JP4395302B2 - Semiconductor memory card and control method thereof - Google Patents

Semiconductor memory card and control method thereof Download PDF

Info

Publication number
JP4395302B2
JP4395302B2 JP2002346019A JP2002346019A JP4395302B2 JP 4395302 B2 JP4395302 B2 JP 4395302B2 JP 2002346019 A JP2002346019 A JP 2002346019A JP 2002346019 A JP2002346019 A JP 2002346019A JP 4395302 B2 JP4395302 B2 JP 4395302B2
Authority
JP
Japan
Prior art keywords
area
authentication
authentication area
memory card
non
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
JP2002346019A
Other languages
Japanese (ja)
Other versions
JP2003233795A5 (en
JP2003233795A (en
Inventor
賢尚 南
雅之 小塚
照人 廣田
泰平 湯川
誠 館林
Original Assignee
パナソニック株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to JP11944199 priority Critical
Priority to JP11-119441 priority
Application filed by パナソニック株式会社 filed Critical パナソニック株式会社
Priority to JP2002346019A priority patent/JP4395302B2/en
Publication of JP2003233795A publication Critical patent/JP2003233795A/en
Publication of JP2003233795A5 publication Critical patent/JP2003233795A5/ja
Application granted granted Critical
Publication of JP4395302B2 publication Critical patent/JP4395302B2/en
Application status is Active legal-status Critical
Anticipated expiration legal-status Critical

