the above-described false detection probability is further lower, for example, desirably 10 −5 or less.

(Step S73)
Subsequently, after the predetermined test in S72 is completed, the secret data and the access control pattern (B1-B3, etc.) are written in the secret area 11-2.

(Step S74)
Subsequently, the NAND flash memory 10 is shipped in a state where the above data is written.

<Data deletion flow>
Next, the internal data erasing operation of the NAND flash memory 10 will be described with reference to FIG.

(Step S76)
First, when an operation command for an erase operation is issued from the host device 20, the NAND flash memory 10 determines whether or not the selected block address in the command is a specific block.

(Step S77)
Subsequently, when the selected block address is not a specific block (No), a normal erase sequence is performed.

(Step S78)
On the other hand, when the selected block address is a specific block (Yes), the access control information (B1-B3, etc.) is read from the secret area 11-2.

(Step S79)
Subsequently, pattern detection of access control information (B1-B3, etc.) is performed to determine whether the pattern matching rate is equal to or greater than a predetermined value.

(Step S80)
Subsequently, when the pattern matching rate is equal to or less than a predetermined value (Yes), a normal erasing sequence is performed.

(Step S81)
Subsequently, when the pattern matching rate is equal to or higher than a predetermined value (No), the erasing sequence is terminated and the data erasing flow is ended (End).

In the present embodiment, data erasure is taken as an example, but the present invention can also be applied to data reading and data writing.

<Effect>
According to the authentication device, the device to be authenticated, and the authentication method according to the fifth embodiment, at least the same effects (1) to (5) as described above can be obtained.

Furthermore, it is effective in that the reliability can be improved by applying the configuration and method of the present embodiment as necessary.

[Sixth Embodiment (Example of Using Data Cache for Authentication Processing)]
The sixth embodiment relates to an example of use of data cache for authentication processing.
In this description, the description of the same part as the above embodiment is omitted.

<Configuration example of data cache, sense amplifier, etc.>
A configuration example of a data cache, a sense amplifier, and the like according to the sixth embodiment will be described with reference to FIG.
As shown in the figure, the data cache 12 for authentication processing according to the above embodiment is shown as one component. The NAND flash memory 10 is a volatile data cache for temporarily storing page data read from the memory cell array 11, temporarily storing write page data received as recording data from the outside, and the like. Twelve. The data cache 12 of this embodiment is also called a page buffer, a data buffer, or the like, and has an area that is larger than the normal page size. Furthermore, in order to increase the speed of reading and writing page data and to perform random page access, the data cache often has an area multiple times the page size.

The data cache 12 includes a plurality of data caches A, data caches B, and data caches C. Each data cache is connected to a sense amplifier (SA) used for reading from the memory cell array 11 and a data line.

The sense amplifier SA is electrically connected to the memory cell array 11 via a bit line (not shown).

DC_A in the data cache is a data cache that can directly exchange data with the data line. By connecting the data in the data cache 12 to the IO via the data line through the DC_A, the data is output to the outside of the NAND chip 10, and the NAND
Data external to the chip 10 can be loaded into the data cache.

Furthermore, an arithmetic unit is provided that is connected to the data cache 12 and performs operations between the data caches 12. The computing unit is a data generator 13 used for the authentication processing in the above embodiment,
14 corresponds to the authentication circuit 17 including the unidirectional circuit 15 and the like.

  An internal register 92 is provided for temporarily storing data.

Here, in the NAND flash memory 10, in data read, in addition to a read command to the memory cell array 11, a command called “register read” is read as a command for reading data read from the memory cell array 11 into the data cache 12. is there.

At this time, in the authentication method, the secret block 11-2 in the NAND flash memory 10 uses the secret information (NKey, SecretID, etc.) recorded in the secret block 11-2 as N.
It must not be read by access from outside the AND chip 10.
On the other hand, when the NAND flash memory 10 performs the authentication process, the secret block 11−
It is necessary to internally read the secret information (NKey, SecretID, etc.) recorded in 2 and use it for authentication processing. That is, the confidential information (from the memory cell array 11 to the data cache 12 (
NKey, SecretID, etc.) must be read while the data cache 12
Therefore, it is necessary to prohibit data output from the NAND flash memory 10 to the outside. This is equivalent to invalidating the register read.

Therefore, the data read operation when the secret block 11-2 is accessed from the outside of the NAND flash memory 10 is different from the normal read operation. More specifically, when the secret block 11-2 is accessed, the memory cell array 1
1 senses data sensed from data cache DC_B other than data cache DC_A
, DC_C is disabled so that it cannot be output to the outside, and the register read command is invalidated so that it does not work. On the other hand, when the accessed block is not the secret block 11-2, data is read using the data cache DC_A as usual.

Thus, according to the above configuration, a plurality of types of data caches DC_A to DC_C are provided, and the authentication process is executed only by the data caches DC_B and DC_C that cannot be accessed from the outside. Therefore, when using secret information (NKey, SecretID, etc.) for the authentication process, it is advantageous in that secret information such as key information (NKey) is not illegally read from the outside.

<NAND internal operation flow 1 in authentication processing>
Next, a flow for not outputting the information of the secret block 11-2 directly or indirectly to the host device 20 in the course of the authentication process will be shown along FIG.

(Step S82)
First, it is assumed that data is input from outside the NAND flash memory 10 such as the host device 20 in the authentication process. The input data is, for example, the random number RN or the host constant HCj, and the data is loaded into the data cache DC_A.

