JP2019161645A - Information processing system, information processing device, and method for controlling information processing device - Google Patents

Abstract

To obtain a memory system capable of easily mounting effective measures to a fault attack.SOLUTION: A host device 2 includes a power supply part 12 for supplying power to a SoC 11, a current value measurement circuit 13 for measuring current flowing from the power supply part 12 to the SoC 11, a detection part 31 for detecting a power glitch of the host device 2 on the basis of a measurement result of the current by the current value measurement circuit 13, and a control part 32 for stopping the transmission of an encryption command from the host device 2 to the memory device 3 in the case that the detection part 31 detects a power glitch of the host device 2.SELECTED DRAWING: Figure 2

Description

  The present invention relates to an information processing system, an information processing apparatus, and a control method for the information processing apparatus.

  Currently used cryptography is computationally safe for cryptographic analysis techniques. However, when the cryptographic module is actually mounted on the encryption device, a leakage depending on the mounting, such as power consumption and processing time, occurs. By observing such an operating state with various physical means, the threat of side channel attacks that attempt to illegally acquire secret information such as a secret key has increased.

  As one of side channel attacks, a fault attack has been reported in which a malfunction is intentionally generated in a cryptographic system and secret information is estimated by analyzing an output at the time of the malfunction. In addition, as a specific method of fault attack, a method of malfunctioning a cryptographic system by instantaneously applying an abnormal voltage (power glitch) to the power supply voltage for driving the cryptographic system has been reported. .

  Therefore, in recent years, various countermeasures against fault attacks have been proposed. For example, a countermeasure based on random delay (non-patent document 1 below), which makes analysis difficult by intentionally shifting the execution start timing of encryption processing, A countermeasure by duplication (the following non-patent document 2) is proposed in which the same encryption algorithm is executed a plurality of times for input.

Jasper GJ van Woudenberg and two others, “Practical optical fault injection on secure microcontrollers”, [online], search February 14, 2018, Internet <https://www.riscure.com/uploads/2017/09/ Practical-optical-fault-injection-on-secure-microcontrollers.pdf> Alessandro Barenghi and three others, “Countermeasures against fault attacks on software implemented AES”, [online], searched February 14, 2018, Internet <https://www.researchgate.net/publication/221148201_Countermeasures_against_fault_attacks_on_software_implemented_AES>

  However, when the above-mentioned countermeasures based on random delay and countermeasures based on duplication are implemented in a cryptographic system, these countermeasure processes always run during application execution, regardless of whether or not they are actually subjected to a fault attack. Crypto system processing latency increases and system performance decreases.

  The present invention has been made in view of such circumstances, and an information processing system, an information processing apparatus, and an information processing apparatus control method capable of easily implementing an effective countermeasure against a fault attack are obtained. It is intended.

  An information processing system according to a first aspect of the present invention includes an information processing device having a processing circuit including a first encryption / decryption processing unit, and an accessory connected to the information processing device and having a second encryption / decryption processing unit A first power supply unit that supplies power to the processing circuit; and a first current measurement that measures a current flowing from the first power supply unit to the processing circuit. And a detection unit for detecting a power supply glitch of the information processing device based on a current measurement result by the first current measurement unit, and when the detection unit detects a power supply glitch of the information processing device, And a control unit that stops transmission of encrypted data from the information processing apparatus to the auxiliary device.

  According to the information processing system according to the first aspect, the first current measurement unit measures the current flowing from the first power supply unit to the processing circuit, and the detection unit is configured to measure the current from the first current measurement unit. A power supply glitch of the information processing apparatus is detected based on the measurement result. As a result, the power supply glitch of the information processing apparatus can be detected easily and reliably. Further, the control unit executes a fault attack countermeasure process when the detection unit detects a power supply glitch of the information processing apparatus. Therefore, when the detection unit does not detect the power supply glitch of the information processing apparatus, the fault attack countermeasure process is not executed. Therefore, the increase in the processing latency of the information processing system and the system performance due to the countermeasure process being executed all the time. Can be avoided. Furthermore, when a power supply glitch of the information processing device is detected, the control unit stops transmission of encrypted data from the information processing device to the attached device. Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  The information processing system according to the second aspect of the present invention is the information processing system according to the first aspect, in particular, while the control unit detects a power supply glitch of the information processing device. The transmission stop state of encrypted data from the information processing device to the attached device is continued.

  According to the information processing system according to the second aspect, the control unit continues the transmission stop state of the encrypted data from the information processing device to the attached device while the detection unit detects the power supply glitch of the information processing device. To do. Therefore, even if the power glitch is repeated due to the fault attack, it is possible to reliably prevent the wrong encrypted data to be analyzed for the fault attack from being extracted by the attacker.

  In the information processing system according to the third aspect of the present invention, in particular in the information processing system according to the second aspect, the information processing apparatus executes a first authentication process for authenticating the validity of the attached device. An authentication processing unit, and the control unit causes the first authentication processing unit to execute an authentication process after the detection unit detects a power supply glitch of the information processing apparatus. is there.

  According to the information processing system according to the third aspect, the control unit causes the first authentication processing unit to execute the authentication process after the detection unit detects the power supply glitch of the information processing device. Therefore, in order to resume transmission of encrypted data from the information processing device to the attached device in order to extract erroneous encrypted data, the attacker needs to break through the authentication processing by the first authentication processing unit. It becomes possible to further make fault attacks by attackers more difficult.

  An information processing system according to a fourth aspect of the present invention is the information processing system according to the third aspect, in particular, the information processing apparatus includes a second power supply unit that supplies power to the accessory device, and the first A second current measuring unit that measures a current flowing from the power supply unit to the attached device, wherein the first authentication processing unit performs a predetermined power consumption operation for authenticating the attached device. Is added to the normal operation, and is executed by the auxiliary device, and the actual current value measured by the second current measuring unit during the period in which the auxiliary device executes the power consumption operation, and the genuine product The legitimacy of the auxiliary device is authenticated based on a known reference current value that is a current value when the auxiliary device executes the power consumption operation.

  According to the information processing system of the fourth aspect, the first authentication processing unit causes the auxiliary device to execute a predetermined power consumption operation for authenticating the auxiliary device in addition to the normal operation. The measured current value measured by the second current measurement unit during the period in which the power consumption operation is being executed, and the known reference current value that is the current value when the genuine accessory device executes the power consumption operation. Based on this, the validity of the attached device is authenticated. Therefore, when the non-genuine accessory device cannot execute the power consumption operation, the measured current value does not match the reference current value, so that the first authentication processing unit can easily execute the authentication of the accessory device. . In addition, even if a non-genuine accessory device can execute power consumption operation, the power consumption characteristics differ between a regular product and a non-genuine product due to differences in device structure or manufacturing process. The measured current value of does not match the reference current value of the regular product. Therefore, authentication of the attached device can be easily executed by the first authentication processing unit. In addition, the power consumption operation for authenticating the accessory device is not the normal operation itself of the accessory device, but is an independent operation added to the normal operation. A typical power consumption operation can be executed by the attached device. As a result, it is possible to improve the authentication accuracy of the attached device by the first authentication processing unit.

  An information processing system according to a fifth aspect of the present invention is the information processing system according to the fourth aspect, in particular, the first authentication processing unit includes a plurality of actually measured currents measured by the second current measurement unit. A pattern creation unit that creates an actual measured current value pattern by arranging values in chronological order, an actual measurement current value pattern created by the pattern creation unit, and a known reference current in which reference current values are arranged in chronological order A pattern comparison unit for comparing with the value pattern, and authenticating the validity of the attached device based on the comparison result by the pattern comparison unit.

  According to the information processing system according to the fifth aspect, the pattern comparison unit compares the measured current value pattern created by the pattern creation unit with the known reference current value pattern in which the reference current values are arranged in time series. Then, the first authentication processing unit authenticates the validity of the attached device based on the comparison result by the pattern comparison unit. Since the non-genuine product is often a poor product, the absolute value of the current consumption of the non-genuine product is often larger than that of the regular product. According to the information processing system according to the fifth aspect, the first authentication processing unit compares the measured current value pattern with the reference current value pattern, not the current consumption change rate pattern. Even when the rate of change pattern of current consumption is close to the product, the authentication of the attached device can be executed with high accuracy.

  The information processing system according to a sixth aspect of the present invention is the information processing system according to any one of the third to fifth aspects, and in particular, the control unit encrypts the information processing apparatus to the accessory apparatus. After the data transmission is stopped, when the detection unit does not detect the power supply glitch of the information processing device and the authentication processing by the first authentication processing unit is successful, the information processing device sends the attached device. The transmission of encrypted data to the network is resumed.

  According to the information processing system of the sixth aspect, the control unit performs the information processing when the detection unit does not detect the power supply glitch of the information processing apparatus and the authentication processing by the first authentication processing unit is successful. Resume transmission of encrypted data from the device to the attached device. Therefore, after the fault attack ends, the normal operation of the information processing system is resumed on the condition that the authentication processing by the first authentication processing unit is successful, so that the availability of the system can be improved. In addition, when a power supply glitch of the information processing apparatus is detected due to sudden noise such as static electricity, the normal operation of the information processing system resumes on the condition that the authentication processing by the first authentication processing unit is successful. Therefore, the availability of the system can be improved.

  In the information processing system according to the seventh aspect of the present invention, in particular, in the information processing system according to the fourth or fifth aspect, the detection unit is further based on a current measurement result by the second current measurement unit. , Detecting a power supply glitch of the auxiliary device, and the control unit further stops transmission of encrypted data from the auxiliary device to the information processing device when the detection unit detects a power supply glitch of the auxiliary device It is characterized by doing.

  According to the information processing system according to the seventh aspect, the second current measuring unit measures the current flowing from the second power supply unit to the accessory device, and the detecting unit is configured to measure the current from the second current measuring unit. A power supply glitch of the attached device is detected based on the measurement result. Thereby, it is possible to easily and reliably detect the power supply glitch of the attached device. Further, the control unit executes a fault attack countermeasure process when the detection unit detects a power supply glitch of the attached device. Therefore, when the detection unit does not detect the power supply glitch of the attached device, the fault attack countermeasure process is not executed. Therefore, the processing latency of the information processing system due to the countermeasure process being constantly executed and the system performance are increased. A decrease can be avoided. Further, when a power supply glitch of the attached device is detected, the control unit stops transmission of encrypted data from the attached device to the information processing device. Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  The information processing system according to an eighth aspect of the present invention is the information processing system according to the seventh aspect, in particular, while the control unit further detects the power supply glitch of the auxiliary device. The transmission apparatus stops the transmission of encrypted data from the attached device to the information processing device.