Links

Images

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to a semiconductor memory card and a reading device for storing a digital work and the like, and more particularly, to a semiconductor memory card and a reading device suitable for protecting the copyright of a digital work.
[0002]
[Prior art]
In recent years, with the development of multimedia network technology, digital works such as music content have been distributed through communication networks such as the Internet, and it has become possible to contact music around the world while staying at home. I came. For example, after downloading music content with a personal computer (hereinafter referred to as “PC”) and storing it in a semiconductor memory card attached to the PC, music can be played and enjoyed as needed. Further, by taking out the semiconductor memory card storing the music content from the PC and mounting it on the portable music player, it is possible to listen to music while walking. Such a semiconductor memory card is a small, lightweight and convenient card that incorporates a non-volatile and large-capacity semiconductor memory such as a flash memory.
[0003]
By the way, in such electronic music distribution, when storing a digital work on a semiconductor memory card, it is necessary to encrypt the content using a key or the like in order to prevent unauthorized copying. Further, depending on the file management software that is widely attached as a standard attachment to PCs or the like, it is necessary to prevent copying to other storage media.
[0004]
As a method for preventing such unauthorized copying, a method for enabling access to the semiconductor memory card only with dedicated software is conceivable. For example, the access to the semiconductor memory card is permitted only when the authentication between the PC and the semiconductor memory card is successful, and when the authentication cannot be successful because there is no dedicated software, the access to the semiconductor memory card is made. A method is considered in which access to the user is prohibited.
[0005]
[Problems to be solved by the invention]
However, since dedicated software is always required for a PC to access a semiconductor memory card, data can be freely exchanged with an unspecified user who does not have such dedicated software through the semiconductor memory card. It becomes impossible to meet each other. For this purpose, the convenience of conventional semiconductor memory cards such as Flash ATA and Compact Flash (registered trademark), that is, access using the file management software that comes standard with the PC without the need for dedicated software The convenience of being able to do it will not be obtained.
[0006]
In other words, a semiconductor memory card that can be accessed only with dedicated software is suitable as a storage medium for digital works in that it has a copyright protection function, but it is difficult to use for general purposes. There is a problem that it cannot be used as an auxiliary storage device in a computer system.
Accordingly, the present invention has been made in view of such problems, and can be used as a storage medium for digital works, and general computer data (non-copyright protection) that does not require copyright protection. It is an object of the present invention to provide a semiconductor memory card that can also be used as a storage medium of a copyrighted work and a reading device thereof.
[0007]
[Means for Solving the Problems]
In order to achieve the above object, a semiconductor memory card according to the present invention is a semiconductor memory card that can be attached to and detached from an electronic device, and includes a rewritable nonvolatile memory and two predetermined storage areas in the nonvolatile memory. To control access by the electronic device to the authentication area and the non-authentication area A control circuit, The control circuit includes a non-authentication area access control unit that controls access by the electronic device to the non-authentication area, an authentication unit that attempts to authenticate the electronic apparatus in order to verify the validity of the electronic device, An authentication area access control section that permits access by the electronic device to the authentication area only when the authentication section has succeeded in authentication, and the authentication area and the non-authentication area are constant in the nonvolatile memory Allocated to each area obtained by dividing the continuous storage area of size into two, The semiconductor memory card further comprises means for holding information about boundary addresses that divide the storage area of the certain size into two, and an area size changing circuit for changing the area size of each of the authentication area and the non-authentication area, The area size changing circuit includes: The area size of each of the authentication area and the non-authentication area is changed by changing the information about the boundary address after deleting all the contents of the storage area, and the authentication area access control unit and the non-authentication area access control unit are Control access to the authentication area or the non-authentication area with reference to information on the boundary address It is characterized by that.
[0008]
DETAILED DESCRIPTION OF THE INVENTION
Hereinafter, embodiments of the present invention will be described with reference to the drawings.
FIG. 1 is a diagram showing the external appearance of a PC that downloads digital works such as music contents via a communication network and a semiconductor memory card (hereinafter simply referred to as “memory card”) that can be attached to and detached from the PC.
[0009]
The PC 102 includes a display 103, a keyboard 104, a speaker 106, and the like, and is connected to the communication line 101 by a built-in modem. A memory card writer 107 is inserted into a card slot (memory card writer insertion slot 105) of PCMCIA or the like that the PC 102 has. The memory card writer 107 is an adapter that electrically connects the PC 102 and the memory card 109, and the memory card 109 is inserted into the memory card insertion slot 108.
[0010]
By using such a system, the user can acquire music data provided by a content provider on the Internet through the following procedure.
First, the user downloads desired music content to the hard disk inside the PC 102 through the communication line 101. The music data is encrypted and cannot be reproduced on the PC 102 as it is.
[0011]
In order to play back, it is necessary to pay the content provider of the download source using a credit card or the like. Once you have paid, you can get the password and rights information from the content provider. The password is key data necessary for releasing the encrypted music data. The right information is information indicating the reproduction conditions permitted by the user, such as the number of times that playback is possible on the PC, the number of times that data can be written to the memory card, and the playback time limit indicating the playback period.
[0012]
When the user who has acquired the password and rights information reproduces and outputs music from the speaker 106 of the PC 102, the user uses a dedicated application program with a copyright protection function (hereinafter, this program is simply referred to as “application”). Then, the obtained password is input from the keyboard 104. Then, after confirming the right information, the application reproduces and outputs the encrypted music data as a sound through the speaker 106 while decrypting it using the password.
[0013]
When writing to the memory card is permitted as the right information, the application can write the encrypted music data, password, and right information to the memory card 109.
FIG. 2 is a diagram showing an appearance of a portable recording / reproducing apparatus (hereinafter referred to as “player”) 201 using the memory card 109 as a recording medium.
[0014]
A liquid crystal display unit 203 and operation buttons 202 are provided on the upper surface of the player 201, and a communication port such as a USB for connecting to the memory card insertion slot 206 for attaching and detaching the memory card 109 and the PC 102 on the front side surface. 213 is provided, and an analog output terminal 204, a digital output terminal 205, an analog input terminal 223, and the like are provided on the right side surface.
[0015]
Based on the music data, password, and right information stored in the memory card 109, the player 201 reads and decodes the music data and converts it to an analog signal. The sound is output through the headphones 208 connected to the output terminal 204, or the music data being reproduced is output to the digital output terminal 205 as digital data.
[0016]
The player 201 also converts an analog audio signal input from the analog input terminal 223 via a microphone or the like into digital data and records it in the memory card 109 or with the PC 102 connected via the communication port 213. By communicating, the music data, password, and right information downloaded by the PC 102 can be recorded in the memory card 109. That is, the player 201 has a function of replacing the PC 102 and the memory card writer 107 shown in FIG. 1 with respect to recording of music data on the memory card 109 and reproduction of music data recorded on the memory card 109.
[0017]
FIG. 3 is a block diagram illustrating a hardware configuration of the PC 102.
The PC 102 is a communication port including a CPU 110, a ROM 111, a RAM 112, a display 103, a modem port for connecting to the communication line 101, a USB for connecting to the player 201, and the like that store the device key 111 a and the control program 111 b in advance. 113, the keyboard 104, the internal bus 114, the memory card writer 107 that connects the memory card 109 and the internal bus 214, the descrambler 1117 that decrypts the encrypted music data read from the memory card 109, and the decrypted music data AAC decoder 118 compliant with MPEG2-AAC (ISO13818-7) to be expanded, D / A converter 119 for converting expanded digital music data into an analog audio signal, speaker 106, file management software, Composed of the hard disk 120 or the like that contains the publication.
[0018]
The PC 102 not only can use the memory card 109 as an auxiliary storage device having an independent file system (such as ISO9293) like the hard disk by executing the file management software stored in the hard disk 120, but also the hard disk 120. By executing the above-described dedicated application stored in the communication port 113, the music content or the like is downloaded from the communication line 101 via the modem or the like of the communication port 113, or after mutual authentication with the memory card 109 is performed. The data is stored in the memory card 109 or the music content stored in the memory card 109 is read and reproduced and output to the speaker 106.
[0019]
The device key 111a stored in the ROM 111 is a secret key unique to the PC 102, and is used for mutual authentication and the like as will be described later.
FIG. 4 is a block diagram showing a hardware configuration of the player 201. As shown in FIG.
A player 201 includes a CPU 210, a ROM 211, a RAM 212, a liquid crystal display unit 203, a PC 102, etc., which store a device key 211a and a control program 211b in advance, a communication port 213 such as a USB for connecting to the PC 102, an operation button 202, and an internal bus 214. A card I / F unit 215 that connects the memory card 109 and the internal bus 214, an authentication circuit 216 that performs mutual authentication with the memory card 109, and a descrambler that decrypts the encrypted music data read from the memory card 109 217, AAC decoder 218 compliant with MPEG2-AAC (ISO13818-7) for decompressing the decoded music data, D / A converter 219 for converting the decompressed digital music data into an analog audio signal, speaker 224, analog input terminal 223 Entered from A / D converter 221 that converts the analog music signal into digital music data, AAC encoder 220 that compresses and encodes the digital music data in conformity with MPEG2-AAC (ISO13818-7), and compression-encoded music data Is composed of an analog output terminal 204, a digital output terminal 205, and an analog input terminal 223.
[0020]
The player 201 loads the control program 211b stored in the ROM 211 into the RAM 212 and causes the CPU 210 to execute it, so that the music content stored in the memory card 109 is read and reproduced and output to the speaker 224, or an analog input terminal 223 and the music content input via the communication port 213 are stored in the memory card 109. In other words, as with a normal player, music can be recorded and played personally and enjoyed as well as music related to electronic music distribution downloaded by the PC 102 (copyright protection is required). Content can be recorded and played back.
[0021]
FIG. 5 is a diagram illustrating an appearance and a hardware configuration of the memory card 109.
The memory card 109 has a rewritable nonvolatile memory that can be written over and over again, has a storage capacity of 64 MB, and operates by receiving a 3.3 V power supply and a clock signal from the outside. . The memory card 109 has a rectangular parallelepiped shape with a thickness of 2.1 mm, a length of 32 mm, and a width of 24 mm. Connected.
[0022]
The memory card 109 includes three IC chips (control IC 302, flash memory 303, ROM 304).
The flash memory 303 is a batch erasable rewritable nonvolatile memory, and a logical storage area is an authentication area that allows access only to a device that can be authenticated as a legitimate device. It has an area 332 and a non-authentication area 331 that is a storage area that permits access without requiring such authentication. Here, the authentication area 332 is used for storing important data related to copyright protection, and the non-authentication area 331 is used as an auxiliary storage device in a general computer system. Note that these two storage areas are divided with a certain address on the flash memory 303 as a boundary.
[0023]
The ROM 304 has a read-only storage area called a special area, and holds information such as a media ID 341 that is identification information unique to the memory card 109 and a manufacturer name 342 of the memory card 109 in advance. The media ID 341 is unique identification data that can be identified by distinguishing itself from other semiconductor memory cards. Here, the media ID 341 is used for mutual authentication between devices, and unauthorized access to the authentication area 332 is performed. Used to prevent.
[0024]
The control IC 302 is a control circuit composed of active elements (such as logic gates), and includes an authentication unit 321, a command determination control unit 322, a master key storage unit 323, a special area access control unit 324, an authentication area access control unit 325, and non-authentication. An area access control unit 326 and an encryption / decryption circuit 327 are included.
The authentication unit 321 is a circuit that performs challenge / response type mutual authentication with a counterpart device that is trying to access the memory card 109, and includes a random number generator, an encryptor, and the like. The validity of the counterpart device is authenticated by detecting whether or not the counterpart device has. Challenge-response type mutual authentication is generated by sending challenge data to the partner device in order to verify the legitimacy of the partner device, and processing that proves its legitimacy at the partner device. Both devices mutually perform an authentication step of receiving the received response data from the partner device and judging whether the partner device can be authenticated by comparing the challenge data and the response data. is there.
[0025]
The command determination control unit 322 is a controller including a decoding circuit and a control circuit that determines and executes the type of command (instruction to the memory card 109) input via the command pin. In response, various components 321 to 327 are controlled.
The commands include not only commands for reading, writing, and erasing data in the flash memory 303, but also commands for controlling the flash memory 303 (such as commands related to address space and unerased data).
[0026]
For example, regarding data reading and writing, commands “SecureRead address count” and “SecureWrite address count” for accessing the authentication area 332 and commands “Read address count” and “Write address count” for accessing the non-authentication area 331 are used. And the like are defined. Here, “address” is the number of the first sector in a series of sectors to be read / written, and “count” indicates the total number of sectors to be read / written. The sector is a unit for reading / writing data from / to the memory card 109, and is 512 bytes here.
[0027]
The master key storage unit 323 stores in advance a master key 323 a that is used by the counterpart device during mutual authentication or that is used to protect data in the flash memory 303.
The special area access control unit 324 is a circuit that reads the media ID 341 and the like stored in the special area (ROM 304).
[0028]
The authentication area access control unit 325 and the non-authentication area access control unit 326 are circuits for writing and reading data to and from the authentication area 332 and the non-authentication area 331 of the flash memory 303, respectively, via four data pins. Then, data is transmitted to and received from external devices (PC 102, player 201, etc.).