(Step S83)
Subsequently, an indirect read request for accessing a special block such as the secret block 11-2 is made from the host device 20. This corresponds to an authentication information calculation request in authentication.

In response to this request, the confidential page data read from the memory cell array 11 is read.

(Step S84)
Subsequently, the read confidential page data is stored in the data cache DC_B.

(Step S85)
Subsequently, the calculation in the authentication process described in the above embodiment is performed between the data stored in each of the data cache DC_A and the data cache DC_B (the authentication circuit 1).
7).

(Step S86)
Subsequently, the result of the operation is stored in the data cache DC_C.

(Step S87)
Here, if confidential data remains in the data cache when a series of sequences is passed and the chip is ready, this may be read from the outside. In order to prevent this, the information of all the data caches DC_A to DC_C must be reset before exiting the sequence. On the other hand, the host device 20 must obtain the result of the above calculation after the data caches DC_A to DC_C are reset.

Therefore, first, the result of the operation held in the data cache DC_C is copied to the internal register 92.

(Step S88)
Subsequently, the data in all the data caches DC_A to DC_C is reset.

(Step S89)
Subsequently, the data saved in the internal register 92 is returned to the data cache DC_A. When the operation so far is completed, the NAND flash memory 10 exits this sequence and enters a ready state. At this time, the calculation result is stored in the data cache DC_A.

(Step S90)
Subsequently, the host device 20 uses the register read command to transfer the data cache DC_
The data stored in A can be obtained.

<NAND internal operation flow 2 in authentication processing>
Next, in accordance with FIG. 33, a random number generator (24n) is provided inside the NAND flash memory 10.
The NAND internal calculation flow of the embodiment including the above will be described. The difference from the case of FIG. 32 is that the random number generated by the random number generator (24n) in the NAND flash memory 10 (
RN n ).

(Step S91)
First, in the authentication process, when a random number read request is made from the host device 20 to the NAND flash memory 10, the NAND flash memory 10 generates a random number, and the generated random number is loaded into the data cache DC_A.

(Step S92)
Subsequently, the host device 20 uses the register read command to transfer the data cache DC.
Read the random number of _A.

(Step S93)
Subsequently, in the authentication process, data such as a host constant (HCj) is input from the host device 20 to the NAND flash memory 10. The data is loaded into the data cache DC_A.

Further, authentication information calculated by the host device 20 is input from the host device 20 to the NAND flash memory 10. This data is, for example, Oneway-ID, and the data is loaded into the data cache DC_A.

(Step S94)
Subsequently, the secret block 11-2 is accessed from the host device 20, and an indirect read request is made. This corresponds to a request for calculating authentication information in authentication.

  Then, the confidential page is read from the memory cell array 11.

(Step S95)
Subsequently, the read result is stored in the data cache DC_B.

(Step S96)
Subsequently, the calculation in the authentication process described in the above embodiment is performed between the data stored in the data cache DC_A and the data cache DC_B using the calculator (authentication circuit 17).

(Step S97)
Subsequently, the result of the above calculation is stored in the data cache DC_B.

(Step S98)
Subsequently, the host operation result held in the data cache DC_A is collated with the NAND operation result held in the data cache DC_B.

(Step S99)
Subsequently, in the collation in step S98, when the collation result matches,
The control parameter (890) is updated.

(Step S100)
Subsequently, the NAND flash memory 10 stores all data caches DC_A to DC
_C information is reset. When the operation so far is completed, the NAND flash memory 10 exits this sequence and enters a ready state.

(Step S101)
Subsequently, the host device 20 uses a command for confirming the collation result to execute the NAND chip 10.
The collation result read out to the outside is obtained.

<Inspection method for confidential information>
Next, a method for inspecting confidential information will be described.

Inspection flow
According to FIG. 34, after silicon is completed at the factory, the NAND flash memory 1
Processes related to this authentication method in the process up to shipping 0 are shown.

  As shown in the figure, the process proceeds in the order of manufacturing process, test, secret data writing, and shipment.

(Step S71, S72)
First, when the manufacturing process is completed, a predetermined inspection test is performed to select non-defective chips 10 from the wafer.

(Step S73)
Subsequently, after the normal test process in step S72 is completed, a process for writing the secret data is performed, and it is necessary to test whether the secret data is correctly written.

On the other hand, the secret data cannot be directly read from the secret block 11-2. This is because the read function may become a security hole.

(Step S74)
Subsequently, the NAND flash memory 10 in which the secret data is correctly written is shipped.

Secret Information Indirect Reading Inspection Flow At the time of the above step S73, the secret data cannot be directly read from the secret block 11-2 from the viewpoint that it may become a security hole.

Accordingly, a flow for confirming recorded data without providing a direct data reading function will be described with reference to FIG.

(Step S111)
First, secret information (Nkey or the like) information is read from the secret block 11-2 of the memory cell array 11.

(Step S112)
Subsequently, the read result of the read confidential information (Nkey or the like) is stored in the data cache DC_B.

(Step S113)
Subsequently, from the outside of the NAND flash memory 10, the same confidential information (Nkey, etc.)
The data is stored in the data cache DC_A.

(Step S114)
Subsequently, an exclusive OR of the data in the data cache DC_A and the data in the data cache DC_B is obtained using an arithmetic unit (authentication circuit 17).

(Step S115)
Subsequently, the result of the exclusive OR is stored in the data cache DC_C.

(Step S116)
Subsequently, data in the data cache DC_C is detected.