  According to the information processing system in the eighth aspect, the control unit continues the transmission stop state of the encrypted data from the attachment device to the information processing device while the detection unit detects the power supply glitch of the attachment device. . Therefore, even if the power glitch is repeated due to the fault attack, it is possible to reliably prevent the wrong encrypted data to be analyzed for the fault attack from being extracted by the attacker.

  An information processing system according to a ninth aspect of the present invention is the information processing system according to the eighth aspect, and in particular, the accessory device executes a second authentication process for authenticating the validity of the information processing device. And the control unit causes the second authentication processing unit to execute an authentication process after the detection unit detects a power supply glitch of the accessory device. .

  According to the information processing system of the ninth aspect, the control unit causes the second authentication processing unit to execute authentication processing after the detection unit detects a power supply glitch of the attached device. Therefore, in order to resume transmission of encrypted data from the attached device to the information processing device in order to extract erroneous encrypted data, the attacker needs to break through the authentication processing by the second authentication processing unit. It becomes possible to further make fault attacks by attackers more difficult.

  An information processing system according to a tenth aspect of the present invention is the information processing system according to the ninth aspect, in particular, after the control unit stops transmitting encrypted data from the accessory device to the information processing device. When the detection unit does not detect the power supply glitch of the attached device and the authentication processing by the second authentication processing unit is successful, the encrypted data is transmitted from the attached device to the information processing device. It is characterized by restarting.

  According to the information processing system of the tenth aspect, the control unit detects from the attached device when the detection unit does not detect the power supply glitch of the attached device and the authentication processing by the second authentication processing unit is successful. The transmission of encrypted data to the information processing apparatus is resumed. Therefore, after the fault attack ends, the normal operation of the information processing system is resumed on the condition that the authentication processing by the second authentication processing unit is successful, so that the availability of the system can be improved. In addition, when a power supply glitch of the attached device is detected due to sudden noise such as static electricity, the normal operation of the information processing system is resumed on the condition that the authentication processing by the second authentication processing unit is successful. Therefore, the availability of the system can be improved.

  An information processing system according to an eleventh aspect of the present invention includes: an information processing device having a first encryption / decryption processing unit; and an accessory device connected to the information processing device and having a second encryption / decryption processing unit. The information processing apparatus includes a power supply unit that supplies power to the accessory device, a current measurement unit that measures a current flowing from the power supply unit to the accessory device, and a current measurement result by the current measurement unit. And detecting a power supply glitch of the attached device, and stopping transmission of encrypted data from the attached device to the information processing device when the detecting unit detects a power supply glitch of the attached device. And a control unit.

  According to the information processing system according to the eleventh aspect, the current measurement unit measures the current flowing from the power supply unit to the accessory device, and the detection unit powers the accessory device based on the current measurement result by the current measurement unit. Detect glitches. Thereby, it is possible to easily and reliably detect the power supply glitch of the attached device. Further, the control unit executes a fault attack countermeasure process when the detection unit detects a power supply glitch of the attached device. Therefore, when the detection unit does not detect the power supply glitch of the attached device, the fault attack countermeasure process is not executed. Therefore, the processing latency of the information processing system due to the countermeasure process being constantly executed and the system performance are increased. A decrease can be avoided. Further, when a power supply glitch of the attached device is detected, the control unit stops transmission of encrypted data from the attached device to the information processing device. Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  The information processing system according to a twelfth aspect of the present invention is the information processing system according to the eleventh aspect, in particular, the control unit includes the attachment while the detection unit detects a power supply glitch of the attachment device. It is characterized in that the transmission stop state of encrypted data from the apparatus to the information processing apparatus is continued.

  According to the information processing system in the twelfth aspect, the control unit continues the transmission stop state of the encrypted data from the attached device to the information processing device while the detecting unit detects the power supply glitch of the attached device. . Therefore, even if the power glitch is repeated due to the fault attack, it is possible to reliably prevent the wrong encrypted data to be analyzed for the fault attack from being extracted by the attacker.

  An information processing system according to a thirteenth aspect of the present invention is the information processing system according to the twelfth aspect, particularly the authentication process in which the auxiliary device performs an authentication process for authenticating the validity of the information processing apparatus. The control unit causes the authentication processing unit to execute an authentication process after the detection unit detects a power supply glitch of the accessory device.

  According to the information processing system in the thirteenth aspect, the control unit causes the authentication processing unit to execute authentication processing after the detection unit detects a power supply glitch of the attached device. Therefore, in order to resume transmission of encrypted data from the attached device to the information processing device in order to extract erroneous encrypted data, the attacker needs to break through the authentication processing by the authentication processing unit. The fault attack can be made more difficult.

  An information processing system according to a fourteenth aspect of the present invention is the information processing system according to the thirteenth aspect, in particular, after the control unit has stopped transmitting encrypted data from the accessory device to the information processing device. Resuming transmission of encrypted data from the accessory device to the information processing device when the detection unit does not detect a power supply glitch of the accessory device and the authentication processing by the authentication processing unit is successful. It is characterized by.

  According to the information processing system of the fourteenth aspect, the control unit detects that the detection unit does not detect the power supply glitch of the attachment device and the authentication processing unit succeeds in the authentication process, and the information processing device is connected to the information processing device. Restart sending encrypted data to. Therefore, after the fault attack ends, the normal operation of the information processing system is resumed on the condition that the authentication processing by the authentication processing unit is successful, so that the availability of the system can be improved. In addition, when a power supply glitch of the attached device is detected due to sudden noise such as static electricity, the normal operation of the information processing system is resumed on the condition that the authentication processing by the authentication processing unit is successful. It becomes possible to improve the availability of the system.

  An information processing system according to a fifteenth aspect of the present invention includes an information processing device having a processing circuit including a first encryption / decryption processing unit, and an accessory connected to the information processing device and having a second encryption / decryption processing unit A power supply unit that supplies power to the processing circuit and the accessory device, and a current measurement unit that measures a current flowing from the power supply unit to the processing circuit and the accessory device. And a detection unit that detects a power supply glitch of the information processing device and the accessory device based on a current measurement result by the current measurement unit, and when the detection unit detects a power supply glitch of the information processing device, When transmission of encrypted data from the information processing apparatus to the attachment apparatus is stopped and the detection unit detects a power supply glitch of the attachment apparatus, the attachment apparatus to the information processing apparatus It is characterized in further comprising a control unit for stopping the transmission of the encrypted data.

  According to the information processing system according to the fifteenth aspect, the current measurement unit measures the current flowing from the power supply unit to the processing circuit and the attached device, and the detection unit performs information based on the current measurement result by the current measurement unit. A power supply glitch of the processing device and the accessory device is detected. As a result, it is possible to easily and reliably detect the power supply glitches of the information processing apparatus and the accessory apparatus. Further, the control unit executes a fault attack countermeasure process when the detection unit detects a power supply glitch of the information processing apparatus or the accessory device. Therefore, when the detection unit does not detect the power supply glitches of the information processing apparatus and the accessory device, the fault attack countermeasure process is not executed, and thus the processing latency of the information processing system is increased due to the countermeasure process being always executed. In addition, it is possible to avoid a decrease in system performance. Further, the control unit stops transmission of the encrypted data from the information processing device to the attached device when the power supply glitch of the information processing device is detected, and the attached device when the power supply glitch of the attached device is detected. The transmission of encrypted data to the information processing apparatus is stopped. Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  An information processing system according to a sixteenth aspect of the present invention is the information processing system according to the fifteenth aspect, in particular, the control unit while the detection unit detects a power supply glitch of the information processing device. Encrypted data from the attached device to the information processing device while the transmission of encrypted data from the information processing device to the attached device is stopped and the detection unit detects a power supply glitch of the attached device. The transmission stop state is continued.

  According to the information processing system in the sixteenth aspect, the control unit continues the transmission suspension state of the encrypted data from the information processing device to the attached device while the detection unit detects the power supply glitch of the information processing device. Then, while the detection unit detects the power supply glitch of the attached device, the transmission of the encrypted data from the attached device to the information processing device is stopped. Therefore, even if the power glitch is repeated due to the fault attack, it is possible to reliably prevent the wrong encrypted data to be analyzed for the fault attack from being extracted by the attacker.

  An information processing system according to a seventeenth aspect of the present invention is the information processing system according to the sixteenth aspect, in which the information processing apparatus executes a first authentication process for authenticating the validity of the auxiliary device. The authentication device further includes a second authentication processing unit that executes an authentication process for authenticating the validity of the information processing device, and the control unit includes the detection unit. After detecting a power supply glitch of the information processing device, the first authentication processing unit executes authentication processing, and after the detection unit detects a power supply glitch of the accessory device, the second authentication processing unit The authentication process is executed.

  According to the information processing system in the seventeenth aspect, the control unit causes the first authentication processing unit to execute authentication processing after the detection unit detects a power supply glitch of the information processing device. Therefore, in order to resume transmission of encrypted data from the information processing device to the attached device in order to extract erroneous encrypted data, the attacker needs to break through the authentication processing by the first authentication processing unit. It becomes possible to further make fault attacks by attackers more difficult. Further, the control unit causes the second authentication processing unit to execute an authentication process after the detection unit detects a power supply glitch of the attached device. Therefore, in order to resume transmission of encrypted data from the attached device to the information processing device in order to extract erroneous encrypted data, the attacker needs to break through the authentication processing by the second authentication processing unit. It becomes possible to further make fault attacks by attackers more difficult.

  An information processing system according to an eighteenth aspect of the present invention is the information processing system according to the seventeenth aspect, in particular after the control unit has stopped transmitting encrypted data from the information processing apparatus to the auxiliary device. When the detection unit does not detect a power supply glitch of the information processing device and the authentication processing by the first authentication processing unit is successful, transmission of encrypted data from the information processing device to the attached device And the detection unit does not detect a power supply glitch of the auxiliary device, and authentication by the second authentication processing unit is stopped after the transmission of encrypted data from the auxiliary device to the information processing device is stopped. When the processing is successful, transmission of encrypted data from the attached device to the information processing device is resumed.