Note that these access control units 325 and 326 have a buffer memory for one block inside, and logically input / output in units of sectors (access on a command with an external device). When rewriting the contents of 303, input / output is performed in units of blocks (32 sectors, 16 Kbytes). Specifically, when rewriting one sector data, the corresponding block is read from the flash memory 303 to the buffer memory, the block is erased at once, and the sector in the buffer memory is rewritten, The block is written back from the buffer memory to the flash memory 303.
[0029]
The encryption / decryption circuit 327 performs encryption and decryption using the master key 323a stored in the master key storage unit 323 under the control of the authentication region access control unit 325 and the non-authentication region access control unit 326. The circuit encrypts and writes the data when the data is written to the flash memory 303, and decrypts the data when the data is read from the flash memory 303. This is to prevent an unauthorized user from disassembling the memory card 109 and directly analyzing the contents of the flash memory 303 to steal a password stored in the authentication area 332.
[0030]
In addition to these main components 321-327, the control IC 302 generates an internal clock signal synchronized with the clock signal supplied from the clock pin and supplies it to each component, and a volatile storage area. And a non-volatile storage area.
Further, in order to prevent falsification of information stored in the special area (ROM 304), the ROM 304 is built in the control IC 302, or the information is stored in the flash memory 303 so that it cannot be written from the outside. The special area access control unit 324 may be restricted. At that time, the data encrypted by the encryption / decryption circuit 327 may be stored.
[0031]
FIG. 6 is a diagram showing the types of storage areas of the memory card 109 as viewed from the PC 102 and the player 201. The storage area of the memory card 109 is roughly divided into three areas: a special area 304, an authentication area 332, and a non-authentication area 331.
The special area 304 is a read-only area, and data in this area is read using a dedicated command. The authentication area 332 is an area that can be read and written only when the authentication is successful between the PC 102 or the player 201 and the memory card 109, and an encrypted command is used to access this area. The non-authentication area 331 is an area that can be accessed by a public command such as ATA or SCSI, that is, an area that can be read and written without authentication. Therefore, data can be read from and written to the non-authentication area 331 with the file management software on the PC 102 as in the case of the flash ATA and the compact flash (registered trademark).
[0032]
The following information is stored in the three storage areas, thereby providing a function as an auxiliary storage device of a general PC and a function of copyright protection for music data related to electronic music distribution. .
That is, the non-authentication area 331 stores encrypted content 426 obtained by encrypting music data that is subject to copyright protection, user data 427 that is general data unrelated to copyright protection, and the like. . The authentication area 332 stores an encryption key 425 that is a secret key for decrypting the encrypted content 426 stored in the non-authentication area 331. The special area 304 stores a media ID 341 that is information necessary for accessing the authentication area 332.
[0033]
First, the PC 102 and the player 201 read the media ID 341 stored in the special area 304 of the attached memory card 109 and use it to extract the encryption key 425 and the right information stored in the authentication area 332. If the reproduction is permitted by the encryption key 425 and the right information, the encrypted content 426 in the non-authentication area 331 can be read and reproduced while being decrypted by the encryption key 425.
[0034]
It is assumed that only music data that is illegally obtained by a certain user is written in the non-authentication area 331 of the memory card 109 by the PC 102 or the like, and such a memory card 109 is attached to the player 201 to be played back. However, although music data is stored in the non-authentication area 331 of the memory card 109, the player 201 reproduces the music data because there is no encryption key 425 or right information corresponding to the authentication area 332. Can not do it. As a result, even if only the music content is copied to the memory card 109 without a proper encryption key or right information, the music content is not reproduced, so that illegal copying of the digital work is prevented.
[0035]
7A and 7B are diagrams showing restrictions and command forms when the PC 102 and the player 201 access each area of the memory card 109. FIG. 7A shows rules for accessing each area, and FIG. The rules for changing the size of the area are shown, and (c) is a conceptual diagram showing the area of the memory card 109.
The special area 304 is a read-only area and can be accessed with a dedicated command without authentication. The media ID 341 stored in the special area 304 is used for generation and decryption of an encryption command for accessing the authentication area 332. That is, the PC 102 and the player 201 read this media ID 341, encrypts a command for accessing the authentication area 332 using this, and sends it to the memory card 109. On the other hand, the memory card 109 that has received the encryption command uses the media ID 341 to decrypt, interpret, and execute the encryption command.
[0036]
The authentication area 332 is an area that can be accessed only when authentication is successful between the memory card 109 and a device that accesses the memory card 109 such as the PC 102 or the player 201, and has a size of (YYYY + 1). It corresponds to a sector. That is, the authentication area 332 is logically composed of the 0th to YYYY sectors, and physically is composed of the sectors having the XXXth to (XXXX + YYYY) sector addresses of the flash memory 303. The sector address is a series of numbers uniquely assigned to all the sectors constituting the flash memory 303.
[0037]
The non-authentication area 331 can be accessed by a standard command such as ATA or SCSI without authentication, and its size corresponds to XXXX sectors. That is, this non-authentication area 331 is composed of sectors 0 to (XXXX-1) both logically and physically.
The flash memory 303 has a replacement block area 501 composed of a collection of replacement blocks for replacing a defective block (a block having a defective storage area that cannot be normally read / written) generated in the authentication area 332 and the non-authentication area 331. May be pre-assigned.
[0038]
In addition, the special area 304 can be accessed without authentication. However, in order to prevent analysis from an unauthorized user, the special area 304 may be accessed only after authentication is performed, or a command for accessing the special area 304 may be encrypted. Also good.
Next, a method for changing the area sizes of the authentication area 332 and the non-authentication area 331 will be described with reference to FIGS. 7B and 7C.
[0039]
The total storage capacity of the authentication area 332 and the non-authentication area 331 provided in the flash memory 303 is a fixed value obtained by excluding the alternative block area 501 from the entire storage area of the flash memory 303, that is, (XXXX + YYYY + 1) sectors. However, the size of each can be made variable by changing the value of the boundary address XXXX.
[0040]
To change the size of the area, authentication is performed first. This is to prevent the size from being easily changed using a standard program that is widely open to PC users or software that performs unauthorized access. After the authentication, the size of the non-authentication area 331 (new sector number XXXX) is sent to the memory card 109 using a dedicated area change command.
[0041]
When the memory card 109 receives the area change command, the memory card 109 stores the value XXXX in a non-volatile work area or the like in the memory card 109, and in subsequent accesses, the value is used as a new boundary address and the authentication area 332 and Access control to the non-authentication area 331 is executed. That is, the physical 0th to XXXX sectors on the flash memory 303 are allocated to the non-authentication area 331, and the XXXX to (XXXX + YYYY) th sector are allocated to the authentication area 332. Then, based on such new memory mapping, the access control units 325 and 326 convert the logical address and the physical address, and monitor the occurrence of an access violation exceeding the area. The logical address is an address in the data space (on the command) when the memory card 109 is viewed from an external device, and the physical address is an address in the data space of the flash memory 303 of the memory card 109. is there.
[0042]
Here, if the size of the authentication area 332 is increased by reducing the boundary address, all of the authentication area 332 stored in the authentication area 332 is maintained in order to maintain logical compatibility with that before the change. It is necessary to take measures such as moving data. For this purpose, for example, all the data is moved (copied) in the lower direction of the address by the movement amount of the boundary address, and the correspondence relationship is changed so that the new physical address corresponds to the logical address starting from the new boundary address. Good. As a result, the data space is expanded while maintaining the logical address of the data stored in the authentication area 332.
[0043]
Note that the dedicated command for changing the area may be used after being encrypted from the viewpoint of preventing unauthorized access.
FIG. 8 is a flowchart showing an operation in which the PC 102 (and the player 201) writes content such as music data in the memory card 109. Here, a case where the PC 102 writes to the memory card 109 (S601) will be described.
[0044]
(1) The PC 102 performs challenge-response type authentication with the authentication unit 321 of the memory card 109 using the device key 111a and the like. When the authentication is successful, first, the PC 102 extracts the master key 323a from the memory card 109 (S602). ).
(2) Next, the media ID 341 stored in the special area 304 of the memory card 109 is taken out using a dedicated command (S603).
[0045]
(3) Next, a random number is generated, and a password for encrypting music data is generated from the random number, the master key 323a and the media ID 341 that have just been extracted (S604). As the random number at this time, for example, encrypted challenge data (random number) transmitted to the memory card 109 in the authentication is used.
(4) The obtained password is encrypted with the master key 323a and the media ID 341, and is written in the authentication area 332 as the encryption key 425 (S605). At this time, prior to transmitting the data (encryption key 425), the command for writing in the authentication area 332 is encrypted and transmitted to the memory card 109.
[0046]
(5) Finally, music data is stored in the non-authentication area 331 as encrypted content 426 while being encrypted with a password (S606).
FIG. 9 is a flowchart showing an operation of reading content such as music data from the memory card 109 and playing it on the player 201 (and the PC 102). Here, a case where the player 201 reproduces music data in the memory card 109 (S701) will be described.
[0047]
(1) The player 201 performs challenge / response type authentication with the authentication unit 321 of the memory card 109 using the device key 211a and the like. When the authentication is successful, the player 201 first extracts the master key 323a from the memory card 109 ( S702).
(2) Next, the media ID 341 stored in the special area 304 of the memory card 109 is taken out using a dedicated command (S703).
[0048]
(3) Subsequently, the music data encryption key 425 is extracted from the authentication area 332 of the memory card 109 (S704). At this time, prior to reading the data (encryption key 425), a command for reading from the authentication area 332 is encrypted and transmitted to the memory card 109.
(4) The obtained encryption key 425 is decrypted with the master key 323a and the media ID 341, and the password is extracted (S705). The decryption at this time is the inverse transform of the encryption in step S605 shown in FIG.
[0049]
(5) Finally, the encrypted content 426 is read from the non-authentication area 331, and the music is reproduced while decrypting with the password extracted in step S705 (S706).
As described above, the music data stored in the non-authentication area 331 of the memory card 109 cannot be decrypted without the encryption key 425 in the authentication area 332. Therefore, even if only the music data is illegally copied to another memory card, the music data cannot be reproduced normally, and the copyright of the music data is safely protected.
[0050]
In addition, since only devices that have succeeded in authentication are permitted to access the authentication area of the memory card, certain conditions were met by appropriately selecting and using the device key and encryption algorithm used for authentication. Copyright protection such as permitting access to the authentication area of the memory card only for the device is possible.
In this example, when the encrypted content is recorded on the memory card 109, the password used for the encryption is encrypted with the master key and the media ID and stored in the authentication area 332 as the encryption key ( S605), encryption may be performed using either the master key or the media ID. As a result, although the strength of the encryption may be reduced, there is an advantage that the circuit scale of the memory card 109, the player 201, and the like is reduced as the encryption is simplified.
[0051]
Further, the player 201 and the PC 102 have taken out the master key 323a from the memory card 109 by authentication. However, the master key 323a may be embedded in the player 201 or the PC 102 in advance, or the master key 323a may be encrypted and encrypted. It may be stored in the special area 304 as a generalized master key.
Next, as examples of utilization of the authentication area of such a memory card, an example in which “the number of readings” is stored and an example in which “the number of digital output permission” is stored are shown.
[0052]
FIG. 10 is a flowchart showing an operation in which the player 201 (and the PC 102) operates the read count 812 stored in the authentication area of the memory card 109. Here, the player 201 is permitted to reproduce the music data stored in the non-authentication area 331 of the memory card 109 as an audio signal only within the range of the number of times of reading 812 stored in the memory card 109. (S801) will be described.
[0053]
(1) The player 201 performs challenge / response type authentication with the authentication unit 321 of the memory card 109 using the device key 211a and the like. When the authentication is successful, the player 201 first extracts the master key 323a from the memory card 109 ( S802).
(2) Next, the media ID 341 stored in the special area 304 of the memory card 109 is taken out using a dedicated command (S803).
[0054]
(3) Subsequently, the music data encryption key 425 is extracted from the authentication area 332 of the memory card 109 (S704). At this time, prior to reading the data (encryption key 425), a command for reading from the authentication area 332 is encrypted and transmitted to the memory card 109.
(4) Next, the read count 812 is extracted from the authentication area 332 of the memory card 109, and the value is inspected (S804). As a result, when the value is a value indicating that unlimited reading is permitted, music is reproduced (S806 to S808) according to the same procedure as that shown in FIG. 9 (S704 to S706).
[0055]
(5) On the other hand, when the read count 812 indicates 0, it is determined that the reproduction is no longer permitted (S805), and the reproduction process is terminated (S809). Otherwise, the read count 812 is decremented by 1, and the result is written back to the authentication area 332 (S805), and then music is played according to the above procedure (S806 to S808).
[0056]
As described above, the number of times of music reproduction by the player 201 can be controlled by storing in the authentication area 332 of the memory card 109 the number of times of reading 812 specifying the number of times of reproduction permitted in advance. Thereby, for example, it can be applied to analog reproduction by a rental CD, a KIOSK terminal or the like.
[0057]
It should be noted that the total time during which the music content can be reproduced can be limited by setting “reading time” instead of the reading count 812. Further, the number of times and time may be combined. Furthermore, the number of times of reading 812 may be subtracted only when the reproduction is continued over a certain time such as 10 seconds after the reproduction is started. The read count 812 may be encrypted and stored in order to prevent unauthorized tampering.
[0058]
FIG. 11 is a flowchart showing an operation in which the player 201 (and the PC 102) operates the digital output permission count 913 stored in the authentication area of the memory card 109. Here, the player 201 is permitted to read and digitally output the music data stored in the non-authentication area 331 of the memory card 109 only within the range of the digital output permission count 913 stored in the memory card 109. (S901) will be described.