(Step S117)
At this time, if the data in the data cache DC_A and the data in the data cache DC_B match (Yes), the test is a pass (OK). On the other hand, if they do not match (N
o) The test is a fail.

Specifically, since the result of exclusive OR is stored in the data cache DC_C, when all the data in the data cache DC_C is “0” (Yes), the test is a pass (OK). On the other hand, when it is “1” (No), a failure occurs.

First, it is detected whether or not all data in the data cache DC_C is “0”. Here, if all the bits are “0” (Yes), the test is a pass. If not (No), the process continues to the next step S118.

(Step S118)
Subsequently, when all the bits are not “0” (No), the number of “1” is counted. On this occasion,"
If the number of 1's is less than or equal to the specified number (Yes), it is determined that majority error correction or error correction using a correction code is possible, so the test passes (OK). If is more than the specified number (Mo), the test fails (NG).

Here, using the method using authentication for access control to a specific block described in the above embodiment, the NAND flash memory 10 is configured in a hard-wired manner instead of the secret information recorded in the secret block 11-2. It is also possible to have the second secret information separately and perform access control to the secret block 11-2 using the second secret information. In this case, not only data reading but also data writing and erasing may be controlled by authentication based on the second confidential information.

<Effect>
According to the authentication device, the device to be authenticated, and the authentication method according to the sixth embodiment, at least the same effects (1) to (5) as described above can be obtained.

Furthermore, in this embodiment, when the secret block 11-2 is accessed, the data sensed from the memory cell array 11 is transferred to the data cache DC other than the data cache DC_A.
It is invalidated so that the register read command does not work by preventing _B and DC_C from being output to the outside. On the other hand, when the accessed block is not the secret block 11-2, data is read using the data cache DC_A as usual.

Thus, according to the above configuration, a plurality of types of data caches DC_A to DC_C are provided, and the authentication process is executed only by the data caches DC_B and DC_C that cannot be accessed from the outside. Therefore, when using secret information (NKey, SecretID, etc.) for the authentication process, it is advantageous in that secret information such as key information (NKey) is not illegally read from the outside.

In addition, as shown in steps S88 and S100, all secret information such as key information in the data caches DC_AD to C_C is erased before returning from the Busy state to the Ready state. Therefore, it is possible to ensure safety.

[Seventh embodiment (an example of command mapping)]
The seventh embodiment relates to an example of command mapping. In this description, the description of the same part as the above embodiment is omitted.

<Command mapping example with good compatibility with Read and Write commands>
Here, the NAND flash memory 10 uses, for example, 0 as a read command.
The read target block and page address are designated by 0h-Address-30h. The Address portion is often composed of a block address, a page address, and a column address indicating a byte position in the page. The input data in the column address part may be ignored, or it may be used for setting the byte pointer after reading the page and used for reading from the byte position. After inputting the command 30h, the NAND flash memory 10 enters the busy state for reading, and transitions to the ready state after the reading is completed. After transitioning to the Ready state, data output (Dout) becomes possible, and data can be read by supplying RE, DQS, and the like. Further, when changing the byte position to be read in the read page, the column address corresponding to the byte position to be read is set in 05h-Address-E0h.

As a command for data writing (recording), 80h-Address-Data
A block to be written and a page address are designated by input-10h. Here, the Address portion is often composed of a block address, a page address, and a column address indicating a byte position in the page. The input data in the column address portion may be ignored, or it may be used for setting the byte pointer in the page write data input and used for the write data input from the byte position. After inputting the command 10h, the NAND flash memory 10 enters a busy state for writing, and transitions to ready after writing is completed.

The above is the command system widely used in the NAND flash memory 10.
When implementing the authentication function according to the above embodiment, it is preferable to make the command sequence as common as possible in order to minimize the circuit mounting area. However, since the authentication function is used in a field requiring security, there is a viewpoint that it is desirable to limit the function users.

FIG. 36 shows the above read of the NAND flash memory 10 in consideration of the above viewpoint.
Thus, a command mapping example having good affinity with the Write command is shown.

The difference from the above general command sequence is that an input command of Security Prefix is given before the command. Here, the Security Prefix may be composed of a single byte or a plurality of bytes. The command Security Prefix is disclosed only to users who require the authentication function. From the user management perspective, the command Securi
The ty prefix is preferably composed of multiple bytes.

As shown in (a), as in the data read command sequence, blocks and pages to be read are sequentially input to the IO terminal by command (Security Prefix) -command (00h) -address (ADD) -command (30h). An address is specified. Where Ad
The value set in the dress can be a special value for user management, or can be a value that is ignored internally.
Subsequently, after inputting the command (30h), the NAND flash memory 10 enters the busy state for reading, and transitions to the ready state after the reading is completed. After the transition to the Ready state, data output (Dout) becomes possible, and index information i is supplied by supplying RE, DQS, etc.
, V, unique encrypted secret identification information (E-SecretID), common key management information (FKB), and other data can be read out.
As shown in (b), as in the data write command sequence, a command (Security Prefix) -command (80h) -address (ADD) -data (Din 32B) -command (10h) are sequentially applied to the IO terminals. By inputting, the target data is input. Here, the value set in Address can be further set to a special value for user management, or can be set to a value ignored internally. Here, although this sequence has many common parts with the write sequence, it does not actually require data writing to the cell array, and is used for data input that the NAND flash memory 10 requires for the calculation of authentication processing. . As an example of data required for the calculation of the authentication process, the host device 2
0 unique information HCi, random numbers, and the like.
Subsequently, a Busy state is entered until the calculation of the authentication process is completed. After the calculation is completed and all the security data in the data caches DC_A to DC_C are cleared as described above, the state transits to the Ready state. .