  According to the information processing system in the eighteenth aspect, the control unit performs the information processing when the detection unit does not detect the power supply glitch of the information processing apparatus and the authentication processing by the first authentication processing unit is successful. Resume transmission of encrypted data from the device to the attached device. Therefore, after the fault attack ends, the normal operation of the information processing system is resumed on the condition that the authentication processing by the first authentication processing unit is successful, so that the availability of the system can be improved. In addition, when a power supply glitch of the information processing apparatus is detected due to sudden noise such as static electricity, the normal operation of the information processing system resumes on the condition that the authentication processing by the first authentication processing unit is successful. Therefore, the availability of the system can be improved. The control unit transmits encrypted data from the attached device to the information processing device when the detection unit does not detect the power supply glitch of the attached device and the authentication processing by the second authentication processing unit is successful. Resume. Therefore, after the fault attack ends, the normal operation of the information processing system is resumed on the condition that the authentication processing by the second authentication processing unit is successful, so that the availability of the system can be improved. In addition, when a power supply glitch of the attached device is detected due to sudden noise such as static electricity, the normal operation of the information processing system is resumed on the condition that the authentication processing by the second authentication processing unit is successful. Therefore, the availability of the system can be improved.

  An information processing system according to a nineteenth aspect of the present invention is the information processing system according to any one of the first to eighteenth aspects, and in particular, the first encryption / decryption processing unit and the control unit are the same. It is formed on a die.

  According to the information processing system in the nineteenth aspect, the first encryption / decryption processing unit and the control unit are formed on the same die. Therefore, compared with the case where the first encryption / decryption processing unit and the control unit are formed on different dies, the number of parts and the manufacturing cost can be reduced. In addition, since it is not necessary to perform secure communication between the first encryption / decryption processing unit and the control unit, the system can be simplified.

  In the information processing system according to the twentieth aspect of the present invention, in the information processing system according to any one of the first to eighteenth aspects, the first encryption / decryption processing unit and the control unit are different from each other. It is characterized by being formed.

  According to the information processing system in the twentieth aspect, the first encryption / decryption processing unit and the control unit are formed on different dies. Therefore, since the attacker needs to set not only the first encryption / decryption processing unit but also the control unit as an analysis target, the analysis by the attacker can be made more difficult.

  An information processing apparatus according to a twenty-first aspect of the present invention is an information processing apparatus including a processing circuit having a first encryption / decryption processing unit, and the information processing apparatus includes a second encryption / decryption processing unit. An auxiliary device is connected, and the information processing device includes a power supply unit that supplies power to the processing circuit, a current measurement unit that measures a current flowing from the power supply unit to the processing circuit, and a current generated by the current measurement unit. A detection unit for detecting a power supply glitch of the information processing device based on the measurement result of the information processing, and when the detection unit detects a power supply glitch of the information processing device, encryption from the information processing device to the accessory device And a control unit that stops data transmission.

  According to the information processing device in the twenty-first aspect, the current measurement unit measures the current flowing from the power supply unit to the processing circuit, and the detection unit Detect power glitches. As a result, the power supply glitch of the information processing apparatus can be detected easily and reliably. Further, the control unit executes a fault attack countermeasure process when the detection unit detects a power supply glitch of the information processing apparatus. Therefore, when the detection unit does not detect the power supply glitch of the information processing apparatus, the fault attack countermeasure process is not executed. Therefore, the increase in the processing latency of the information processing system and the system performance due to the countermeasure process being executed all the time. Can be avoided. Furthermore, when a power supply glitch of the information processing device is detected, the control unit stops transmission of encrypted data from the information processing device to the attached device. Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  An information processing device according to a twenty-second aspect of the present invention is an information processing device including a first encryption / decryption processing unit, and an accessory device including a second encryption / decryption processing unit is connected to the information processing device. The information processing apparatus includes a power supply unit that supplies power to the accessory device, a current measurement unit that measures a current flowing from the power supply unit to the accessory device, and a current measurement result obtained by the current measurement unit. And detecting a power supply glitch of the attached device, and stopping transmission of encrypted data from the attached device to the information processing device when the detecting unit detects a power supply glitch of the attached device. And a control unit.

  According to the information processing device according to the twenty-second aspect, the current measurement unit measures the current flowing from the power supply unit to the accessory device, and the detection unit powers the accessory device based on the current measurement result by the current measurement unit. Detect glitches. Thereby, it is possible to easily and reliably detect the power supply glitch of the attached device. Further, the control unit executes a fault attack countermeasure process when the detection unit detects a power supply glitch of the attached device. Therefore, when the detection unit does not detect the power supply glitch of the attached device, the fault attack countermeasure process is not executed. Therefore, the processing latency of the information processing system due to the countermeasure process being constantly executed and the system performance are increased. A decrease can be avoided. Further, when a power supply glitch of the attached device is detected, the control unit stops transmission of encrypted data from the attached device to the information processing device. Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  An information processing apparatus according to a twenty-third aspect of the present invention is an information processing apparatus including a processing circuit having a first encryption / decryption processing unit, and the information processing apparatus includes a second encryption / decryption processing unit. An auxiliary device is connected, and the information processing device includes a power supply unit that supplies power to the processing circuit and the auxiliary device, and a current measurement unit that measures a current flowing from the power supply unit to the processing circuit and the auxiliary device. And a detection unit that detects a power supply glitch of the information processing device and the accessory device based on a current measurement result by the current measurement unit, and when the detection unit detects a power supply glitch of the information processing device, When transmission of encrypted data from the information processing apparatus to the attachment apparatus is stopped, and the detection unit detects a power supply glitch of the attachment apparatus, the attachment apparatus to the information processing apparatus It is characterized in further comprising a control unit for stopping the transmission of the No. data.

  According to the information processing device in the twenty-third aspect, the current measurement unit measures the current flowing from the power supply unit to the processing circuit and the accessory device, and the detection unit performs information based on the current measurement result by the current measurement unit. A power supply glitch of the processing device and the accessory device is detected. As a result, it is possible to easily and reliably detect the power supply glitches of the information processing apparatus and the accessory apparatus. Further, the control unit executes a fault attack countermeasure process when the detection unit detects a power supply glitch of the information processing apparatus or the accessory device. Therefore, when the detection unit does not detect the power supply glitches of the information processing apparatus and the accessory device, the fault attack countermeasure process is not executed, and thus the processing latency of the information processing system is increased due to the countermeasure process being always executed. In addition, it is possible to avoid a decrease in system performance. Further, the control unit stops transmission of the encrypted data from the information processing device to the attached device when the power supply glitch of the information processing device is detected, and the attached device when the power supply glitch of the attached device is detected. The transmission of encrypted data to the information processing apparatus is stopped. Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  An information processing device control method according to a twenty-fourth aspect of the present invention is an information processing device control method including a processing circuit having a first encryption / decryption processing unit. An accessory device including an encryption / decryption processing unit is connected; (A) supplying power to the processing circuit from a power supply unit included in the information processing device; and (B) current flowing from the power supply unit to the processing circuit. (C) a step of detecting a power supply glitch of the information processing device based on a current measurement result in the step (B); and (D) a step of the information processing device by the step (C). And a step of stopping transmission of encrypted data from the information processing apparatus to the auxiliary device when a power supply glitch is detected.

  According to the control method of the information processing device according to the twenty-fourth aspect, in step (B), the current flowing from the power supply unit to the processing circuit is measured, and in step (C), the current measurement result in step (B) The power supply glitch of the information processing apparatus is detected based on the above. As a result, the power supply glitch of the information processing apparatus can be detected easily and reliably. In step (D), when a power supply glitch of the information processing apparatus is detected in step (C), a countermeasure process for a fault attack is executed. Therefore, when a power supply glitch of the information processing apparatus is not detected in step (C), the countermeasure process for the fault attack is not executed. Therefore, an increase in processing latency of the information processing system resulting from the constant execution of the countermeasure process and It is possible to avoid a decrease in system performance. Furthermore, when a power supply glitch of the information processing apparatus is detected in step (C), transmission of encrypted data from the information processing apparatus to the attached apparatus is stopped in step (D). Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  An information processing device control method according to a twenty-fifth aspect of the present invention is an information processing device control method including a processing circuit having a first encryption / decryption processing unit. An accessory device including an encryption / decryption processing unit is connected; (A) supplying power from the power supply unit included in the information processing device to the accessory device; and (B) current flowing from the power supply unit to the accessory device. (C) detecting a power supply glitch of the accessory device based on the current measurement result of the step (B); and (D) a power supply glitch of the accessory device according to the step (C). And the step of stopping transmission of encrypted data from the attached device to the information processing device when it is detected.

  According to the control method of the information processing device according to the twenty-fifth aspect, in step (B), the current flowing from the power supply unit to the accessory device is measured, and in step (C), the current measurement result in step (B) A power supply glitch of the attached device is detected based on the above. Thereby, it is possible to easily and reliably detect the power supply glitch of the attached device. Further, in step (D), when a power supply glitch of the attached device is detected in step (C), countermeasure processing for a fault attack is executed. Therefore, when the power supply glitch of the attached device is not detected in step (C), the countermeasure processing for the fault attack is not executed. Therefore, the increase in processing latency of the information processing system and the system caused by the countermeasure processing being executed all the time. Performance degradation can be avoided. Furthermore, when a power supply glitch of the attached device is detected in step (C), transmission of encrypted data from the attached device to the information processing device is stopped in step (D). Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  An information processing device control method according to a twenty-sixth aspect of the present invention is an information processing device control method including a processing circuit having a first encryption / decryption processing unit. An accessory device including an encryption / decryption processing unit is connected; (A) supplying power to the processing circuit and the accessory device from a power supply unit included in the information processing device; and (B) the process from the power supply unit. (C) a step of measuring a current flowing through the circuit and the auxiliary device, and (C) detecting a power supply glitch of the information processing device and the auxiliary device based on a measurement result of the current in the step (B). ) When a power supply glitch of the information processing apparatus is detected in the step (C), the transmission of the encrypted data from the information processing apparatus to the attached device is stopped, and the step When the power supply glitches of the accessory device is detected by the C), it is characterized in further comprising the steps of: stopping the transmission of encrypted data from the accessory device to the information processing apparatus.