[0059]
(1) The player 201, after authenticating with the memory card 109, retrieves the master key 323a (S902) and retrieves the media ID 341 (S903) in the same manner as in the reproduction shown in FIG. 9 (S701 to S705). ), The encryption key 425 is taken out (S904), and the password is extracted (S905).
(2) Next, the digital output permission count 913 is extracted from the authentication area 332 of the memory card 109, and the value is inspected (S906). As a result, if the value is a value indicating that unlimited digital output is permitted, the encrypted content 426 is read from the non-authentication area 331, and is decrypted with the password extracted in step S905, and is digitally converted into digital music data. Output from the output terminal 205 (S909).
[0060]
(3) On the other hand, if the digital output permission count 913 indicates 0, it is determined that the digital output is no longer permitted (S908), and only reproduction by analog output is performed (S908). That is, the encrypted content 426 is read from the non-authentication area 331, and the music is reproduced while decrypting with the password (S908).
(4) If the read digital output permission count 913 indicates a fixed limit count that is not 0, the count is subtracted by 1 and the result is written back to the authentication area 332 (S907), and then the non-authentication area 331 The encrypted content 426 is read out from the digital output terminal 205 and is output as digital music data from the digital output terminal 205 while being decrypted with the password extracted in step S905 (S909).
[0061]
In this way, by storing the digital output permission count 913 specifying the number of digital outputs permitted in advance in the authentication area 332 of the memory card 109, the number of digital outputs of music data by the player 201 is controlled. It becomes possible. As a result, for example, application to digital reproduction by a rental CD, a KIOSK terminal, or the like, that is, copying of the music data stored in the memory card for the number of times specified with the consent of the copyright holder is permitted. Operation is realized.
[0062]
As in the case of “number of readings”, the “digital output permission time” is used instead of the digital output permission number 913 to limit the total time during which music content can be output as digital data. You can also. Further, the number of times and time may be combined. Further, the digital output permission number 913 may be subtracted only when the output is continued for a certain time such as 10 seconds after the start of the output. The digital output permission count 913 may be encrypted and stored to prevent unauthorized tampering.
[0063]
Furthermore, a function of increasing the number of times digital output is permitted by the number of times designated by the copyright holder by paying the copyright holder may be added.
Next, the physical data structure (sector and ECC block structure) of the memory card 109 will be described.
The memory card 109 employs a data structure suitable for preventing fraudulent acts associated with backup and restoration of data stored in the flash memory 303, fraudulent acts associated with falsification of data, and the like. That is, in the method in which the “reading count” and “digital output permission count” as described above are stored in the authentication area 332 and counted down every time these actions are executed, there is a possibility of being attacked as follows. .
[0064]
In other words, music playback is repeated after the storage data of the entire flash memory 303 has been backed up to an external auxiliary storage device, etc., and the music playback is repeated again by restoring the backup data when the number of times becomes zero. Or by tampering with the “number of readings” itself, it may be possible to repeat music reproduction illegally. Therefore, it is necessary to take care to prevent such actions.
[0065]
FIG. 12 is a diagram showing a data structure common to the authentication area 332 and the non-authentication area 331 of the memory card 109 and a flow of read / write processing corresponding to the data structure.
Here, the counter value generated by the random number generator 1003 included in the authentication unit 321 of the control IC 302 is used as a time-variant key.
[0066]
In the flash memory 303, a 16-byte extended area 1005 is assigned to each 512-byte sector 1004. Each sector stores data encrypted with a counter value. The extension area 1005 stores 8-byte ECC data 1006 for storing the error correction code of the encrypted data stored in the corresponding sector, and a counter value used to generate the encrypted data. It consists of an 8-byte time varying area 1007.
[0067]
Note that the sector 1004 is the only area that can be logically accessed (using a command or the like released to the user), and the expansion area 1005 is physically accessible only (as controlled by a device that reads and writes memory cards). This is an important area.
By adopting such a data structure, even if only sector data is falsified using a command or the like, the contents of the time-varying region 1007 are not changed. Tampering can be prevented.
[0068]
Specifically, the PC 102 and the player 201 store and read data in the authentication area 332 and the non-authentication area 331 of the flash memory 303 according to the following procedure for each sector 1004. Here, first, the procedure when the PC 102 writes data to the memory card 109 (S1001) will be described.
(1) The PC 102 requests the memory card 109 to issue a counter value. Then, the control IC 302 in the memory card 109 generates a random number with the internal random number generator 1003 (S1005), and sends the random number to the PC 102 or the like as a counter value (S1002).
[0069]
(2) A password is generated from the acquired counter value, the already acquired master key 323a and the media ID 341 (S1003).
(3) Data for one sector to be written is sent to the memory card 109 while being encrypted with a password (S1004). At this time, information specifying the sector to be written and the counter value used for encryption are also sent.
(4) The memory card 109 writes the received encrypted data to the designated sector 1004 (S1006).
[0070]
(5) An ECC is calculated from the encrypted data and written as ECC data 1006 in the extended area 1005 corresponding to the sector (S1007).
(6) Subsequently, the counter value received together with the encrypted data is written into the time varying area 1007 (S1008).
Next, a procedure when the PC 102 reads data from the memory card 109 (S1011) will be described.
[0071]
(1) The PC 102 specifies a sector and requests the memory card 109 to read data. Then, the memory card 109 first reads only the encrypted data of the designated sector 1004 and outputs it to the PC 102 (S1016), and the PC 102 receives the encrypted data (S1012).
(2) Next, the memory card 109 reads the counter value stored in the time-varying area 1007 of the extended area 1005 corresponding to the designated sector 1004 and outputs it to the PC 102 (S1017). Is received (S1013).
[0072]
(3) A password is generated from the read counter value, the master key 323a and the media ID 341 already acquired (S1014).
(4) The encrypted data is decrypted using the password (S1015).
Here, if the data in the sector 1004 has been changed due to unauthorized tampering or the like, inconsistency with the counter value read from the time-varying area 1007 occurs, and the original data is not restored.
[0073]
In this way, the flash memory 303 is provided with a time-varying area 1007 as a hidden area that cannot be seen (accessed) by the user, and the data is encrypted and stored with a password depending on the counter value stored therein. It is possible to prevent alteration of data by an unauthorized user.
Here, the time-varying area 1007 is the extended area 1005 for storing the ECC, but it may be provided in another area in the flash memory 303 as long as it cannot be rewritten from the outside of the memory card. .
[0074]
The counter value is a random number, but may be a timer value such as a time that changes every moment or a value indicating the number of times of writing to the flash memory 303.
Next, a preferable example of the correspondence between the logical address and the physical address of the flash memory 303 will be described.
FIG. 13 is a diagram showing how the correspondence between the logical address and the physical address is changed. (A) is the correspondence before change, (b) is the correspondence after change, and (c) is (a). Corresponding conversion tables 1101 and (d) show the conversion table 1101 corresponding to (b).
[0075]
Here, the conversion table 1101 is a combination of all logical addresses (here, logical block numbers) and physical addresses corresponding to the respective logical addresses (here, physical block numbers constituting the flash memory 303). This table is stored in a non-volatile storage area or the like in the control IC 302 and is referred to when the logical address is converted into a physical address by the authentication area access control unit 325 or the non-authentication area access control unit 326.
[0076]
A device that accesses the memory card 109 does not write data to all physically existing data spaces in the memory card 109 (all physical blocks constituting the flash memory 303), but can be specified by a logical address. Data can only be written into a large data space (logical block).
One reason for this is that when a part of the flash memory 303 is damaged and reading and writing cannot be performed, an alternative area for replacing the area must be secured. Even when such a defective block is replaced with a block in the alternative area, the logical change of the file consisting of a plurality of continuous physical blocks can be realized by reflecting the change in the correspondence in the conversion table. Therefore, it is possible to make it appear that no damage has occurred to the external device.
[0077]
However, if the file or the like composed of a plurality of blocks is repeatedly stored in the memory card 109 or deleted, the fragmentation of the logical block increases. That is, as shown in FIG. 13A, the logical addresses are discontinuous even though they are logical blocks that constitute the same file file1.
[0078]
In this case, for example, when music data is to be stored in the memory card 109, it cannot be written in the logical continuous area of the memory card 109, so it is necessary to issue a write command “Write address count” for each block. Writing speed will be reduced. Similarly, in the read operation, it is necessary to issue a read command “Read address count” for each block even though the music data is one music piece, making it difficult to reproduce music data in real time. End up.
[0079]
As a method for solving this problem, the control IC 302 of the memory card 109 has a function of rewriting the conversion table 1101 based on a command from an external device. Specifically, when a dedicated command for rewriting the conversion table 1101 is input from the command pin, the command determination control unit 322 of the control IC 302 interprets the command and converts it using the parameters sent subsequently. The table 1101 is rewritten.
[0080]
The specific operation is as shown in FIG. Now, before the dedicated command is sent, in the flash memory 303, as shown in FIG. 13A, the data constituting the file file1 exists at the physical addresses 0 and 2, and the physical address 1 Assume that the data that makes up the file file2 exists. Then, it is assumed that the conversion table 1101 holds contents in which the physical address and the logical address match as shown in FIG. That is, it is assumed that the data of the file file2 is sandwiched between the data of another file file1 on the logical address as well as on the physical address.
[0081]
An external device that intends to resolve such a state sends the dedicated command and parameter indicating that the continuity of the specific file file1 is ensured to the flash memory 303. Then, the command determination control unit 322 of the memory card 109 rewrites the conversion table 1101 to the contents shown in FIG. 13D according to the dedicated command and parameters. That is, the correspondence between the logical and physical addresses of the flash memory 303 is changed as shown in FIG.
[0082]
As can be seen from the relational diagram shown in FIG. 13B, the two logical blocks constituting the file file1 are rearranged so as to be continuous although the physical block arrangement is not changed. As a result, the external device can access the file file1 faster than before until the next access.
[0083]
The change of the conversion table 1101 as described above is used not only for eliminating the fragmentation of the logical block but also for changing the sizes of the authentication area 332 and the non-authentication area 331 of the flash memory 303. At this time, it is only necessary to rewrite the conversion table 1101 so that the physical block of the area to be reduced in size is assigned as the physical block of the area to be increased in size, so that the area can be changed at high speed.
[0084]
Next, a function related to an unerased block that the memory card 109 has, specifically, an operation when an unerased list command and an erase command are received will be described. Here, the unerased block is a physical block in the flash memory 303 that has been written in the past and is physically in an unerased state. In other words, an unerased block is a physical block that needs to be erased collectively before being used (written) next time.
[0085]
The unerased list command is one of commands that can be interpreted and executed by the command determination control unit 322, and is a command for obtaining a list of numbers of all unerased blocks existing in the flash memory 303 at that time. It is.
The flash memory 303 used in the memory card 109 needs to be erased in blocks before writing, but the erasing process occupies almost half of the writing time, so it was erased in advance. Can write faster. Therefore, this memory card 109 provides an unerased list command and an erase command to an external device for the sake of convenience.
[0086]
Now, the flash memory 303 is in a use state of logical blocks and physical blocks as shown in FIG. Here, logical blocks 0-2 are in use, and physical blocks 0-2, 4 and 5 are unerased blocks.
In this state, the unerased list 1203 held in the command determination control unit 322 has the contents shown in FIG. Here, the unerased list 1203 is a storage table composed of entries corresponding to all physical blocks constituting the flash memory 303, and corresponds to the erased state of the corresponding physical block under the control of the command determination control unit 322. Value (“0” if erased, “1” if not erased) is held.
[0087]
FIG. 14C is a flowchart showing an operation when the PC 102 or the player 201 erases a block in advance using an unerased list command and an erase command in such a state. It is assumed that the flash memory 303 stores a table such as FAT (File Allocation Table) indicating the use state of the logical block, as shown in FIG.
[0088]
The external device such as the PC 102 or the player 201 issues an unerased list command to the memory card 109, for example, during an idle time when access to the memory card 109 has not occurred (S1201). The command determination control unit 322 of the memory card 109 that has received the command identifies the physical block numbers 0 to 2, 4 and 5 in which the state value 1 is registered by referring to the unerased list 1203 included therein. And return it to the external device.
[0089]
Subsequently, the external device specifies a block that is not logically used by referring to the table showing the use state of the logical block shown in FIG. 14D stored in the flash memory 303 (step S1202). ).
Then, based on the information obtained in the above two steps S1201 and S1202, erasable blocks, that is, logically unused and physically unerasable blocks (here, physical blocks 4 and 5). (Step S1203), an erase command designating the numbers of the blocks 4 and 5 is issued to the memory card 109 (step S1204). Upon receiving the command, the command determination control unit 322 of the memory card 109 erases the designated physical blocks 4 and 5 collectively by issuing an instruction to the access control units 325 and 326.
[0090]
As a result, if writing to the physical blocks 4 and 5 occurs, erasing processing on the physical block is unnecessary, and high-speed writing is possible.
Next, a function related to the protection of personal data possessed by the memory card 109, specifically, personal data when the memory card 109 requires personal data of a user who uses the external device when authenticating the external device. The protection function will be described. Here, the personal data is data for uniquely identifying the user, and is data for allowing the memory card 109 to be identified as a regular user permitted to access the authentication area 332 of the memory card 109. is there.
[0091]
In such a case, every time the user accesses the authentication area 332, the user is repeatedly requested to input personal data, or the personal data is stored in the authentication area 332. There are inconveniences such as eavesdropping or being seen by other users who have the authority to access the authentication area 332.
[0092]