As shown in (b), after transitioning to the Ready state, the host device 20 sequentially inputs command (05h) -address (ADD) -command (E0h) to the IO terminal, and the calculation result of the authentication processing The result can be obtained by specifying the column address where is stored.
An example of the calculation result of the authentication process is Oneway-ID.

<Example of command mapping that has good affinity with Set / Get feature command>
Next, another example of the command configuration of the NAND flash memory 10 to which this authentication function is applied will be described with reference to FIG.
The NAND flash memory 10 has a Set for enabling the function of the memory 10.
There is a command called “Feature” and a command called “Get Feature” for reading the validation / invalidation status of the function of the memory 10. These commands are used, for example, to validate inputs such as / RE, / WE, / DQS which are complementary signals for high-speed data transfer.

Set Feature sets the function with EEh-Address-Data input. here,
A function number is set in Address, and a parameter of the function indicated by the function number is input in Data input. Then there is a Busy period for function activation, after activation,
Transition to Ready.

Get Feature reads out the function validation / invalidation status with EFh-Address-Data output. Here, a function number is set in Address, and a parameter of the function indicated by the function number is output in Data output. Address and Data outpu
Between the t, there is a Busy period for reading the setting parameter internally.

The present embodiment is an example of a command sequence using these Set Feature and Get Feature.

As shown in (a), the command sequence is the same as above, but the Addr to be specified
ess is different. Here, the address may be composed of a single byte or a plurality of bytes. Address is disclosed only to users who require the authentication function. From the viewpoint of user management, it is desirable that the address is composed of a plurality of bytes. Examples of Data output and Data input are index information i and v similar to those shown in FIG.

As shown in (b), the command sequence of Data input command (EEh) -address (ADD) -data (Din) simultaneously triggers the execution of the authentication process, and during the Busy period, NA
The ND type flash memory 10 performs authentication processing calculation.

Subsequently, after the calculation is completed and the security data is cleared from the data cache, the state transits to the Ready state. After transitioning to the Ready state, the host device 20
It is possible to read the way-ID.

<Effect>
According to the authentication device, the device to be authenticated, and the authentication method according to the seventh embodiment, at least the same effects (1) to (5) as described above can be obtained.

Furthermore, in this embodiment, as shown in FIG. 36, the command sequence of the NAND flash memory 10 can be made as common as possible. For this reason, the mounting area of the circuit can be minimized while taking security into consideration, which is more effective when the authentication function according to the above embodiment is mounted.

Also, as shown in FIG. 37, Set Feature for enabling the function of the memory 10
And a command called “Get Feature” for reading the activation / invalidation status of the function of the memory 10 can be shared and applied as necessary.

Here, at the timing before returning from the Busy state to the Ready state, the data cache DC_A
The point that all the data of .about.DC_C is cleared is the same as described above.

[Eighth Embodiment (Application Example to Memory Card, Content Protection, HDD)]
The eighth embodiment relates to an application example to a memory card, content protection, and HDD. In this description, the description of the same part as the above embodiment is omitted.

Application example to memory card
FIG. 38 shows a configuration example of a memory card on which the NAND flash memory 10 to which the authentication function is applied is mounted.

As illustrated, the memory card 55 includes a controller 19 having a function of controlling the operation of the NAND flash memory 10 and a function of controlling an interface with the host device 20 side.

A plurality of NAND flash memory chips 10 (M
CP1) and at least one (MCP2). Here, it is sufficient that at least one NAND flash memory chip 10 in the NAND package has the authentication function / authenticated function according to the embodiment. In other words, all of the NAND flash memory chips 10 in the NAND package may not have the authentication function / authenticated function in the above embodiment. Furthermore, all of the NAND packages mounted in the memory card 55 may not have the authentication function / authenticated function in the embodiment. For clarity, the NAND flash memory 10 of the present embodiment may refer to a NAND package or NA.
It may also refer to the ND flash memory chip.

The controller 19 in the memory card 55 includes a NAND I / F in the NAND package.
And the function of controlling the authentication function / authenticated function according to the embodiment. Here, a function for controlling only one authentication function / authenticated function of a plurality of NAND packages may be used, or a function for controlling each authentication function / authenticated function of each of the plurality of NAND packages. May be. Further, it may be a function for controlling the authentication function / authenticated function of any one NAND flash memory chip 10 in the NAND package, or the authentication function / authenticated function of each NAND flash memory chip 10 in the NAND package. It may be a function that controls the function.

Application example 1 for content protection
39 shows an application example 1 for content protection of a memory card 55 equipped with a NAND flash memory 10 to which the authentication function is applied. For the sake of simplification, the description already given in the present specification is omitted.

In the memory card 55, the controller 19, NAND package (MCP1), (M
CP2) is installed. Here, the NAND packages (MCP1) and (MCP2) have the authentication function / authenticated function according to the embodiment.

The host device 20 performs the authentication process shown in the above embodiment, and the NAND packages (MCP1) and (MCP2) of the NAND flash memory 10 store the secret identification information Secret ID.
Check the validity of.

After the validity confirmation, the host device 20 performs EMID calculation processing using the method described in the second embodiment based on the secret identification information Secret ID.