  According to the control method of the information processing device according to the twenty-sixth aspect, in step (B), the current flowing from the power supply unit to the processing circuit and the accessory device is measured, and in step (C), the current from step (B) is measured. The power supply glitches of the information processing apparatus and the accessory apparatus are detected based on the measurement result. As a result, it is possible to easily and reliably detect the power supply glitches of the information processing apparatus and the accessory apparatus. In step (D), when a power supply glitch of the information processing apparatus or the attached apparatus is detected in step (C), a countermeasure process for a fault attack is executed. Therefore, when a power supply glitch of the information processing apparatus and the attached apparatus is not detected in step (C), the fault attack countermeasure process is not executed. Therefore, the processing latency of the information processing system due to the constant countermeasure process being executed. Increase and decrease in system performance can be avoided. Further, when a power supply glitch of the information processing device is detected in step (C), transmission of encrypted data from the information processing device to the auxiliary device is stopped in step (D), and in step (C), the auxiliary device is stopped. Is detected, the transmission of the encrypted data from the attached device to the information processing device is stopped in step (D). Therefore, it is possible to effectively prevent an attacker from extracting erroneous encrypted data that is an analysis target of a fault attack.

  According to the present invention, it is possible to easily implement an effective countermeasure against a fault attack.

It is a figure which shows the structure of a memory system. It is a figure which simplifies and shows the structure of a host apparatus. It is a figure which shows a part of function implement | achieved by CPU. It is a figure which simplifies and shows the structure of a memory device. It is a figure which shows the read-out process of the content data from a memory device. It is a figure which shows a process when a power supply glitch is detected in a command transmission period. It is a figure which shows a process when a power supply glitch is detected in a content data transmission period. It is a figure which simplifies and shows the structure of the host apparatus which concerns on a modification. It is a figure which simplifies and shows the structure of a host apparatus. It is a figure which shows the function which an authentication process part has. It is a figure which shows the function which a determination part has. It is a figure which simplifies and shows the structure of a memory device. It is a flowchart which shows the authentication process of the memory device by a host apparatus. It is a figure which shows an example of a measured current value pattern and a reference current value pattern.

  Hereinafter, embodiments of the present invention will be described in detail with reference to the drawings. In addition, the element which attached | subjected the same code | symbol in different drawing shall show the same or corresponding element.

<Embodiment 1>
FIG. 1 is a diagram showing a configuration of a memory system 1 according to Embodiment 1 of the present invention. As shown in FIG. 1, the memory system 1 includes a host device 2 and a memory device 3 that is detachably connected to the host device 2. The host device 2 is an information processing device such as a personal computer, for example, and the memory device 3 is an attached device that operates upon receiving power supply from the host device 2, such as a memory card of flash memory. As another example, the information processing apparatus is a main body of a printer or a multifunction peripheral, and the attached apparatus is a toner cartridge. Alternatively, the information processing device is a main body of the game machine, and the attached device is a memory card in which a game program is stored.

  FIG. 2 is a diagram showing a simplified configuration of the host device 2. As shown in FIG. 2, the host device 2 includes a SoC (System on a Chip) 11, a power supply unit 12, a current value measurement circuit 13, and a memory interface 14. The SoC 11 includes a CPU 22, an encryption / decryption device 23, a threshold storage memory 24, an actual measurement storage memory 25, an ADC (Analog to Digital Converter) 26, a command buffer 27, and a data buffer 28, which are connected to each other via a bus 21. It is configured with. The power supply unit 12 supplies a power supply voltage VCC for operating the SoC 11 and the memory device 3 to the SoC 11 and the memory device 3 via the resistance element R. The current value measurement circuit 13 measures the current value of the current flowing from the power supply unit 12 to the SoC 11 and the memory device 3 by measuring the voltage across the resistance element R. Note that, instead of the above-described configuration in which the encryption / decryption device 23 is installed as hardware, the CPU 22 may be configured to execute encryption processing and decryption processing as software processing. Further, the current value measuring circuit 13 may be mounted in the SoC 11.

  FIG. 3 is a diagram illustrating a part of the functions realized by the CPU 22. As illustrated in FIG. 3, the CPU 22 functions as a detection unit 31, a control unit 32, and an authentication processing unit 33. The detection unit 31, the control unit 32, and the authentication processing unit 33 may be configured as a dedicated hardware circuit that is separate from the CPU 22.

  FIG. 4 is a diagram showing a simplified configuration of the memory device 3. As shown in FIG. 4, the memory device 3 includes a host interface 41, an encryption / decryption device 42, a memory controller 43, a memory core interface 44, and a memory core 45. The memory controller 43 has an authentication processing unit 51. The memory core 45 stores arbitrary content data such as images and sounds. Further, threshold data 100 described later is stored in a specific address area of the memory core 45.

  FIG. 5 is a diagram showing content data read processing from the memory device 3 included in the normal operation of the memory system 1. First, in the command preparation period P1, the CPU 22 generates and issues a read command for reading desired content data from the memory device 3.

  Next, in the command transmission period P2, the encryption / decryption device 23 generates an encrypted read command by encrypting the read command issued by the CPU 22, and sets the encrypted read command in the command buffer 27. The encrypted read command is transmitted from the command buffer 27 to the memory device 3 via the memory interface 14. The host interface 41 inputs the encrypted read command received from the host device 2 to the encryption / decryption device 42. The encryption / decryption device 42 inputs the read command to the memory controller 43 by decrypting the input encrypted read command. The memory controller 43 decodes the input read command.

  Next, in the data read period P3, the memory controller 43 inputs the read address of the content data to the memory core interface 44. The read address is input from the memory core interface 44 to the memory core 45, whereby desired content data is read from the memory core 45. The read content data is input to the memory controller 43 via the memory core interface 44.

  Next, in the content data transmission period P4, the memory controller 43 inputs the content data to the encryption / decryption device 42. The encryption / decryption device 42 generates encrypted content data by encrypting the input content data, and inputs the encrypted content data to the host interface 41. The host interface 41 transmits the input encrypted content data to the host device 2. The memory interface 14 inputs the encrypted content data received from the memory device 3 to the encryption / decryption device 23 via the data buffer 28. The encryption / decryption device 23 decrypts the input encrypted content data.

  Next, in the data processing period P5, the encryption / decryption device 23 inputs the decrypted content data to the CPU 22, and the CPU 22 processes the input content data.

  Here, the attack targets by the fault attack are the encryption / decryption device 23 of the host device 2 and the encryption / decryption device 42 of the memory device 3. Specifically, an erroneous encryption command is generated by adding a power supply glitch to the power supply voltage VCC in the command transmission period P2, or an incorrect encryption is performed by adding a power supply glitch to the power supply voltage VCC in the data transmission period P4. The purpose of the fault attack is to generate content data and to extract and analyze the erroneous encryption command or the encrypted content data generated in this way.

  In addition, if both the host device 2 and the memory device 3 are genuine products, the type of semiconductor device to be mounted and the manufacturing process of each device are strictly managed. Therefore, the SoC 11 and the memory device 3 in the command transmission period P2. The power consumption characteristics of the SoC 11 and the memory device 3 in the content data transmission period P4 are also substantially constant.

  Therefore, in the memory system 1 according to the present embodiment, as shown in FIG. 5, the threshold L1 is set to a value slightly smaller than the minimum value of the current flowing from the power supply unit 12 to the SoC 11 and the memory device 3 in the command transmission period P2. The threshold value H1 is set as a value slightly larger than the maximum value of the current flowing from the power supply unit 12 to the SoC 11 and the memory device 3 in the command transmission period P2. Further, the threshold value L2 is set as a value slightly smaller than the minimum value of the current flowing from the power supply unit 12 to the SoC 11 and the memory device 3 in the content data transmission period P4, and from the power supply unit 12 to the SoC 11 and the memory in the content data transmission period P4. The threshold value H2 is set as a value slightly larger than the maximum value of the current flowing through the device 3. These threshold values L1, H1, L2, and H2 are set before factory shipment, and are stored in a specific address area of the memory core 45 as encrypted threshold data 100 (see FIG. 4).

  When the memory device 3 is connected to the host device 2 and power supply is started, the CPU 22 issues a read command for reading the threshold data 100 from the memory device 3 and sets the read command in the command buffer 27. . The read command is transmitted from the command buffer 27 to the memory device 3 via the memory interface 14. The host interface 41 inputs the read command received from the host device 2 to the memory controller 43. The memory controller 43 inputs the read address of the threshold data 100 to the memory core interface 44 by decoding the input read command. The read address is input from the memory core interface 44 to the memory core 45, whereby the threshold data 100 is read from the memory core 45. The read threshold data 100 is transmitted to the host device 2 via the memory core interface 44 and the host interface 41 in an encrypted state. The memory interface 14 stores the threshold data 100 received from the memory device 3 in the data buffer 28. The CPU 22 transfers the threshold data 100 stored in the data buffer 28 to the encryption / decryption device 23, and the encryption / decryption device 23 decrypts the encrypted threshold data 100. The CPU 22 transfers the decrypted threshold data 100 to the threshold storage memory 24. Through the above processing, the threshold data 100 read from the memory device 3 is stored in the threshold storage memory 24.

  Referring to FIG. 3, control unit 32 drives ADC 26 before starting the process of reading content data from memory device 3.

  The actually measured current value measured by the current value measuring circuit 13 in the command transmission period P2 is converted from an analog value to a digital value by the ADC 26 and then stored in the actually measured value storage memory 25. The detection unit 31 sequentially compares the actually measured current value in the command transmission period P <b> 2 and the threshold values L <b> 1 and H <b> 1 stored in the threshold storage memory 24. When the measured current value is less than the threshold value L1 or exceeds the threshold value H1, it is detected that a power supply glitch that targets the encryption / decryptor 23 of the host device 2 has been added. Is not less than the threshold value L1 and not more than the threshold value H1, it is detected that the power supply glitch is not added.

  Similarly, the actually measured current value measured by the current value measuring circuit 13 in the content data transmission period P4 is converted from an analog value to a digital value by the ADC 26 and then stored in the actually measured value storage memory 25. The detection unit 31 sequentially compares the measured current value in the content data transmission period P4 with the threshold values L2 and H2 stored in the threshold storage memory 24. When the measured current value is less than the threshold value L2 or exceeds the threshold value H2, it is detected that a power supply glitch that targets the encryption / decryptor 42 of the memory device 3 has been added. Is not less than the threshold value L2 and not more than the threshold value H2, it is detected that the power supply glitch is not added.