In order to prevent this, as with music data, it is conceivable to store personal data after encrypting it with a password set by the individual.
However, when a password is set, the password must be entered every time the personal data is viewed, and the procedure is cumbersome and management is also required. Therefore, the memory card 109 has a function of avoiding unnecessary input of personal data.
[0093]
FIG. 15 is a diagram showing a communication sequence and main components between the player 201 and the memory card 109 for authentication. Note that the processing shown in this figure is realized mainly by the authentication circuit 216 of the player 201 and the authentication unit 321 of the memory card 109.
As shown in this figure, the authentication circuit 216 of the player 201 has a master key 1301 that is the same secret key as the master key 323a held in the memory card 109, in addition to functions such as encryption and decryption, A device unique ID 1302 that is an ID unique to the player 201 such as a production number (s / n) is stored in advance.
[0094]
The authentication unit 321 of the memory card 109 has a device unique ID group storage area 1310 and a user key storage area 1311 which are two nonvolatile storage areas in addition to functions such as encryption, decryption, and comparison. The device unique ID group storage area 1310 is a storage area for storing the device unique IDs of all devices permitted to access the authentication area 332 of the memory card 109. The user key storage area 1311 is This is a storage area for storing user keys sent from the device as personal data.
[0095]
The specific authentication procedure is as follows. In transmission and reception, all data is encrypted and transmitted, and decrypted on the receiving side. Each time the procedure proceeds, a key used for encryption and decryption in the next procedure is generated.
(1) When the memory card 109 and the player 201 are connected, first, the player 201 encrypts the device unique ID 1302 using the master key 1301 and sends it to the memory card 109.
[0096]
(2) The memory card 109 decrypts the received encrypted device unique ID 1302 with the master key 323a, and checks whether the obtained device unique ID 1302 is already stored in the device unique ID group storage area 1310.
(3) As a result, if the device unique ID 1302 is already stored, the player 201 is notified that the authentication is successful. On the other hand, if the device unique ID 1302 is not stored, the user key is given to the player 201. Request.
[0097]
(4) The player 201 prompts the user to input a user key, obtains a user key as personal data from the user, and sends the user key to the memory card 109.
(5) The memory card 109 compares the sent user key with the one stored in the user key storage area 1311 in advance, and if it matches, or the user key storage area 1311 is empty In this case, the player 201 is notified that the authentication is successful, and the device unique ID 1302 acquired in step (3) is stored in the device unique ID group storage area 1310.
[0098]
As a result, when the device owned by the user is connected to the memory card 109 for the first time, personal data (user key) is required to be input, but the device unique ID of the device is used for the second and subsequent times. Since the authentication succeeds automatically, the user is not required to input personal data again.
Next, a modified example of the authentication protocol between the memory card 109 and an external device such as the PC 102 or the player 201 will be described with reference to FIGS.
[0099]
FIG. 16 is a communication sequence diagram showing an authentication procedure between the memory card 109 and the external device (here, the player 201) according to the modification.
The processing here is mainly realized by the authentication circuit 216 of the player 201, the control program 111b of the PC 102, and the authentication unit 321 of the memory card 109 according to the modification. The master key storage unit 323 of the memory card 109 stores an encrypted master key (encrypted master key 323b), and the special area 304 encrypts the media ID 341 in addition to the media ID 341. It is assumed that the secure media ID 343 obtained by the conversion is also stored.
[0100]
First, the player 201 issues a command to the memory card 109 to extract the master key 323b of the memory card 109 and decrypt it with the device key 211a. The decryption algorithm here corresponds to the encryption algorithm used when the encryption master key 323b stored in the memory card 109 is generated. Accordingly, if the device key 211a possessed by the player 201 is a planned one (a regular one), the original master key is restored by this decryption.
[0101]
Subsequently, the player 201 issues a command to the memory card 109 to take out the media ID 341 of the memory card 109 and encrypt it with the restored master key. The encryption algorithm here is the same as the encryption algorithm used when the secure media ID 343 stored in the memory card 109 is generated. Therefore, the same secure media ID as the secure media ID 343 of the memory card 109 is obtained by the encryption here.
[0102]
Subsequently, using each of the secure media IDs, the player 201 and the memory card 109 perform mutual authentication. As a result, in any device, (OK / NG) information indicating whether or not the other device has been successfully authenticated and a secure key that is a time-varying key determined depending on the authentication result are generated. . This secure key matches only when both devices 201 and 109 succeed in authentication, and has a property of changing each time mutual authentication is repeated.
[0103]
Subsequently, when the mutual authentication is successful, the player 201 generates a command for accessing the authentication area 332 of the memory card 109. Specifically, for example, when data is read from the authentication area 332, the parameters of the command “SecureRead address count” (24-bit address “address” and 8-bit length count “count”) are set to the secure key. The encrypted command obtained by concatenating the obtained encryption parameter and the command tag (6-bit length code indicating the command type “SecureRead”) is sent to the memory card 109.
[0104]
The memory card 109 that has received the encrypted command determines the type of command from the tag. Here, it is determined that the read command “SecureRead” from the authentication area 332 is received.
As a result, when it is determined that the command is an access command to the authentication area 332, the parameter included in the command is decrypted with the secure key obtained by the mutual authentication. The decryption algorithm here corresponds to the encryption algorithm used when generating the encryption command in the player 201. Therefore, if the mutual authentication is successful, that is, one secure key used in both devices. If so, the parameters obtained by this decoding are equal to the original parameters used in the player 201.
[0105]
Then, the memory card 109 reads the encryption key 425 stored in the sector specified by the decrypted parameter from the authentication area 332, encrypts it with the secure key, and transmits it to the player 201.
The player 201 decrypts the sent data using a secure key obtained by mutual authentication. Here, the decryption algorithm corresponds to the algorithm used for encrypting the encryption key 425 in the memory card 109. Therefore, if the mutual authentication is successful, that is, one secure key used in both devices. If so, the data obtained by this decryption matches the original encryption key 425.
[0106]
Each time the memory card 109 finishes executing the access command to the authentication area 332, the memory card 109 discards (deletes) the secure key used therefor. As a result, an external device that accesses the authentication area 332 of the memory card 109 needs to perform mutual authentication in advance and pass it every time one command is sent.
FIG. 17 is a communication sequence diagram showing a detailed procedure in the mutual authentication shown in FIG. Here, the memory card 109 and the player 201 perform challenge / response mutual authentication.
[0107]
The memory card 109 generates a random number to verify the validity of the player 201 and sends it to the player 201 as challenge data. The player 201 encrypts the challenge data and returns it to the memory card 109 as response data in order to prove its legitimacy. The memory card 109 compares the response data with the encrypted challenge data obtained by encrypting the random number sent as the challenge data, and if they match, the player 201 has been successfully authenticated (OK). It recognizes and accepts an access command to the authentication area 332 sent from the player 201. On the other hand, if they do not match as a result of the comparison, it is recognized that authentication was not successful (NG), and even if an access command to the authentication area 332 is sent from the player 201 thereafter, Reject the execution.
[0108]
Similarly, the player 201 performs the same exchange as the above authentication in order to verify the validity of the memory card 109. That is, a random number is generated and sent to the memory card 109 as challenge data. The memory card 109 encrypts the challenge data and returns it to the player 201 as response data in order to prove its validity. The player 201 compares the response data with the encrypted challenge data obtained by encrypting the random number sent as the challenge data. If they match, the player 201 has successfully authenticated the memory card 109 (OK). Recognize and perform access to the authentication area 332 of the memory card 109. On the other hand, if they do not match as a result of the comparison, it is recognized that the authentication was not successful (NG), and the access to the authentication area 332 of the memory card 109 is abandoned.
[0109]
Note that the encryption algorithms in these mutual authentications are all the same as long as the memory card 109 and the player 201 are valid devices. Further, the memory card 109 and the player 201 perform an exclusive OR operation on the encrypted challenge data and the response data generated in the respective authentications and certifications, and use the obtained result as a secure key to authenticate the authentication area 332 of the memory card 109. Used for access to. By doing so, it becomes common only when both devices 109 and 201 have succeeded in mutual authentication, and it becomes possible to share a time-varying secure key, thereby providing a condition for accessing the authentication area 332. The condition is that mutual authentication is successful.
[0110]
As a secure key generation method, exclusive OR of encryption challenge data, response data, and secure media ID may be taken.
Next, a modified example of the function of changing the boundary line between the authentication area 332 and the non-authentication area 331 of the memory card 109 will be described with reference to FIGS.
FIG. 18 is a diagram illustrating a usage state of the flash memory 303 before the boundary line is changed. FIG. 18A is a memory map showing the configuration of the physical block of the flash memory 303.
[0111]
FIG. 18B shows a conversion table 1103 dedicated to the non-authentication area 331 placed in a non-volatile storage area or the like in the non-authentication area access control unit 326, and the correspondence between logical blocks and physical blocks in the non-authentication area 331 Is stored. The unauthenticated area access control unit 326 can convert a logical address into a physical address or detect an access violation exceeding the allocated area by referring to the conversion table 1103.
[0112]
FIG. 18C is a conversion table 1102 dedicated to the authentication area 332 placed in a non-volatile storage area or the like in the authentication area access control unit 325, and stores the correspondence between the logical blocks and physical blocks in the authentication area 332. ing. By referring to the conversion table 1102, the authentication area access control unit 325 can convert a logical address into a physical address or detect an access violation exceeding the allocated area.
[0113]
Before the change of the boundary line, as shown in FIG. 18A, the physical area located at a lower address than the boundary line in the storage area (physical blocks 0000 to EFFF) excluding the alternative area of the flash memory 303. Blocks 0000 to DFFF are assigned to the non-authentication area 331, and physical blocks E000 to EFFF located at the higher address are assigned to the authentication area 332.
[0114]
As can be seen from the conversion table 1102 shown in FIG. 18B, in the non-authentication area 331, the physical block and logical block numbers are associated with each other. On the other hand, as can be seen from the conversion table 1103 shown in FIG. 18C, in the authentication area 332, the physical blocks and the logical blocks are arranged in reverse order. That is, each of the logical blocks 0000 to 0FFF corresponds to the physical blocks EFFF to E000. This is because the logical blocks are used in ascending order, and the time for saving and moving the data of the physical block whose area has changed when the boundary is moved is taken into consideration.
[0115]
FIGS. 19A to 19C are diagrams showing the usage state of the flash memory 303 after the boundary line is changed, and correspond to FIGS. 18A to 18C before the change, respectively. Note that the change of the boundary line is performed by the command determination control unit 322 by the conversion table 1102 in the authentication area access control unit 325 and when a dedicated command for specifying the address is input from the command pin to the command determination control unit 322. This is realized by rewriting the conversion table 1103 in the non-authentication area 331.
[0116]
As shown in FIGS. 19A to 19C, the boundary line placed between the physical block E000 and DFFF is moved between the physical block D000 and CFFF here. That is, the size of the non-authentication area 331 is reduced by 1000 (hex) and the size of the authentication area 332 is increased by 1000 (hex).
Accordingly, as shown in FIG. 19B, the size of the conversion table 1103 in the non-authentication area 331 is reduced by 1000 (hex) entries, and as a result, corresponds to the logical blocks 0000 to CFFF. Physical blocks 0000 to CFFF are shown. On the other hand, as shown in FIG. 19C, the size of the conversion table 1102 in the authentication area 332 is increased by 1000 (hex) entries, and as a result, the physical block EFFF corresponding to the logical blocks 0000-1FFF. ~ D000 is shown.
[0117]
In this way, by dividing the non-authentication area and the authentication area by a boundary line in a certain area of the flash memory 303 and changing the size of each area by moving the boundary line, various applications of the memory card 109, for example, Thus, it is possible to deal with cases where the main use is to store digital works to be protected and vice versa.
[0118]
In both the non-authentication area and the authentication area, the logical block and the physical block are associated with each other so as to be used from the physical block with the address far from the boundary line toward the physical block with the address near the boundary line. In addition, troubles such as data evacuation and movement processing accompanying the movement of the boundary line are reduced.
Such association can be easily realized by separately providing the conversion table 1102 dedicated to the authentication area 332 and the conversion table 1103 dedicated to the non-authentication area 331.
[0119]
In the authentication area 332, the logical address and the physical address are in reverse order in units of blocks, but are not limited to such units. For example, the reverse order is in units of sectors, or the reverse order is in units of bytes. Also good.
As mentioned above, although the memory card of this invention was demonstrated using embodiment and a modification, this invention is not limited to these.
[0120]
For example, each time the PC 102 or the player 201 issues a command for accessing the authentication area 332 of the memory card 109, authentication with the memory card 109 is required according to the same procedure, but this is simplified depending on the type of command. You may make it accessible by an authentication procedure.
For example, for the write command “SecureWrite”, there is no need to take out the encryption master key 323b and the media ID 341 from the memory card 109, and only the one-way authentication (only the device authentication by the memory card 109) succeeds. 109 may be executed. As a result, the execution speed of a command that is not strongly related to copyright protection is increased.
[0121]
Further, even if the flash memory 303 included in the memory card 109 of the present invention is replaced with another storage medium, for example, a non-volatile medium such as a hard disk, an optical disk, a magneto-optical disk, etc., a portable storage capable of protecting the same copyright as the present invention. It goes without saying that the card is realized.
[0122]
【The invention's effect】