Here, the NAND package (MCP2) is written with content (Content).
Binding data for associating the EMID with the content is generated. Binding Data includes
It is desirable to include data related to the key for encrypting / decrypting the content.
Binding Data includes NAND packages (MCP1) and (MCP) mounted in the card 55.
2) Recorded in one of the above. Here, the NAND package in which Binding Data is recorded may be the NAND package (MCP1) having the secret identification information Secret ID used for the authentication process, or may be another NAND package (MCP2). Although the latter example is shown in FIG. 39, it is not limited to this. Similarly, any NAND package may be used as the content recording position.

Binding for associating EMID and content during content playback
The relationship between the EMID obtained by authenticating the data and the secret identification information Secret ID and the content is calculated and confirmed, and the content is reproduced only when the relationship is confirmed.

With the above configuration, the content is associated with the secret identification information Secret ID. For this reason, content or B is stored in another memory card that does not have the same secret identification information Secret ID.
Even if the inding data is copied illegally, it is advantageous in that the effect that the content cannot be reproduced is obtained.

Application example 1 to HDD
A configuration example 1 of a hard disk drive (HDD) using a NAND flash memory 10 to which the present authentication function is applied will be described with reference to FIG.

As shown in the figure, the HDD package 200 is equipped with at least one NAND package (MCP1), and at least one of the NAND packages has the authentication function / authenticated function according to the embodiment.

  The HDD package 200 is equipped with at least one HDD 210.

Further, a bridge controller 190 is mounted for executing control of the NAND package (MCP1), control of the HDD 210, control of the interface with the host device, and the like. The bridge controller 190 may be composed of a single integrated circuit or a plurality of integrated circuits. Further, the function may be realized by a combination of an integrated circuit and firmware.

The authentication function / authenticated function in the NAND package (MCP1) is provided to the HDD 210 as the host device via the bridge controller 190.

Application example 2 to HDD
FIG. 41 shows another configuration example of a hard disk drive (HDD) using the NAND flash memory 10 to which this authentication function is applied.

As shown in the figure, the HDD package 200 has a memory card socket 550 for connecting the memory card 55 described with reference to FIG.

The HDD package 200 is equipped with at least one HDD 210. Further, a bridge controller 190 that executes control of the memory card 55, control of the HDD 210, control of the interface with the host device, and the like is mounted. Bridge controller 1
90 may be composed of a single integrated circuit or may be composed of a plurality of integrated circuits. Further, the function may be realized by a combination of an integrated circuit and firmware.

The authentication function / authenticated function in the memory card 55 is provided to the HDD 210 as the host device via the bridge controller 190.

Application example 2 for content protection
FIG. 42 shows an application example to content protection of a hard disk drive (HDD) using the NAND flash memory 10 to which the authentication function is applied. In the present embodiment, FIG.
However, the present invention is also applicable to the HDD configuration shown in FIG.

As shown, the HDD packages 200A and 200B include bridge controllers 190A and 190B, memory card sockets 550A and 550B, and HDDs 210A and 21B.
0B is installed.

Here, the memory card 55 has the authentication function / authenticated function of any of the above embodiments. The host device 20 confirms the validity of the secret identification information Secret ID of the NAND flash memory 10 by the authentication process shown in the above embodiment. After checking the validity, the host device 20
Performs EMID calculation processing by the method shown in the second embodiment based on the secret identification information Secret ID.

Bind for associating EMID and content when writing content (Cntent)
Generate ing Data. It is desirable to include data related to the key for encrypting / decrypting content in Binding Data. Binding Data is memory card 55 or
It is recorded in either HDD 210A or 210B. Here, HDDs 210A, 210
Although the example recorded on B is shown, it is not restricted to this. Similarly, the content recording position may be either the card 55 or the HDDs 210A and 210B.

Binding for associating EMID and content during content playback
The content is reproduced only when the relationship between the data and the EMID obtained by authenticating the secret identification information Secret ID and the content is calculated and confirmed and the relationship is confirmed.

In the present embodiment, the authentication function / authenticated function of the NAND flash memory 10 in the memory card 55 is used via the card socket 550A. However, the HDD shown in FIG. The present invention can also be applied to a control configuration. In this case, the memory card may be replaced with a NAND package.

Further, as an application example applicable to the HDD having the card sockets 550A and 550B, when there are a plurality of similar HDD packages, contents and Bi are included in both HDD packages.
By duplicating the nding data, it is possible to reproduce the content recorded in any HDD by simply moving the card. Here, Binding Data may be recorded on a card instead of the HDD, or may be recorded on both.

With this configuration, since the content is associated with the secret identification information Secret ID in the memory card 55 or NAND package, the content or Binding Data is illegally copied to the memory card 55 that does not have the same secret identification information Secret ID. Even so, there is an effect that the content cannot be reproduced.

Furthermore, in the example in which the HDD package shown in FIG. 41 has a memory socket, it is possible to reproduce content recorded on a plurality of HDDs by moving only the memory card. This is generally advantageous in terms of portability because the HDD has a larger casing and may be used for a stationary use or the like as compared with a memory card.

Application example 3 for content protection
With reference to FIG. 43, an application example 3 for content protection of a hard disk drive (HDD) using the NAND flash memory 10 to which the authentication function is applied will be described. In this embodiment, the host device 20 has a memory card socket 550 and uses an external HDD 210.

As shown, the HDD package 200 includes a bridge controller 190, an HD
D210 is mounted.

The host device 20 is equipped with an authentication function and a card control function provided in the memory card 55 inserted into the memory card socket 550. The memory card 55 includes a NAND package having an authentication function / authenticated function according to any of the above embodiments.