  FIG. 6 is a diagram illustrating processing when a power supply glitch is detected in the command transmission period P2. Since a power supply glitch (Low glitch in this example) is added to the power supply voltage VCC at time T1 within the command transmission period P2, the measured current value at time T1 is less than the threshold value L1. Thereby, the detection unit 31 detects a power supply glitch of the host device 2 at time T1.

  When the detection unit 31 detects a power supply glitch of the host device 2, the control unit 32 stops the output operation of the encryption command from at least one of the encryption / decryption device 23, the command buffer 27, and the memory interface 14. The transmission of the encryption command from the host device 2 to the memory device 3 is immediately stopped. For example, when stopping the output operation of the encryption command from the encryption / decryption device 23, by forcibly stopping the input of the operation clock to the encryption / decryption device 23, or to the encryption / decryption device 23 By forcibly stopping the drive power supply, the command encryption processing itself by the encryption / decryption device 23 may be stopped. Thereafter, the control unit 32 causes the authentication processing units 33 and 51 to perform mutual authentication between the host device 2 and the memory device 3. The authentication processing unit 33 of the host device 2 authenticates the validity of the memory device 3, and the authentication processing unit 51 of the memory device 3 authenticates the validity of the host device 2. As the authentication process, a challenge-and-response authentication process using modern cryptography such as AES can be used.

  When the result of authentication of the memory device 3 by the authentication processing unit 33 is failure (FAIL), the control unit 32 continues to stop transmission of the encrypted command from the host device 2 to the memory device 3. On the other hand, if the result of authentication of the memory device 3 by the authentication processing unit 33 is successful (PASS), the control unit 32 resumes normal operation of the memory system 1 and the command of the command by the CPU 22 regarding the command whose transmission has been stopped. Redo the issue process. Even after the normal operation is resumed, the detection unit 31 sequentially compares the measured current value in the command transmission period P2 with the threshold values L1 and H1 stored in the threshold value storage memory 24. When the detection unit 31 detects the power supply glitch of the host device 2 again, the control unit 32 immediately stops the transmission of the encryption command from the host device 2 to the memory device 3 as described above, and then the authentication processing unit 33. , 51 execute mutual authentication. As a result, as long as the fault attack targeting the host device 2 is continued and the detection unit 31 continues to detect the power supply glitch of the host device 2, the transmission stop state of the encrypted command from the host device 2 to the memory device 3 is maintained. Will continue. When the normal operation of the memory system 1 is resumed due to the successful authentication of the memory device 3 by the authentication processing unit 33 and the detection unit 31 does not detect the power supply glitch of the host device 2 thereafter, the memory from the host device 2 The transmission of the encryption command to the device 3 will be resumed appropriately.

  FIG. 7 is a diagram showing processing when a power supply glitch is detected in the content data transmission period P4. Since a power supply glitch (High glitch in this example) is added to the power supply voltage VCC at time T2 in the content data transmission period P4, the measured current value at time T2 exceeds the threshold value H2. Thereby, the detection unit 31 detects a power supply glitch of the memory device 3 at time T2.

  When the detection unit 31 detects a power supply glitch of the memory device 3, the control unit 32 stops the output operation of the encrypted content data from at least one of the encryption / decryption device 42 and the host interface 41. The transmission of the encrypted content data to the host device 2 is immediately stopped. For example, when the output operation of the encrypted content data from the encryption / decryption device 42 is stopped, the input of the operation clock to the encryption / decryption device 42 is forcibly stopped or to the encryption / decryption device 42. By forcibly stopping the drive power supply, the content data encryption processing itself by the encryption / decryption device 42 may be stopped. Thereafter, the control unit 32 causes the authentication processing units 33 and 51 to perform mutual authentication between the host device 2 and the memory device 3.

  When the result of authentication of the host device 2 by the authentication processing unit 51 is failure (FAIL), the control unit 32 continues to stop transmission of encrypted content data from the memory device 3 to the host device 2. On the other hand, if the result of authentication of the host device 2 by the authentication processing unit 51 is success (PASS), the control unit 32 resumes normal operation of the memory system 1 and the command by the CPU 22 regarding the content data whose transmission has been stopped. Start over from the issue process. Even after the normal operation is resumed, the detection unit 31 sequentially compares the actually measured current value in the content data transmission period P4 with the thresholds L2 and H2 stored in the threshold storage memory 24. When the detection unit 31 detects the power supply glitch of the memory device 3 again, the control unit 32 immediately stops the transmission of the encrypted content data from the memory device 3 to the host device 2 as described above, and then the authentication processing unit. 33 and 51 execute mutual authentication. Thus, as long as the fault attack targeting the memory device 3 is continued and the detection unit 31 continues to detect the power supply glitch of the memory device 3, the transmission of the encrypted content data from the memory device 3 to the host device 2 is stopped. Will continue. The normal operation of the memory system 1 is resumed due to the successful authentication of the host device 2 by the authentication processing unit 51, and when the detection unit 31 does not detect the power supply glitch of the memory device 3 thereafter, the memory device 3 The transmission of the encrypted content data to the device 2 is appropriately resumed.

  According to the memory system 1 (information processing system) according to the present embodiment, the current value measurement circuit 13 (current measurement unit) flows from the power supply unit 12 to the SoC 11 (processing circuit) and the memory device 3 (attachment device). The current is measured, and the detection unit 31 detects a power supply glitch of the host device 2 (information processing device) and the memory device 3 based on the current measurement result by the current value measurement circuit 13. Thereby, it is possible to easily and reliably detect the power supply glitches of the host device 2 and the memory device 3. Further, the control unit 32 executes a fault attack countermeasure process when the detection unit 31 detects a power supply glitch of the host device 2 or the memory device 3. Accordingly, when the detection unit 31 does not detect the power supply glitches of the host device 2 and the memory device 3, the fault attack countermeasure process is not executed. Therefore, the processing latency of the memory system 1 due to the countermeasure process being always executed. Increase and decrease in system performance can be avoided. Further, when the power supply glitch of the host device 2 is detected, the control unit 32 stops the transmission of the encryption command (encrypted data) from the host device 2 to the memory device 3, and the power supply glitch of the memory device 3 is detected. If detected, transmission of encrypted content data (encrypted data) from the memory device 3 to the host device 2 is stopped. Therefore, it is possible to effectively prevent the attacker from extracting the wrong encryption command and the wrong encrypted content data to be analyzed by the fault attack.

  In addition, according to the memory system 1 according to the present embodiment, the control unit 32 determines the encryption command from the host device 2 to the memory device 3 while the detection unit 31 detects the power supply glitch of the host device 2. While the transmission stop state is continued and the detection unit 31 detects the power supply glitch of the memory device 3, the transmission stop state of the encrypted content data from the memory device 3 to the host device 2 is continued. Therefore, even if the power glitch is repeated due to a fault attack, it is possible to reliably prevent the attacker from extracting the wrong encryption command and the wrong encrypted content data that are subject to the analysis of the fault attack. It becomes possible to do.

  Further, according to the memory system 1 according to the present embodiment, the control unit 32 performs an authentication process on the authentication processing unit 33 (first authentication processing unit) after the detection unit 31 detects a power supply glitch of the host device 2. Is executed. Therefore, in order to resume transmission of the encryption command from the host device 2 to the memory device 3 in order to extract an incorrect encryption command, the attacker needs to break the authentication processing by the authentication processing unit 33. It becomes possible to make a fault attack by a person more difficult. The control unit 32 also causes the authentication processing unit 51 (second authentication processing unit) to perform authentication processing after the detection unit 31 detects a power supply glitch of the memory device 3. Therefore, in order to resume transmission of encrypted content data from the memory device 3 to the host device 2 in order to extract erroneous encrypted content data, the attacker needs to break through the authentication processing by the authentication processing unit 51. It becomes possible to make the fault attack by the attacker more difficult.

  Further, according to the memory system 1 according to the present embodiment, the control unit 32, when the detection unit 31 does not detect the power supply glitch of the host device 2 and the authentication processing by the authentication processing unit 33 is successful, The transmission of the encryption command from the host device 2 to the memory device 3 is resumed. Therefore, after the fault attack ends, the normal operation of the memory system 1 is resumed on the condition that the authentication processing by the authentication processing unit 33 is successful, so that the availability of the system can be improved. When a power supply glitch of the host device 2 is detected due to sudden noise such as static electricity, the normal operation of the memory system 1 is resumed on the condition that the authentication processing by the authentication processing unit 33 is successful. Therefore, the availability of the system can be improved. The control unit 32 also encrypts content data from the memory device 3 to the host device 2 when the detection unit 31 does not detect the power supply glitch of the memory device 3 and the authentication processing by the authentication processing unit 51 is successful. Resume sending. Therefore, after the fault attack ends, the normal operation of the memory system 1 is resumed on the condition that the authentication processing by the authentication processing unit 51 is successful, so that the availability of the system can be improved. When a power supply glitch of the memory device 3 is detected due to sudden noise such as static electricity, the normal operation of the memory system 1 is resumed on the condition that the authentication processing by the authentication processing unit 51 is successful. Therefore, the availability of the system can be improved.

  FIG. 8 is a diagram showing a simplified configuration of the host device 2 according to a modification of the present embodiment. As shown in FIG. 8, the host device 2 includes a SoC 11, a SoC control unit 90, a power supply unit 12, a current value measurement circuit 13, and a memory interface 14. The SoC control unit 90 and the SoC 11 are formed on different dies (IC chips). The SoC 11 includes a CPU 22, an encryption / decryption device 23, a command buffer 27, and a data buffer 28 that are connected to each other via a bus 21. The SoC control unit 90 includes an ADC 26, a detection unit 31, a control unit 32, an authentication processing unit 33, a threshold value storage memory 24, and an actual measurement value storage memory 25 that are connected to each other via a bus 91. . The current value measurement circuit 13 may be mounted in the SoC control unit 90.

  When the detection unit 31 detects a power supply glitch of the host device 2, the control unit 32 stops the output operation of the encryption command from at least one of the encryption / decryption device 23, the command buffer 27, and the memory interface 14. Alternatively, the transmission of the encryption command from the host device 2 to the memory device 3 is immediately stopped by stopping the operation of the entire SoC 11. For example, the operation of the entire SoC 11 can be stopped by forcibly stopping the supply of drive power to the SoC 11.

  According to this modification, the SoC 11 and the SoC control unit 90 are formed on different dies. Accordingly, since the attacker needs to set not only the SoC 11 but also the SoC control unit 90 as an analysis target, the analysis by the attacker can be made more difficult.