As is clear from the above description, the semiconductor memory card according to the present invention is a semiconductor memory card that can be attached to and detached from an electronic device, and includes a rewritable nonvolatile memory and two predetermined memories in the nonvolatile memory. A control circuit that controls access by the electronic device to an authentication area and a non-authentication area, and an area size change circuit that changes an area size of each of the authentication area and the non-authentication area, and the control circuit includes: An unauthenticated area access control unit that controls access to the non-authenticated area by the electronic device, an authenticating unit that attempts to authenticate the electronic device in order to verify the validity of the electronic device, and the authenticating unit that performs authentication. An authentication area access control unit that permits access by the electronic device to the authentication area only when the authentication area is successful. An area is allocated to each area obtained by dividing a continuous storage area of a certain size in the nonvolatile memory into two, and the area size changing circuit indicates a correspondence between a logical address and a physical address in the authentication area. An authentication area conversion table, a non-authentication area conversion table indicating a correspondence between a logical address and a physical address in the non-authentication area, and a conversion for changing the authentication area conversion table and the authentication area conversion table in accordance with an instruction from the electronic device. A table changing unit, wherein the authentication area access control unit controls access by the electronic device based on the authentication area conversion table, and the non-authentication area access control unit is based on the non-authentication area conversion table. The access by the electronic device, the authentication area and the non-authentication area, The non-authentication area conversion table is configured so that the ascending order of the logical addresses is the ascending order of the physical addresses. The authentication area conversion table is characterized in that the logical address and the physical address are associated with each other so that the ascending order of the logical address is the descending order of the physical address.
[0123]
In this way, data related to copyright protection is stored in the authentication area, and other data is stored in the non-authentication area, so that both digital works and non-copyrights can be used together. A semiconductor memory card having both of the above is realized.
In the non-authentication area conversion table, a logical address and a physical address are associated with each other so that an ascending order of the logical address is an ascending order of the physical address. In the authentication area conversion table, an ascending order of the logical address is a descending order of the physical address. Thus, since the logical address and the physical address are associated with each other, the probability that the area near the boundary between the authentication area and the non-authentication area will be used by using the logical addresses in ascending order. Therefore, the probability of occurrence of processing such as data saving and movement required when the boundary is moved is reduced, and the change of the area size is simplified.
[0124]
Since the authentication area access control unit and the non-authentication area access control unit control access by the electronic device based on the conversion table, even if a phenomenon occurs in which a plurality of logical blocks constituting the same file are fragmented. Since it can be easily changed so as to be logically continuous logical blocks, access to the same file is speeded up.
[0125]
Here, the authentication unit generates key data reflecting the result of authentication, and the authentication area access control unit generates key data generated by the authentication unit by using the encrypted command sent from the electronic device. The access to the authentication area may be controlled according to the decrypted instruction.
As a result, even if the exchange between the semiconductor memory card and the electronic device is eavesdropped, the instruction for accessing the authentication area is encrypted depending on the authentication result performed immediately before. The function to prevent unauthorized access of the system is increased.
[0126]
In addition, the authentication unit performs challenge-response mutual authentication with the electronic device, and proves the challenge data transmitted to the electronic device to verify the validity of the electronic device and its own validity. The key data may be generated from the generated response data.
As a result, the key data has the property that only when both the semiconductor memory card and the electronic device have succeeded in mutual authentication, the key data has the property of being changed by each authentication. The security of the authentication area that cannot be accessed without using it is stronger.
[0127]
The encrypted command sent from the electronic device includes an unencrypted tag part that specifies the type of access to the authentication area, and an encrypted address part that specifies the area to be accessed. The authentication unit decrypts the address part of the instruction using the key data, and accesses the type specified by the tag part of the instruction to the area specified by the decrypted address. Execution control may be performed.
[0128]
As a result, only the address portion of the instruction is encrypted, so that the decryption and decryption processing in the semiconductor memory card that has received such an instruction becomes simple.
In addition, the semiconductor memory card further includes an identification data storage circuit that stores in advance unique identification data that can be identified and distinguished from other semiconductor memory cards, and the authentication unit includes the identification data storage circuit It is also possible to perform mutual authentication using the identification data stored in, and generate the key data depending on the identification data.
[0129]
As a result, in mutual authentication, data depending on individual semiconductor memory cards is exchanged, so that high security against unauthorized decryption of mutual authentication can be maintained.
The semiconductor memory card may further include a read-only memory circuit in which data is stored in advance. Thus, the identification data that can be distinguished from other semiconductor memory cards is stored in the read-only memory, and the digital work is stored depending on the identification data, thereby enhancing the copyright protection function.
[0130]
The authentication area and the non-authentication area include a storage area that is readable and writable for the electronic device and a read-only storage area, and the control circuit further includes an access for the electronic device to write data to the nonvolatile memory. The authentication area access control unit and the non-authentication area access control unit encrypt the data using the random number, and obtain the encrypted data obtained as described above. The random number may be written into the read-only storage area associated with the encrypted data while being written in a readable / writable storage area.
[0131]
This makes it possible to detect such actions by checking the consistency with a random number stored in a read-only storage area even if unauthorized tampering with the read-write storage area is performed. Therefore, safer data recording is realized.
The control circuit may further include an encryption / decryption unit that encrypts data to be written to the authentication area and the non-authentication area and decrypts data read from the authentication area and the non-authentication area. Good. This makes it possible to withstand unauthorized attacks such as destroying the semiconductor memory card and directly reading the memory contents of the authentication area and the non-authentication area.
[0132]
The nonvolatile memory is a flash memory, and the control circuit further specifies the authentication area and an unerased area in the authentication area in accordance with a command from the electronic device, and stores information indicating the area. You may have the unerased list read-out part sent to the said electronic device. As a result, the electronic device can recognize the unerased area and erase the area in advance before rewriting the flash memory, so that high-speed rewriting is possible.
[0133]
In addition, the authentication unit requests a user key, which is information unique to the user, from a user who uses the electronic device for authentication, and the control circuit further stores the user key. A user key storage unit for storing, an identification information storage unit for storing identification information that can identify an electronic device that has been successfully authenticated by the authentication unit, and authentication by the authentication unit is started , Acquiring identification information from the electronic device, checking whether the identification information is already stored in the identification information storage unit, and prohibiting the user key request by the authentication unit if it is already stored And a user key request prohibition unit.
[0134]
This avoids the trouble of requiring the input of a password or personal data every time it is used by connecting to a semiconductor memory card, so that it is possible to suppress the occurrence of a problem that personal data is illegally eavesdropped and used. .
A reading device according to the present invention is a reading device for reading a digital work stored in the semiconductor memory card, wherein the semiconductor memory card has a digital work stored in an unauthenticated area and an authentication area. The number of times allowed to read the digital work is stored in advance, and the reading device reads the number of times stored in the authentication area when reading the digital work stored in the non-authentication area, A determination means for determining whether or not reading is permitted depending on the number of times, and reading the digital work from the non-authentication area only when it is permitted and subtracting the number of times read and writing back to the authentication area And a reproducing means.
[0135]
This makes it possible to limit the number of times digital works stored in a semiconductor memory card are read, and to apply music content to paid rentals.
Further, the reading device according to the present invention is a reading device that reads the digital work stored in the semiconductor memory card and reproduces it to an analog signal, and the semiconductor memory card reproduces the analog signal in the non-authentication area. A digital work stored in the non-authentication area, the number of times the digital work is permitted to be digitally output by the electronic device is stored in advance in the authentication area. Reproduction means for reading out a copyrighted work and reproducing it as an analog signal, judgment means for reading out the number of times stored in the authentication area and judging whether digital output is permitted based on the number of times, and only when permitted The digital work is output to the outside as a digital signal, and the read count is subtracted. Characterized in that it comprises a digital output means for writing back to the authentication area.
[0136]
As a result, it is possible to limit the number of digital copies of the digital work stored in the semiconductor memory card, and it is possible to protect the fine copyright according to the intention of the copyright holder.
As described above, the present invention is a semiconductor memory card or the like having a flexible function that has both a use as a recording medium for a digital work and a use as an auxiliary storage device for a computer. It has the effect of ensuring the sound distribution of digital works, and its practical value is extremely large.
[Brief description of the drawings]
FIG. 1 is a diagram showing the external appearance of a personal computer related to electronic music distribution and a semiconductor memory card that can be attached to and detached from the PC according to an embodiment of the present invention.
FIG. 2 is a view showing an appearance of a portable player using the semiconductor memory card as a recording medium.
FIG. 3 is a block diagram showing a hardware configuration of the personal computer.
FIG. 4 is a block diagram showing a hardware configuration of the player.
FIG. 5 is a diagram showing an appearance and a hardware configuration of the semiconductor memory card.
FIG. 6 is a diagram showing types of storage areas of the semiconductor memory card viewed from the personal computer or the player.
FIG. 7 is a diagram showing restrictions and command forms when the personal computer or player accesses each area of the semiconductor memory card; FIG. 7A shows rules for accessing each area; Shows the rules for changing the size of each area, and (c) is a conceptual diagram showing the areas of the semiconductor memory card.
FIG. 8 is a flowchart showing an operation in which the personal computer (and the player) writes content such as music data in the semiconductor memory card.
FIG. 9 is a flowchart showing an operation of reading content such as music data from the semiconductor memory card and playing it on the player (and the personal computer).
FIG. 10 is a flowchart showing an operation in which the player (and the personal computer) manipulates the number of readings stored in the authentication area of the semiconductor memory card.
FIG. 11 is a flowchart showing an operation in which the player (and the personal computer) operates the digital output permission count stored in the authentication area of the semiconductor memory card.
FIG. 12 is a diagram showing a data structure common to an authentication area and a non-authentication area of the semiconductor memory card and a flow of read / write processing corresponding to the data structure;
13A and 13B are diagrams showing how the correspondence between the logical address and the physical address of the semiconductor memory card is changed. FIG. 13A is a correspondence relationship before the change, FIG. 13B is a correspondence relationship after the change, and FIG. Indicates a conversion table corresponding to (a), and (d) indicates a conversion table corresponding to (b).
14A and 14B are diagrams for explaining functions related to unerased blocks of the semiconductor memory card, in which FIG. 14A shows the use state of logical blocks and physical blocks, FIG. 14B shows an unerased list in that state, (C) is a flowchart showing an operation when the PC 102 or the player 201 erases a block in advance using an unerased list command and an erase command, and (d) is a table showing the use state of a logical block.
FIG. 15 is a diagram showing a communication sequence and main components between the player and the semiconductor memory card for authentication.
FIG. 16 is a communication sequence diagram showing an authentication procedure between the semiconductor memory card and an external device according to a modification of the present invention.
FIG. 17 is a communication sequence diagram showing a detailed procedure of mutual authentication shown in FIG. 16;
FIG. 18 is a diagram showing a state before the change in the change of the boundary line between the authentication area and the non-authentication area of the semiconductor memory card, and (a) is a memory map showing the configuration of the physical block of the flash memory; (B) shows a conversion table dedicated to the non-authentication area, and (c) shows a conversion table dedicated to the authentication area.
FIG. 19 is a diagram showing a state after the change in the change of the boundary line between the authentication area and the non-authentication area of the semiconductor memory card, (a) is a memory map showing the configuration of the physical block of the flash memory; (B) shows a conversion table dedicated to the non-authentication area, and (c) shows a conversion table dedicated to the authentication area.
[Explanation of symbols]
101 Communication line
102 PC
103 display
104 keyboard
105 Memory card writer slot
106 Speaker
107 Memory card writer
108 Memory card slot
109 memory card
110 CPU
111 ROM
112 RAM
113 Communication port
114 Internal bus
117 Descrambler
118 AAC decoder
119 D / A Converter
120 hard disk
201 players
202 Operation buttons
203 Liquid crystal display
204 Analog output terminal
205 Digital output terminal
206 Memory card slot
208 headphones
210 CPU
211 ROM
212 RAM
213 Communication port
214 Internal bus
215 Card I / F part
216 Authentication circuit
217 Descrambler
218 AAC decoder
219 D / A converter
220 AAC encoder
221 A / D converter
222 Scrambler
223 Analog input terminal
224 speaker
302 Control IC
303 Flash memory
304 ROM (special area)
321 Authentication Department
322 Command judgment control unit
323 Master key storage
323a Master key
323b Encryption master key
324 Special area access controller
325 Authentication area access control unit
326 Non-authentication area access control unit
327 Encryption / Decryption Circuit
331 Non-authentication area
332 Authentication area
341 Media ID
342 Manufacturer name
343 Secure Media ID
425 Encryption key
426 Encrypted content
427 User data
501 Alternate block area
812 Read count
913 Number of times digital output is allowed
1003 Random number generator
1004 sectors
1005 Extended area
1006 ECC data
1007 Time-varying region
1101 Conversion table
1102 Authentication area-specific conversion table
1103 Non-authentication area conversion table
1203 Unerased list
1301 Master key
1302 Device unique ID
1310 Device unique ID group storage area
1311 User key storage area