In the above configuration, the host device 20 performs the NAN through the authentication process described in the above embodiment.
The validity of the secret identification information Secret ID of the D-type flash memory 10 is confirmed.

After the validity confirmation, the host device 20 performs EMID calculation processing using the method according to the second embodiment based on the secret identification information Secret ID.

Bin for associating EMID and content when writing content
Generate ding Data. The Binding Data preferably includes data related to the key for encrypting / decrypting the content. Binding Data is recorded in either the memory card 55 or the HDD 210. Although the latter example is shown here, the present invention is not limited to this. Similarly, the recording position of the content is the card 55 or HDD 210.
Any of these may be used.

Binding for associating EMID and content during content playback
The content is reproduced only when the relationship between the data and the EMID obtained by authenticating the secret identification information Secret ID and the content is calculated and confirmed and the relationship is confirmed.

The present embodiment is an example in which the authentication function / authenticated function of the NAND flash memory 10 in the memory card 55 is used via the card socket 550. However, the host device 20 is directly mounted with a NAND package for control. The present invention can also be applied to such a configuration. In this case, the memory card 55 may be replaced with a NAND package.

Further, as an application example applicable to the host device 20 having the card socket 550, when there are a plurality of similar host devices 20, the memory card 55 and the HDD package 200 are used.
By connecting to the other host device 20, it becomes possible to play back the content on any host device 20. Here, the content and Binding Data may be recorded on the card 55 instead of the HDD 210, or may be recorded on both.

With this configuration, since the content is associated with the secret identification information Secret ID in the memory card 55 or NAND package, even if the content or Binding Data is illegally copied to a memory card that does not have the same secret identification information Secret ID, The effect that cannot be reproduced is obtained. Furthermore, by moving the memory card 55 and the HDD 210, it becomes possible to reproduce content on a plurality of host devices.

Application example 4 for content protection
Application example 4 for content protection of a hard disk drive (HDD) using the NAND flash memory 10 to which the authentication function is applied will be described with reference to FIG. In the present embodiment, the host device 20 has a memory card socket 550 and further uses an internal HDD 210.

As shown, the HDD package 200 includes a bridge controller 190, an HD
D210 is mounted.

The host device 20 is equipped with an authentication function and a card control function provided in the memory card 55 inserted into the memory card socket 550. The memory card 55 includes a NAND package having an authentication function / authenticated function according to any of the above embodiments.

In the above configuration, the host device 20 performs the NAN through the authentication process described in the above embodiment.
The validity of the secret identification information Secret ID of the D-type flash memory 10 is confirmed.

After the validity confirmation, the host device 20 performs EMID calculation processing using the method according to the second embodiment based on the secret identification information Secret ID.

Bin for associating EMID and content when writing content
Generate ding Data. The Binding Data preferably includes data related to the key for encrypting / decrypting the content. Binding Data is recorded in either the memory card 55 or the HDD 210. Although the latter example is shown here, the present invention is not limited to this. Similarly, the recording position of the content is the card 55 or HDD 210.
Any of these may be used.

Binding for associating EMID and content during content playback
The content is reproduced only when the relationship between the data and the EMID obtained by authenticating the secret identification information Secret ID and the content is calculated and confirmed and the relationship is confirmed.

The present embodiment is an example in which the authentication function / authenticated function of the NAND flash memory 10 in the memory card 55 is used via the card socket 550. However, the host device 20 is directly mounted with a NAND package for control. The present invention can also be applied to such a configuration. In this case, the memory card 55 may be replaced with a NAND package.

Further, as an application example applicable to the host device 20 having the card socket 550, when there are a plurality of similar host devices 20, the memory card 55 and the HDD package 200 are used.
By connecting to the other host device 20, it becomes possible to play back the content on any host device 20. Here, the content and Binding Data may be recorded on the card 55 instead of the HDD 210, or may be recorded on both.

With this configuration, since the content is associated with the secret identification information Secret ID in the memory card 55 or NAND package, even if the content or Binding Data is illegally copied to a memory card that does not have the same secret identification information Secret ID, The effect that cannot be reproduced is obtained. Furthermore, by moving the memory card 55 and the HDD 210, it becomes possible to reproduce content on a plurality of host devices.

[Modification 2 (another example of using data cache)]
The modified example 2 relates to another configuration example of the use for the data cache authentication process described in the sixth embodiment. In this description, the description of the same part as the above embodiment is omitted.

<Configuration example of sense amplifier and its peripheral circuit>
A configuration example of the sense amplifier and the peripheral circuit is shown in FIG.
As shown in the figure, in Modification 2, DC_A, DC_B, DC_C, and DC_S are the data cache 12, and only DC_A is connected to the data line via the column control circuit, and is used to exchange data with the outside of the chip. used. DC_S is a latch used for controlling the operation of the sense amplifier according to data. DC_B, DC_C, and DC_S are connected in parallel to a bus (LBUS) between DC_A and the sense amplifier and used as a data cache. When data is exchanged with the outside, it is necessary to pass through DC_A. The column control circuit connects DC_A having an address corresponding to the column address to the data line. NAN
When the D flash memory is used in a normal operation, the column address supplied from the address control circuit is used, but when the proposed authentication sequence is performed, an address designated by the arithmetic unit is used. Whether a normal address or an arithmetic unit address is used can be switched by a mode switching signal.

<Example of equivalent circuit of sense amplifier and data cache>
FIG. 46 shows an equivalent circuit example of the sense amplifier 77 and the data cache 12 in FIG.