  On the other hand, according to the configuration shown in FIG. 2, the CPU 22 (detection unit 31, control unit 32, and authentication processing unit 33) and the encryption / decryption device 23 are formed on the same die (SoC 11). Therefore, the number of parts and the manufacturing cost can be reduced as compared with the configuration in which both are formed on different dies (FIG. 8). In addition, since it is not necessary to perform secure communication between the SoC 11 and the SoC control unit 90, the system can be simplified.

<Embodiment 2>
Hereinafter, the memory system 1 according to the second embodiment of the present invention will be described focusing on differences from the first embodiment.

  FIG. 9 is a diagram showing a simplified configuration of the host device 2. As shown in FIG. 9, the host device 2 includes an SoC 11, power supply units 12 </ b> A and 12 </ b> B, current value measurement circuits 13 </ b> A and 13 </ b> B, and a memory interface 14. The SoC 11 includes a CPU 22, an encryption / decryption device 23, a threshold value storage memory 24, an actual measurement value storage memory 25, ADCs 26 A and 26 B, a command buffer 27, a data buffer 28, and an expected value storage memory 61, which are mutually connected via the bus 21. , And an actual measurement value storage memory 62. The power supply unit 12A supplies the power supply voltage VCC for operating the SoC 11 to the SoC 11 via the resistance element RA. The current value measurement circuit 13A measures the current value of the current flowing from the power supply unit 12A to the SoC 11 by measuring the voltage across the resistor element RA. The power supply unit 12B supplies the power supply voltage VCC for operating the memory device 3 to the memory device 3 via the resistance element RB. The current value measuring circuit 13B measures the current value of the current flowing from the power supply unit 12B to the memory device 3 by measuring the voltage across the resistor element RB. The current value measuring circuits 13A and 13B may be mounted in the SoC 11.

  In the memory system 1 according to the present embodiment, the threshold value L1 is set as a value slightly smaller than the minimum value of the current flowing from the power supply unit 12A to the SoC 11 in the command transmission period P2, and the power supply unit 12A in the command transmission period P2. Threshold value H1 is set as a value slightly larger than the maximum value of the current flowing from SoC to SoC11. In the present embodiment, it is not necessary to consider the power consumption of the memory device 3 when setting the threshold values L1 and H1, so that the threshold values L1 and H1 are set to the minimum value and the maximum value as compared with the first embodiment. As a result, the detection accuracy of the power supply glitch with respect to the host device 2 is improved. Further, the threshold value L2 is set as a value slightly smaller than the minimum value of the current flowing from the power supply unit 12B to the memory device 3 in the content data transmission period P4, and flows from the power supply unit 12B to the memory device 3 in the content data transmission period P4. The threshold value H2 is set as a value slightly larger than the maximum value of the current. In the present embodiment, it is not necessary to consider the power consumption of the host device 2 when setting the threshold values L2 and H2, so that the threshold values L2 and H2 are set to the minimum value and the maximum value as compared with the first embodiment. As a result, the detection accuracy of the power supply glitch for the memory device 3 is improved.

  Referring to FIG. 3, control unit 32 drives ADCs 26 </ b> A and 26 </ b> B before starting the process of reading content data from memory device 3.

  The actually measured current value measured by the current value measuring circuit 13A in the command transmission period P2 is converted from an analog value to a digital value by the ADC 26A, and then stored in the actually measured value storage memory 25. The detection unit 31 sequentially compares the actually measured current value in the command transmission period P <b> 2 and the threshold values L <b> 1 and H <b> 1 stored in the threshold storage memory 24. When the measured current value is less than the threshold value L1 or exceeds the threshold value H1, it is detected that a power supply glitch that targets the encryption / decryptor 23 of the host device 2 has been added. Is not less than the threshold value L1 and not more than the threshold value H1, it is detected that the power supply glitch is not added.

  Similarly, the measured current value measured by the current value measuring circuit 13B in the content data transmission period P4 is converted from an analog value to a digital value by the ADC 26B, and then stored in the measured value storage memory 25. The detection unit 31 sequentially compares the measured current value in the content data transmission period P4 with the threshold values L2 and H2 stored in the threshold storage memory 24. When the measured current value is less than the threshold value L2 or exceeds the threshold value H2, it is detected that a power supply glitch that targets the encryption / decryptor 42 of the memory device 3 has been added. Is not less than the threshold value L2 and not more than the threshold value H2, it is detected that the power supply glitch is not added.

  Processing after the detection unit 31 detects a power supply glitch of the host device 2 or the memory device 3 is the same as that in the first embodiment. However, in the present embodiment, when the authentication processing unit 33 authenticates the validity of the memory device 3, instead of the authentication process using the modern encryption or in addition to the authentication process using the modern encryption, The authentication methods described can be used.

  FIG. 10 is a diagram illustrating functions of the authentication processing unit 33. As illustrated in FIG. 10, the authentication processing unit 33 functions as a control unit 71 and a determination unit 72.

  FIG. 11 is a diagram illustrating functions of the determination unit 72. As illustrated in FIG. 11, the determination unit 72 functions as an expected value acquisition unit 81, an actual measurement value acquisition unit 82, a pattern creation unit 83, and a pattern comparison unit 84.

  FIG. 12 is a diagram showing a simplified configuration of the memory device 3. Expected value data 200 is stored in a specific address area of the memory core 45.

  Since the structure and manufacturing process of the semiconductor device are different between the regular product and the non-genuine product of the memory device 3, the current consumption characteristics are significantly different. In the host device 2 according to the present embodiment, the control unit 71 causes the memory device 3 to execute a predetermined power consumption operation for authenticating the memory device 3 in addition to the normal operation. In addition, the determination unit 72 uses the measured current value measured by the current value measurement circuit 13B during the period when the memory device 3 is executing the power consumption operation, and the case where the genuine memory device 3 executes the power consumption operation. Based on the known reference current value that is the current value, it is determined whether the memory device 3 is a genuine product or a non-genuine product. Specifically, it is as follows.

  The control unit 71 of the host device 2 causes the memory controller 43 of the memory device 3 to execute a predetermined power consumption operation for authenticating the memory device 3. Specifically, by causing a specific logic circuit of a plurality of logic circuits included in the memory controller 43 to execute a predetermined specific operation, power consumption associated with the specific operation is generated. As the specific logic circuit to be subjected to the power consumption operation, it is desirable that the current consumption value associated with the specific operation is relatively large and the change mode is characteristic.

  If the memory device 3 is a genuine product, the type of semiconductor device to be mounted and the manufacturing process of each device are strictly managed. Therefore, the current consumption characteristic when the specific logic circuit executes the specific operation by the power consumption operation Is almost constant. Therefore, information indicating the current consumption characteristics associated with the power consumption operation is created before shipment from the factory, and is stored in a specific address area of the memory core 45 as encrypted expected value data 200 (see FIG. 12). . In the example of the present embodiment, a transition pattern (reference current value pattern) of a consumption current value obtained by sampling a consumption current value associated with execution of a power consumption operation at a predetermined sampling frequency is stored as expected value data 200. It is stored in the core 45.

  FIG. 13 is a flowchart showing authentication processing of the memory device 3 by the host device 2. First, in step SP101, the control unit 71 issues a read command for reading the expected value data 200 from the memory device 3, and sets the read command in the command buffer 27. The read command is transmitted from the command buffer 27 to the memory device 3 via the memory interface 14. The host interface 41 inputs the read command received from the host device 2 to the memory controller 43. The memory controller 43 inputs the read address of the expected value data 200 to the memory core interface 44 by decoding the input read command. The read address is input from the memory core interface 44 to the memory core 45, whereby the expected value data 200 is read from the memory core 45. In the example of the present embodiment, a reference current value pattern related to a regular product and data indicating a predetermined allowable error value are read from the memory core 45 as expected value data 200. As the allowable error value, an optimum value is set in advance within a range of plus / minus several percent to plus / minus 10 several percent in accordance with the distribution form of the current value in the reference current value pattern. The read expected value data 200 is transmitted to the host device 2 via the memory core interface 44 and the host interface 41 in an encrypted state. The memory interface 14 stores the expected value data 200 received from the memory device 3 in the data buffer 28. The control unit 71 transfers the expected value data 200 stored in the data buffer 28 to the encryption / decryption device 23, and the encryption / decryption device 23 decrypts the encrypted expected value data 200. The control unit 71 transfers the decrypted expected value data 200 to the expected value storage memory 61. Through the above processing, the reference current value pattern and the data indicating the allowable error value are stored in the expected value storage memory 61. Thereafter, the control unit 71 drives the ADC 26B.

  Next, in step SP102, the control unit 71 issues a control command for executing the power consumption operation, and sets the control command in the command buffer 27. The control command is a command for causing a specific logic circuit among a plurality of logic circuits included in the memory controller 43 to execute a predetermined specific operation. Further, the period during which the specific operation is to be executed is also specified by the control command. For example, the “standby period” is specified as the execution period of the specific operation. The control command is transmitted from the command buffer 27 to the memory device 3 via the memory interface 14. The host interface 41 inputs the control command received from the host device 2 to the memory controller 43. The memory controller 43 decodes the input control command, and inputs a control command for executing a specific operation specified by the control command to the specific logic circuit specified by the control command. When the specific logic circuit recognizes that the memory device 3 has shifted to the standby period by the negation of the chip select signal, the specific logic circuit starts executing the specific operation instructed by the control command. The specific operation (that is, power consumption operation) is executed as a background operation in the standby period of the memory device 3.

  Next, in step SP103, the actual measurement value acquisition unit 82 acquires the actual measurement current value. Specifically, it is as follows. When the memory device 3 starts the power consumption operation, a current accompanying the current flows from the power supply unit 12B of the host device 2 to the memory device 3 via the resistance element RB. The current value measuring circuit 13B measures the current value of the current flowing from the power supply unit 12B to the memory device 3 by sampling the voltage across the resistor element RB at a predetermined sampling frequency (for example, 1 MHz to several MHz). The actually measured current value is converted from an analog value to a digital value by the ADC 26B. The control unit 71 stores the measured current value converted into the digital value in the measured value storage memory 62. The actual measurement value acquisition unit 82 acquires the actual measurement current value stored in the actual measurement value storage memory 62 from the actual measurement value storage memory 62.