Claims (11)

  1. A semiconductor memory card that can be attached to and detached from an electronic device,
    Rewritable nonvolatile memory,
    A control circuit that controls access by the electronic device to the authentication area and the non-authentication area that are two predetermined storage areas in the nonvolatile memory;
    The control circuit includes:
    An unauthenticated area access control unit for controlling access by the electronic device to the unauthenticated area;
    An authentication unit that attempts to authenticate the electronic device to verify the validity of the electronic device;
    An authentication area access control section that permits access by the electronic device to the authentication area only when the authentication section succeeds in authentication,
    The authentication area and the non-authentication area are allocated to each area obtained by dividing a continuous storage area of a certain size in the nonvolatile memory into two parts,
    The semiconductor memory card further includes
    Means for holding information relating to a boundary address that bisects the storage area of the certain size;
    An area size changing circuit for changing an area size of each of the authentication area and the non-authentication area;
    The area size change circuit changes the area size of each of the authentication area and the non-authentication area by changing the information about the boundary address after deleting all the contents of the storage area,
    The authentication area access control unit and the non-authentication area access control unit refer to information on the boundary address, and control access to the authentication area or the non-authentication area ,
    The authentication unit requests a user key that is information unique to a user who uses an electronic device for authentication,
    The control circuit further includes
    A user key storage unit for storing the user key;
    An identification information storage unit for storing identification information for identifying an electronic device successfully authenticated by the authentication unit;
    When authentication by the authentication unit is started, identification information is acquired from the electronic device, and whether or not the identification information is already stored in the identification information storage unit is checked. A semiconductor memory card, comprising: a user key request prohibition unit that prohibits a request for a user key by the authentication unit .
  2. The authentication unit performs challenge-response type mutual authentication with the electronic device, and is generated to verify the challenge data transmitted to the electronic device to verify the validity of the electronic device and its own validity Generate key data from the response data ,
    The authentication area access control unit decrypts an encrypted command sent from the electronic device with the key data generated by the authentication unit, and controls access to the authentication area according to the decrypted command. The semiconductor memory card according to claim 1.
  3. The encrypted instruction sent from the electronic device is composed of an unencrypted tag part that specifies the type of access to the authentication area and an encrypted address part that specifies the area to be accessed. ,
    The authentication unit decrypts the address part of the instruction using the key data, and executes and controls access of the type specified by the tag part of the instruction to the area specified by the decrypted address. The semiconductor memory card according to claim 2 .
  4. The area size changing circuit includes:
    An authentication area conversion table showing a correspondence between a logical address and a physical address in the authentication area;
    A non-authentication area conversion table showing correspondence between logical addresses and physical addresses in the non-authentication area;
    A conversion table changing unit that changes the authentication area conversion table and the non- authentication area conversion table according to a command from the electronic device;
    The authentication area access control unit controls access by the electronic device based on the authentication area conversion table,
    The semiconductor memory card according to claim 1, wherein the non-authentication area access control unit controls access by the electronic device based on the non-authentication area conversion table.
  5. The authentication area and the non-authentication area are respectively assigned to a high physical area and a low physical address area obtained by dividing the storage area of the certain size into two,
    In the non-authentication area conversion table, the logical address and the physical address are associated with each other so that the ascending order of the logical address is the ascending order of the physical address,
    The authentication area conversion table, a semiconductor memory card according to claim 4, wherein the logical address and the physical address are associated as ascending logical address is descending physical address.
  6. The semiconductor memory card according to claim 1, further comprising a read-only memory circuit in which data is stored in advance.
  7. The authentication area and the non-authentication area include a storage area that is readable and writable for the electronic device and a read-only storage area,
    The control circuit further includes a random number generator that generates a random number each time the electronic device accesses to write data in the nonvolatile memory,
    The authentication area access control unit and the non-authentication area access control unit encrypt the data using the random number, write the obtained encrypted data to the readable / writable storage area, and encrypt the random number. The semiconductor memory card according to claim 1, wherein the data is written in the read-only storage area associated with data.
  8. The control circuit further includes
    A conversion table indicating correspondence between logical addresses and physical addresses in the authentication area and the non-authentication area;
    A conversion table changing unit that changes the conversion table according to an instruction from the electronic device,
    The semiconductor memory card according to claim 1, wherein the authentication area access control unit and the non-authentication area access control unit control access by the electronic device based on the conversion table.
  9. The control circuit further includes an encryption / decryption unit that encrypts data to be written in the authentication area and the non-authentication area, and decrypts data read from the authentication area and the non-authentication area. The semiconductor memory card according to claim 1.
  10. The nonvolatile memory is a flash memory,
    Wherein the control circuit further accordance with an instruction from the electronic device, a region existing in the authentication area and the non-authentication area, past the write is performed, and is physically unerased state region Not identify erased area, it has a unerased list transmission unit for sending the unerased area list which is a list of information indicating the area to the electronic device,
    The authentication area access control unit and the non-authentication area access control unit collectively erase specific unerased areas designated by the electronic device among unerased areas in the unerased area list. Item 14. A semiconductor memory card according to Item 1.
  11. A method of controlling a semiconductor memory card for controlling a semiconductor memory card that can be attached to and detached from an electronic device,
    The semiconductor memory card is
    A rewritable nonvolatile memory including an authentication area and a non-authentication area, which are two storage areas obtained by dividing a continuous storage area of a certain size into two,
    Means for holding information relating to a boundary address that bisects the storage area of the certain size;
    A control circuit for controlling access by the electronic device to the authentication area and the non-authentication area;
    The control circuit includes:
    A user key storage unit for storing a user key which is information unique to the user for a user who uses the electronic device for authentication;
    An identification information storage unit for storing identification information for identifying an electronic device that has been successfully authenticated,
    The control method in the control circuit is:
    An unauthenticated area access control step for controlling access by the electronic device to the unauthenticated area;
    An authentication area access control step for attempting authentication of the electronic apparatus to verify the validity of the electronic apparatus, and permitting the electronic apparatus to access the authentication area when the authentication is successful.
    An area size changing step for changing the area size of each of the authentication area and the non-authentication area by changing information about the boundary address after deleting all the contents of the storage area,
    The authentication area access control step and the non-authentication area access control step each control access to the authentication area or the non-authentication area with reference to information on the boundary address ,
    The authentication area access control step requests a user key, which is information unique to the user, from a user who uses the electronic device for authentication.
    The control method further includes:
    When authentication is started, identification information is obtained from the electronic device, and whether the identification information is already stored in the identification information storage unit is checked. A method for controlling a semiconductor memory card, comprising: a user key request prohibiting step for prohibiting a user key request by a control step .
JP2002346019A 1999-04-27 2002-11-28 Semiconductor memory card and control method thereof Active JP4395302B2 (en)