As mentioned above, although some embodiment of this invention was described, these embodiment is shown as an example and is not intending limiting the range of invention. These novel embodiments can be implemented in various other forms, and without departing from the spirit of the invention,
Various omissions, replacements, and changes can be made. These embodiments and modifications thereof are included in the scope and gist of the invention, and are included in the invention described in the claims and the equivalents thereof.

DESCRIPTION OF SYMBOLS 10 ... NAND type flash memory, 19 ... Controller, 20 ... Host device, 11 ...
Cell array, 23 ... Memory, E-SecretID ... Unique encrypted secret identification information, SecretID ... Unique secret identification information, FKB ... Common key management information, NKey ... First key information, HKey ... Second key information , SKey ... Session key information.

Claims (10)

  1. A first area in which first key data (NKey) and unique secret data (SecretID) are stored and read is restricted;
    Encrypted unique secret data (E-SecretID) generated by encrypting the unique secret data is stored, and a readable second area;
    With
    The first key data is read from the first area;
    AES (Advance) using the first key data and the first number data (HC) received from the outside
    d Encryption Standard) By performing the encryption process, the second key data (HKey) is generated,
    Session key data (SKey) is generated by performing AES encryption processing using the second key data and the second number data (RN) received from the outside,
    A memory device configured to generate authentication information data (Oneway-ID) by performing a one-way conversion process using the session key data and the unique secret data read from the first area.
  2. Key data and secret data for which reading is restricted, and readable encrypted secret data are stored.
    A memory device configured to perform one-way conversion on the secret data using the key data and generate data used for authentication with an external device from which the encrypted secret data is read.
  3. In claim 2,
    The secret data is data that is uniquely assigned to the memory device by a memory device vendor.
  4. In claim 2 or 3,
    A first area in which the key data and the secret data are stored in an unreadable manner;
    A second area in which the encrypted secret data is stored in a readable manner;
    A memory device.
  5. In any one of Claims 2 thru | or 4,
    A memory device provided with a third area in which the family key block data (FKB) is readable and stored after shipment from the memory device vendor.
  6. In claim 5,
    The memory device in which the second area is read-only.
  7. Encrypted secret data is stored readable,
    A memory device in which key data used to generate authentication data used for authentication with an external device and the secret data are stored in a non-readable manner from the external device.
  8. In claim 7,
    The secret data is data that is uniquely assigned to the memory device by a memory device vendor.
  9. In claim 7,
    The memory device, wherein the authentication data is data generated by performing a unidirectional conversion process using the key data and the secret data as input values.
  10. In claim 7,
    A first area in which the key data and the secret data are stored and read is restricted;
    A second area in which the encrypted secret data is stored and made readable;
    A memory device comprising:
JP2012209681A 2012-09-24 2012-09-24 Memory device Pending JP2013118616A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
JP2012209681A JP2013118616A (en) 2012-09-24 2012-09-24 Memory device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2012209681A JP2013118616A (en) 2012-09-24 2012-09-24 Memory device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
JP2011265295 Division 2011-12-02

Publications (1)

Publication Number Publication Date
JP2013118616A true JP2013118616A (en) 2013-06-13

Family

ID=48712859

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2012209681A Pending JP2013118616A (en) 2012-09-24 2012-09-24 Memory device

Country Status (1)

Country Link
JP (1) JP2013118616A (en)

Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4757468A (en) * 1982-09-22 1988-07-12 Intel Corporation Authenticated read-only memory
JPH08204702A (en) * 1995-01-30 1996-08-09 Nec Corp Cipher key management equipment
JP2000122931A (en) * 1998-10-15 2000-04-28 Toshiba Corp Digital integrated circuit
JP2005506589A (en) * 2000-12-07 2005-03-03 サンディスク コーポレイションSanDisk Corporation System, method and device for playing recorded audio, video or other content from non-volatile memory card, compact disc or other media
JP2005341156A (en) * 2004-05-26 2005-12-08 Toshiba Corp Storage medium converting method, program and apparatus
JP2006005557A (en) * 2004-06-16 2006-01-05 Toshiba Corp Storage medium processing method, storage medium processing device, and program
JP2007027896A (en) * 2005-07-12 2007-02-01 Matsushita Electric Ind Co Ltd Communication card, secret information processing system, secret information transmission method, and program
US20080229015A1 (en) * 2007-03-16 2008-09-18 Samsung Electronics Co., Ltd. Portable memory apparatus having a content protection function and method of manufacturing the same
JP2008269088A (en) * 2007-04-17 2008-11-06 Toshiba Corp Program information providing system, program information providing method, and storage medium used for it
JP2009087497A (en) * 2007-10-02 2009-04-23 Sony Corp Recording system, information processing device, storage device, recording method, and program
JP2009100394A (en) * 2007-10-19 2009-05-07 Sony Corp Information processing apparatus and method, recording medium, program, and information processing system
JP2010267240A (en) * 2009-04-16 2010-11-25 Toshiba Corp Recording device
JP2010287005A (en) * 2009-06-11 2010-12-24 Sony Corp Card management device and card management system
JP2011209802A (en) * 2010-03-29 2011-10-20 Sony Corp Memory device, host device and memory system
JP2011215983A (en) * 2010-04-01 2011-10-27 Sony Corp Memory device, host device, and memory system
JP2012008756A (en) * 2010-06-24 2012-01-12 Sony Corp Information processing device, information processing method and program
JP2012033000A (en) * 2010-07-30 2012-02-16 Sony Corp Memory device, host device, server device, authentication system, and authentication method
JP2012521155A (en) * 2009-03-20 2012-09-10 サンディスク テクノロジィース インコーポレイテッド Method for manufacturing a product including a certificate and a key
JP5214782B2 (en) * 2011-08-31 2013-06-19 株式会社東芝 Memory device, storage medium, host device, and system
JP2013138491A (en) * 2013-02-21 2013-07-11 Toshiba Corp Memory device, storage media, host device, and system
JP5275432B2 (en) * 2011-11-11 2013-08-28 株式会社東芝 Storage medium, host device, memory device, and system