  Next, in step SP104, the pattern creation unit 83 creates a measured current value pattern by arranging the measured current values acquired by the measured value acquisition unit 82 in chronological order.

  Next, in step SP105, the expected value acquisition unit 81 acquires a reference current value pattern and data indicating an allowable error value from the expected value storage memory 61.

  Next, in step SP106, the pattern comparison unit 84 compares the measured current value pattern created by the pattern creation unit 83 with the reference current value pattern obtained by the expected value acquisition unit 81.

  FIG. 14 is a diagram illustrating an example of an actually measured current value pattern and a reference current value pattern. When the sampling frequency of the current value measurement circuit 13B is 1 MHz to several MHz and the length of the measurement target period is several milliseconds to several tens of milliseconds, the actually measured current value pattern and the reference current value pattern are actually Each is composed of hundreds of thousands to millions of current values. However, FIG. 14 shows an example in which the actual measurement current value pattern and the reference current value pattern are configured by seven actual measurement current values X01 to X07 and reference current values Y01 to Y07, respectively, for simplification of description. The pattern comparison unit 84 compares each difference between the corresponding measured current values X01 to X07 and the reference current values Y01 to Y07 with the allowable error value acquired by the expected value acquisition unit 81.

  Next, in step SP107, the pattern comparison unit 84 determines whether or not all the differences between the measured current values X01 to X07 and the reference current values Y01 to Y07 are equal to or less than the allowable error value. When all of these differences are equal to or smaller than the allowable error value (that is, when they completely match), the pattern comparison unit 84 determines that the memory device 3 connected to the host device 2 is a genuine product. In the example shown in FIG. 14, the measured current values X01 to X07 and the reference current values Y01 to Y07 completely match, so that the memory device 3 is determined to be a genuine product.

  On the other hand, when at least one difference exceeds the allowable error value (that is, when it does not completely match), the pattern comparison unit 84 determines that the memory device 3 connected to the host device 2 is an irregular product.

  According to the memory system 1 according to the present embodiment, the current value measurement circuit 13A (first current measurement unit) measures and detects the current flowing from the power supply unit 12A (first power supply unit) to the SoC 11. The unit 31 detects a power supply glitch of the host device 2 based on the current measurement result by the current value measurement circuit 13A. As a result, the power supply glitch of the host device 2 can be detected easily and reliably. In addition, the control unit 32 executes a fault attack countermeasure process when the detection unit 31 detects a power supply glitch of the host device 2. Therefore, when the detection unit 31 does not detect the power supply glitch of the host device 2, the countermeasure processing for the fault attack is not executed. Therefore, the increase in processing latency of the memory system 1 and the system caused by the execution of the countermeasure processing are always performed. Performance degradation can be avoided. Furthermore, when a power supply glitch of the host device 2 is detected, the control unit 32 stops transmitting encrypted data from the host device 2 to the memory device 3. Therefore, it is possible to effectively prevent an attacker from extracting an erroneous encrypted command that is an analysis target of a fault attack.

  In addition, according to the memory system 1 according to the present embodiment, the control unit 32 determines the encryption command from the host device 2 to the memory device 3 while the detection unit 31 detects the power supply glitch of the host device 2. Continue the transmission stop state. Therefore, even if the power glitch is repeated due to a fault attack, it is possible to reliably prevent an attacker from extracting an erroneous encrypted command that is an analysis target of the fault attack.

  Further, according to the memory system 1 according to the present embodiment, the control unit 32 causes the authentication processing unit 33 to execute authentication processing after the detection unit 31 detects a power supply glitch of the host device 2. Therefore, in order to resume transmission of the encryption command from the host device 2 to the memory device 3 in order to extract an incorrect encryption command, the attacker needs to break the authentication processing by the authentication processing unit 33. It becomes possible to make a fault attack by a person more difficult.

  Further, according to the memory system 1 according to the present embodiment, the authentication processing unit 33 causes the memory device 3 to execute a predetermined power consumption operation for authenticating the memory device 3 in addition to the normal operation, and The measured current value measured by the current value measuring circuit 13B during the period when the device 3 is executing the power consumption operation, and the known reference current that is the current value when the genuine memory device 3 executes the power consumption operation The validity of the memory device 3 is authenticated based on the value. Therefore, when the non-genuine memory device 3 cannot execute the power consumption operation, the measured current value does not match the reference current value, so that the authentication processing unit 33 can easily execute authentication of the memory device 3. . Even if the non-genuine memory device 3 can execute the power consumption operation, the non-genuine and non-genuine products have different power consumption characteristics due to differences in device structure and manufacturing process. The measured current value of the product does not match the reference current value of the regular product. Therefore, authentication of the memory device 3 can be easily executed by the authentication processing unit 33. In addition, the power consumption operation for authenticating the memory device 3 is not the normal operation itself of the memory device 3, but an independent operation added to the normal operation. This arbitrary power consumption operation can be executed by the memory device 3. As a result, the authentication accuracy of the memory device 3 by the authentication processing unit 33 can be improved.

  Further, according to the memory system 1 according to the present embodiment, the pattern comparison unit 84 includes the known reference current value in which the measured current value pattern created by the pattern creation unit 83 and the reference current values are arranged in time series. The authentication processing unit 33 authenticates the validity of the memory device 3 based on the comparison result by the pattern comparison unit 84. Since the non-genuine product is often a poor product, the absolute value of the current consumption of the non-genuine product is often larger than that of the regular product. According to the memory system 1 according to the present embodiment, the authentication processing unit 33 compares the measured current value pattern with the reference current value pattern instead of the current consumption change rate pattern. Even when the rate of change pattern of current consumption is approximate, the authentication of the memory device 3 can be executed with high accuracy.

  Further, according to the memory system 1 according to the present embodiment, the control unit 32, when the detection unit 31 does not detect the power supply glitch of the host device 2 and the authentication processing by the authentication processing unit 33 is successful, The transmission of the encryption command from the host device 2 to the memory device 3 is resumed. Therefore, after the fault attack ends, the normal operation of the memory system 1 is resumed on the condition that the authentication processing by the authentication processing unit 33 is successful, so that the availability of the system can be improved. When a power supply glitch of the host device 2 is detected due to sudden noise such as static electricity, the normal operation of the memory system 1 is resumed on the condition that the authentication processing by the authentication processing unit 33 is successful. Therefore, the availability of the system can be improved.

  Further, according to the memory system 1 according to the present embodiment, the current value measurement circuit 13B measures the current flowing from the power supply unit 12B to the memory device 3, and the detection unit 31 detects the current from the current value measurement circuit 13B. A power supply glitch of the memory device 3 is detected based on the measurement result. As a result, the power supply glitch of the memory device 3 can be detected easily and reliably. In addition, the control unit 32 executes a fault attack countermeasure process when the detection unit 31 detects a power supply glitch of the memory device 3. Therefore, when the detection unit 31 does not detect the power supply glitch of the memory device 3, the countermeasure process for the fault attack is not executed. Therefore, the increase in the processing latency of the memory system 1 and the system caused by the countermeasure process being always executed Performance degradation can be avoided. Furthermore, when a power supply glitch of the memory device 3 is detected, the control unit 32 stops transmission of encrypted content data from the memory device 3 to the host device 2. Therefore, it is possible to effectively prevent the wrong encrypted content data to be analyzed for the fault attack from being extracted by the attacker.

  Further, according to the memory system 1 according to the present embodiment, the control unit 32 encrypts content data from the memory device 3 to the host device 2 while the detection unit 31 detects a power supply glitch of the memory device 3. Continue to stop sending. Therefore, even when the power glitch is repeated due to the fault attack, it is possible to reliably prevent the attacker from extracting the wrong encrypted content data to be analyzed for the fault attack. .

  Further, according to the memory system 1 according to the present embodiment, the control unit 32 causes the authentication processing unit 51 to execute an authentication process after the detection unit 31 detects a power supply glitch of the memory device 3. Therefore, in order to resume transmission of encrypted content data from the memory device 3 to the host device 2 in order to extract erroneous encrypted content data, the attacker needs to break through the authentication processing by the authentication processing unit 51. It becomes possible to make the fault attack by the attacker more difficult.

  Further, according to the memory system 1 according to the present embodiment, the control unit 32, when the detection unit 31 does not detect the power supply glitch of the memory device 3 and the authentication processing by the authentication processing unit 51 is successful, The transmission of the encrypted content data from the memory device 3 to the host device 2 is resumed. Therefore, after the fault attack ends, the normal operation of the memory system 1 is resumed on the condition that the authentication processing by the authentication processing unit 51 is successful, so that the availability of the system can be improved. When a power supply glitch of the memory device 3 is detected due to sudden noise such as static electricity, the normal operation of the memory system 1 is resumed on the condition that the authentication processing by the authentication processing unit 51 is successful. Therefore, the availability of the system can be improved.

  Also in the present embodiment, the SoC 11 and the SoC control unit 90 may be formed on different dies as in the configuration shown in FIG. In this case, the ADCs 26A and 26B, the detection unit 31, the control unit 32, the authentication processing unit 33, the threshold value storage memory 24, the actual value storage memory 25, the expected value storage memory 61, and the actual value storage memory 62 are included in the SoC control unit 90. To be implemented. Further, the current value measuring circuits 13A and 13B may be mounted in the SoC control unit 90. When the detection unit 31 detects a power supply glitch of the host device 2, the control unit 32 stops the output operation of the encryption command from at least one of the encryption / decryption device 23, the command buffer 27, and the memory interface 14. Alternatively, the transmission of the encryption command from the host device 2 to the memory device 3 is immediately stopped by stopping the operation of the entire SoC 11.