Patent Citations (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4757468A (en) * 1982-09-22 1988-07-12 Intel Corporation Authenticated read-only memory
JPH08204702A (en) * 1995-01-30 1996-08-09 Nec Corp Cipher key management equipment
JP2000122931A (en) * 1998-10-15 2000-04-28 Toshiba Corp Digital integrated circuit
JP2005506589A (en) * 2000-12-07 2005-03-03 サンディスク コーポレイションSanDisk Corporation System, method and device for playing recorded audio, video or other content from non-volatile memory card, compact disc or other media
JP2005341156A (en) * 2004-05-26 2005-12-08 Toshiba Corp Storage medium converting method, program and apparatus
JP2006005557A (en) * 2004-06-16 2006-01-05 Toshiba Corp Storage medium processing method, storage medium processing device, and program
JP2007027896A (en) * 2005-07-12 2007-02-01 Matsushita Electric Ind Co Ltd Communication card, secret information processing system, secret information transmission method, and program
US20080229015A1 (en) * 2007-03-16 2008-09-18 Samsung Electronics Co., Ltd. Portable memory apparatus having a content protection function and method of manufacturing the same
JP2008269088A (en) * 2007-04-17 2008-11-06 Toshiba Corp Program information providing system, program information providing method, and storage medium used for it
JP2009087497A (en) * 2007-10-02 2009-04-23 Sony Corp Recording system, information processing device, storage device, recording method, and program
JP2009100394A (en) * 2007-10-19 2009-05-07 Sony Corp Information processing apparatus and method, recording medium, program, and information processing system
JP2012521155A (en) * 2009-03-20 2012-09-10 サンディスク テクノロジィース インコーポレイテッド Method for manufacturing a product including a certificate and a key
JP2010267240A (en) * 2009-04-16 2010-11-25 Toshiba Corp Recording device
JP2010287005A (en) * 2009-06-11 2010-12-24 Sony Corp Card management device and card management system
JP2011209802A (en) * 2010-03-29 2011-10-20 Sony Corp Memory device, host device and memory system
JP2011215983A (en) * 2010-04-01 2011-10-27 Sony Corp Memory device, host device, and memory system
JP2012008756A (en) * 2010-06-24 2012-01-12 Sony Corp Information processing device, information processing method and program
JP2012033000A (en) * 2010-07-30 2012-02-16 Sony Corp Memory device, host device, server device, authentication system, and authentication method
JP5214782B2 (en) * 2011-08-31 2013-06-19 株式会社東芝 Memory device, storage medium, host device, and system
JP5275432B2 (en) * 2011-11-11 2013-08-28 株式会社東芝 Storage medium, host device, memory device, and system
JP2013138491A (en) * 2013-02-21 2013-07-11 Toshiba Corp Memory device, storage media, host device, and system

Similar Documents

Publication Publication Date Title
CN103164666B (en) The method for protecting the storage arrangement and certification storage arrangement of secure data
US8976586B2 (en) Semiconductor memory device for pseudo-random number generation
US9396137B2 (en) Storage device, protection method, and electronic apparatus
US9064108B2 (en) Storage device, storage system, and authentication method
CN103635911B (en) For the protection of the memory device of content and main process equipment and method thereof
US9081726B2 (en) Controller to be incorporated in storage medium device, storage medium device, system for manufacturing storage medium device, and method for manufacturing storage medium device
US9183357B2 (en) Recording/reproducing system, recording medium device, and recording/reproducing device
CN102843234B (en) Semiconductor device and the method for writing data into semiconductor device
CN102842009B (en) Semiconductor device
US6769087B2 (en) Data storage device and method for controlling the device
EP1453060B1 (en) Semiconductor memory card and data reading apparatus
CN100492962C (en) Apparatus and method for recording and reproducing information
JP4078802B2 (en) Information processing system, information processing method, information processing apparatus, information recording medium, and program recording medium
DE60126874T2 (en) Device and method for information processing
US7058819B2 (en) Data processing system, data processing method, and program providing medium
JP4622082B2 (en) Data reproducing device, data recording device, data reproducing method, data recording method, list update method, and program providing medium
US9172535B2 (en) Key implementation system
JP4622087B2 (en) Information processing apparatus, information processing method, and program storage medium
US20140075207A1 (en) Apparatus, method, and computer program product for processing information
CN1145160C (en) Storage medium and protection method for contents using the same storage medium
CN101971186B (en) Information leak prevention device, and method and program thereof
JPWO2009157142A1 (en) Information processing apparatus, encryption key management method, computer program, and integrated circuit
JP2010268417A (en) Recording device, and content-data playback system
EP2400491B1 (en) Information processing device, information processing method, and program
KR100792287B1 (en) Method for security and the security apparatus thereof

Legal Events

Date Code Title Description
A02 Decision of refusal

Free format text: JAPANESE INTERMEDIATE CODE: A02

Effective date: 20140314