1 Memory System 2 Host Device 3 Memory Device 11 SoC
12, 12A, 12B Power supply unit 13, 13A, 13B Current value measurement circuit 22 CPU
23, 42 Encryption / Decryptor 31 Detection Unit 32, 71 Control Unit 33, 51 Authentication Processing Unit 43 Memory Controller 45 Memory Core 72 Determination Unit 81 Expected Value Acquisition Unit 82 Actual Value Acquisition Unit 83 Pattern Creation Unit 84 Pattern Comparison Unit 90 SoC Control unit 100 Threshold data 200 Expected value data

Claims (26)

An information processing apparatus having a processing circuit including a first encryption / decryption processing unit;
An accessory device connected to the information processing device and having a second encryption / decryption processing unit;
With
The information processing apparatus includes:
A first power supply for supplying power to the processing circuit;
A first current measurement unit for measuring a current flowing from the first power supply unit to the processing circuit;
A detection unit for detecting a power supply glitch of the information processing device based on a current measurement result by the first current measurement unit;
A control unit that stops transmission of encrypted data from the information processing device to the attached device when the detection unit detects a power supply glitch of the information processing device;
An information processing system further comprising:   2. The control unit according to claim 1, wherein the control unit continues a transmission stop state of encrypted data from the information processing device to the attached device while the detection unit detects a power supply glitch of the information processing device. Information processing system. The information processing apparatus further includes a first authentication processing unit that executes an authentication process for authenticating the validity of the attached device,
The information processing system according to claim 2, wherein the control unit causes the first authentication processing unit to perform an authentication process after the detection unit detects a power supply glitch of the information processing apparatus. The information processing apparatus includes:
A second power supply unit for supplying power to the accessory device;
A second current measuring unit for measuring a current flowing from the second power supply unit to the accessory device;
Further comprising
The first authentication processing unit includes:
A predetermined power consumption operation for authenticating the accessory device is added to the normal operation and executed by the accessory device,
The measured current value measured by the second current measurement unit during the period in which the auxiliary device is performing the power consumption operation, and the current value when the genuine accessory device has performed the power consumption operation. The information processing system according to claim 3, wherein the validity of the attached device is authenticated based on a known reference current value. The first authentication processing unit includes:
A pattern creation unit that creates an actual measurement current value pattern by arranging a plurality of actual measurement current values measured by the second current measurement unit in chronological order;
A pattern comparison unit that compares the measured current value pattern created by the pattern creation unit with a known reference current value pattern in which the reference current values are arranged in chronological order;
Have
The information processing system according to claim 4, wherein the validity of the attached device is authenticated based on a comparison result by the pattern comparison unit.   The control unit, after stopping transmission of encrypted data from the information processing device to the attached device, the detection unit does not detect a power supply glitch of the information processing device, and the first authentication processing unit The information processing system according to any one of claims 3 to 5, wherein transmission of encrypted data from the information processing device to the attached device is resumed when the authentication processing by the authentication is successful. The detection unit further detects a power supply glitch of the accessory device based on a current measurement result by the second current measurement unit,
The information according to claim 4 or 5, wherein the control unit further stops transmission of encrypted data from the auxiliary device to the information processing device when the detecting unit detects a power supply glitch of the auxiliary device. Processing system.   8. The control unit according to claim 7, wherein the control unit further continues a transmission stop state of encrypted data from the auxiliary device to the information processing device while the detection unit detects a power supply glitch of the auxiliary device. Information processing system. The accessory device further includes a second authentication processing unit that executes an authentication process for authenticating the validity of the information processing device,
The information processing system according to claim 8, wherein the control unit causes the second authentication processing unit to execute an authentication process after the detection unit detects a power supply glitch of the attached device.   The control unit stops transmission of encrypted data from the accessory device to the information processing device, and then the detection unit does not detect a power supply glitch of the accessory device, and the second authentication processing unit The information processing system according to claim 9, wherein transmission of encrypted data from the attached device to the information processing device is resumed when authentication processing is successful. An information processing apparatus having a first encryption / decryption processing unit;
An accessory device connected to the information processing device and having a second encryption / decryption processing unit;
With
The information processing apparatus includes:
A power supply for supplying power to the accessory device;
A current measuring unit for measuring a current flowing from the power supply unit to the attached device;
Based on the current measurement result by the current measurement unit, a detection unit for detecting a power supply glitch of the attached device,
A control unit that stops transmission of encrypted data from the accessory device to the information processing device when the detection unit detects a power supply glitch of the accessory device;
An information processing system further comprising:   The information according to claim 11, wherein the control unit continues a transmission stop state of encrypted data from the attachment device to the information processing device while the detection unit detects a power supply glitch of the attachment device. Processing system. The accessory device further includes an authentication processing unit that executes an authentication process for authenticating the validity of the information processing device,
The information processing system according to claim 12, wherein the control unit causes the authentication processing unit to execute an authentication process after the detection unit detects a power supply glitch of the attached device.   After the control unit stops transmission of encrypted data from the accessory device to the information processing device, the detection unit does not detect a power supply glitch of the accessory device, and authentication processing by the authentication processing unit is not performed. The information processing system according to claim 13, wherein transmission of encrypted data from the attached device to the information processing device is resumed when successful. An information processing apparatus having a processing circuit including a first encryption / decryption processing unit;
An accessory device connected to the information processing device and having a second encryption / decryption processing unit;
With
The information processing apparatus includes:
A power supply unit for supplying power to the processing circuit and the accessory device;
A current measuring unit for measuring a current flowing from the power supply unit to the processing circuit and the attached device;
A detection unit for detecting a power supply glitch of the information processing device and the accessory device based on a current measurement result by the current measurement unit;
When the detection unit detects a power supply glitch of the information processing device, the transmission of encrypted data from the information processing device to the auxiliary device is stopped, and the detection unit detects a power supply glitch of the auxiliary device. A control unit that stops transmission of encrypted data from the accessory device to the information processing device;
An information processing system further comprising: The controller is
While the detection unit detects a power supply glitch of the information processing device, continues the transmission stop state of the encrypted data from the information processing device to the attached device,
The information processing system according to claim 15, wherein the transmission unit stops a transmission of encrypted data from the attachment device to the information processing device while the detection unit detects a power supply glitch of the attachment device. The information processing apparatus further includes a first authentication processing unit that executes an authentication process for authenticating the validity of the attached device,
The accessory device further includes a second authentication processing unit that executes an authentication process for authenticating the validity of the information processing device,
The controller is
After the detection unit detects a power supply glitch of the information processing apparatus, the first authentication processing unit is caused to execute an authentication process,
The information processing system according to claim 16, wherein after the detection unit detects a power supply glitch of the attached device, the second authentication processing unit causes an authentication process to be executed. The controller is
After the transmission of encrypted data from the information processing device to the attached device is stopped, the detection unit does not detect a power supply glitch of the information processing device, and the authentication processing by the first authentication processing unit is successful In this case, the transmission of encrypted data from the information processing device to the attached device is resumed,
After stopping transmission of encrypted data from the auxiliary device to the information processing device, the detection unit does not detect a power supply glitch of the auxiliary device, and the authentication processing by the second authentication processing unit is successful The information processing system according to claim 17, wherein transmission of encrypted data from the accessory device to the information processing device is resumed.   The information processing system according to claim 1, wherein the first encryption / decryption processing unit and the control unit are formed on the same die.   The information processing system according to any one of claims 1 to 18, wherein the first encryption / decryption processing unit and the control unit are formed in different dies. An information processing apparatus including a processing circuit having a first encryption / decryption processing unit,
The information processing apparatus is connected to an accessory device including a second encryption / decryption processing unit,
The information processing apparatus includes:
A power supply for supplying power to the processing circuit;
A current measuring unit for measuring a current flowing from the power supply unit to the processing circuit;
A detection unit for detecting a power supply glitch of the information processing device based on a current measurement result by the current measurement unit;
A control unit that stops transmission of encrypted data from the information processing device to the attached device when the detection unit detects a power supply glitch of the information processing device;
An information processing apparatus further comprising: An information processing apparatus comprising a first encryption / decryption processing unit,
The information processing apparatus is connected to an accessory device including a second encryption / decryption processing unit,
The information processing apparatus includes:
A power supply for supplying power to the accessory device;
A current measuring unit for measuring a current flowing from the power supply unit to the attached device;
Based on the current measurement result by the current measurement unit, a detection unit for detecting a power supply glitch of the attached device,
A control unit that stops transmission of encrypted data from the accessory device to the information processing device when the detection unit detects a power supply glitch of the accessory device;
An information processing apparatus further comprising: An information processing apparatus including a processing circuit having a first encryption / decryption processing unit,
The information processing apparatus is connected to an accessory device including a second encryption / decryption processing unit,
The information processing apparatus includes:
A power supply unit for supplying power to the processing circuit and the accessory device;
A current measuring unit for measuring a current flowing from the power supply unit to the processing circuit and the attached device;
A detection unit for detecting a power supply glitch of the information processing device and the accessory device based on a current measurement result by the current measurement unit;
When the detection unit detects a power supply glitch of the information processing device, the transmission of encrypted data from the information processing device to the auxiliary device is stopped, and the detection unit detects a power supply glitch of the auxiliary device. A control unit that stops transmission of encrypted data from the accessory device to the information processing device;
An information processing apparatus further comprising: A method for controlling an information processing apparatus including a processing circuit having a first encryption / decryption processing unit,
The information processing apparatus is connected to an accessory device including a second encryption / decryption processing unit,
(A) supplying power to the processing circuit from a power supply unit included in the information processing apparatus;
(B) measuring a current flowing from the power supply unit to the processing circuit;
(C) detecting a power supply glitch of the information processing device based on the current measurement result in the step (B);
(D) stopping transmission of encrypted data from the information processing device to the attached device when a power supply glitch of the information processing device is detected in the step (C);
A method for controlling the information processing apparatus. A method for controlling an information processing apparatus including a processing circuit having a first encryption / decryption processing unit,
The information processing apparatus is connected to an accessory device including a second encryption / decryption processing unit,
(A) supplying power to the accessory device from a power supply unit included in the information processing device;
(B) measuring a current flowing from the power supply unit to the accessory device;
(C) detecting a power supply glitch of the attached device based on the current measurement result in the step (B);
(D) stopping transmission of encrypted data from the accessory device to the information processing device when a power supply glitch of the accessory device is detected in the step (C);
A method for controlling the information processing apparatus. A method for controlling an information processing apparatus including a processing circuit having a first encryption / decryption processing unit,
The information processing apparatus is connected to an accessory device including a second encryption / decryption processing unit,
(A) supplying power to the processing circuit and the accessory device from a power supply unit included in the information processing device;
(B) measuring a current flowing from the power supply unit to the processing circuit and the attached device;
(C) detecting a power supply glitch of the information processing device and the accessory device based on the current measurement result in the step (B);
(D) When a power supply glitch of the information processing apparatus is detected in the step (C), transmission of encrypted data from the information processing apparatus to the attachment apparatus is stopped, and the attachment is performed in the step (C). Stopping transmission of encrypted data from the attached device to the information processing device when a power supply glitch of the device is detected;
A method for controlling the information processing apparatus.

Images