Priority Applications (3)

Application Number Priority Date Filing Date Title
JP11944199 1999-04-27
JP11-119441 1999-04-27
JP2002346019A JP4395302B2 (en) 1999-04-27 2002-11-28 Semiconductor memory card and control method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2002346019A JP4395302B2 (en) 1999-04-27 2002-11-28 Semiconductor memory card and control method thereof

Related Child Applications (1)

Application Number Title Priority Date Filing Date
JP11374788 Division

Publications (3)

Publication Number Publication Date
JP2003233795A JP2003233795A (en) 2003-08-22
JP2003233795A5 JP2003233795A5 (en) 2007-02-08
JP4395302B2 true JP4395302B2 (en) 2010-01-06

Family

ID=27790261

Family Applications (1)

Application Number Title Priority Date Filing Date
JP2002346019A Active JP4395302B2 (en) 1999-04-27 2002-11-28 Semiconductor memory card and control method thereof

Country Status (1)

Country Link
JP (1) JP4395302B2 (en)

Families Citing this family (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4691337B2 (en) * 2003-08-26 2011-06-01 パナソニック株式会社 Program execution device, certificate authority device
CN1871568B (en) 2003-08-26 2010-04-28 松下电器产业株式会 Program execution device
US7823209B2 (en) 2003-11-06 2010-10-26 Panasonic Corporation Information recording medium, information recording medium accessing device, and area setting method
US7840729B2 (en) 2003-11-19 2010-11-23 Panasonic Corporation Recording medium access device and recording medium access method
JP2005293357A (en) * 2004-04-01 2005-10-20 Toshiba Corp Log-in system and method
KR101169021B1 (en) * 2004-05-31 2012-07-26 삼성전자주식회사 Method and Apparatus for sending right object information between device and portable storage
KR101100391B1 (en) * 2004-06-01 2012-01-02 삼성전자주식회사 Method for playbacking content using portable storage by digital rights management, and portable storage for the same
JP4717398B2 (en) 2004-09-10 2011-07-06 キヤノン株式会社 Method for controlling data processing apparatus
JP4198706B2 (en) 2004-11-15 2008-12-17 株式会社メガチップス Storage device
US7869595B2 (en) 2005-01-20 2011-01-11 Panasonic Corporation Content copying device and content copying method
KR101331366B1 (en) 2007-10-30 2013-11-19 교세라 가부시키가이샤 Information processing apparatus
JP5311981B2 (en) * 2008-11-21 2013-10-09 三菱電機株式会社 Cryptographic communication system
JP4856743B2 (en) * 2009-08-06 2012-01-18 株式会社バッファロー Wireless communication apparatus, wireless communication system, and network apparatus
JP2012084071A (en) 2010-10-14 2012-04-26 Toshiba Corp Digital content protection method, decryption method, reproducing device, memory medium and cryptographic device
US8661527B2 (en) 2011-08-31 2014-02-25 Kabushiki Kaisha Toshiba Authenticator, authenticatee and authentication method
JP5275432B2 (en) 2011-11-11 2013-08-28 株式会社東芝 Storage medium, host device, memory device, and system
JP5112555B1 (en) 2011-12-02 2013-01-09 株式会社東芝 Memory card, storage media, and controller
JP5204291B1 (en) * 2011-12-02 2013-06-05 株式会社東芝 Host device, device, system
JP5204290B1 (en) 2011-12-02 2013-06-05 株式会社東芝 Host device, system, and device
JP5100884B1 (en) 2011-12-02 2012-12-19 株式会社東芝 Memory device
JP5275482B2 (en) 2012-01-16 2013-08-28 株式会社東芝 Storage medium, host device, memory device, and system
JP4991971B1 (en) * 2012-03-08 2012-08-08 株式会社東芝 Device to be authenticated and authentication method thereof
JP5443552B2 (en) * 2012-07-20 2014-03-19 株式会社東芝 Media
JP5499145B2 (en) * 2012-11-30 2014-05-21 株式会社東芝 Authentication system and media
US9201811B2 (en) 2013-02-14 2015-12-01 Kabushiki Kaisha Toshiba Device and authentication method therefor
US8984294B2 (en) 2013-02-15 2015-03-17 Kabushiki Kaisha Toshiba System of authenticating an individual memory device via reading data including prohibited data and readable data
JP6246516B2 (en) * 2013-07-24 2017-12-13 株式会社メガチップス Information processing system
JP5892711B2 (en) 2014-06-30 2016-03-23 達男 眞子 Content management system, content management server and server management program, client terminal and terminal management program

Also Published As

Publication number Publication date
JP2003233795A (en) 2003-08-22

Similar Documents

Publication Publication Date Title
JP4615832B2 (en) Digital rights management (DRM) encryption and data protection method for content on devices without interactive authentication
CN101361076B (en) Mobile memory system for secure storage and delivery of media content
JP4620146B2 (en) Information processing apparatus and authentication method
CN100336015C (en) Application authentication system
CN100405247C (en) Teminal, data processing device and method, and transmission method for data processing device
CN1540657B (en) The nonvolatile memory device and the data processing system
US7389428B2 (en) Data processing system, data processing method, and program providing medium
US6691149B1 (en) System for distributing music data files between a server and a client and returning the music data files back to the previous locations
US7650503B2 (en) Memory card
KR100503588B1 (en) Storage device including a non-volatile memory
KR100236697B1 (en) Software copying system
AU2005223193B2 (en) Digital rights management structure, portable storage device, and contents management method using the portable storage device
JP4649533B2 (en) Management device, editing device, audio data management system including recording medium, management device, editing device, recording medium, and method
CN1287289C (en) Recording device, recording medium and method
US7131010B2 (en) Data processing system, data processing method, data processing apparatus, and program providing medium
CN1294499C (en) Safety video frequency card in computer equipment with digital right managing system
JP4622082B2 (en) Data reproducing device, data recording device, data reproducing method, data recording method, list update method, and program providing medium
US7225333B2 (en) Secure processor architecture for use with a digital rights management (DRM) system on a computing device
US6850914B1 (en) Revocation information updating method, revocation informaton updating apparatus and storage medium
US7469837B2 (en) Storage device
JP3774260B2 (en) Memory card security system device and memory card thereof
US20100023777A1 (en) System and method for secure firmware update of a secure token having a flash memory controller and a smart card
US7415729B2 (en) Storage device
CN100530029C (en) Method, system and securing means for data archiving with automatic encryption and decryption by fragmentation of keys
EP1580642A1 (en) Method and apparatus for protecting data on storage medium and storage medium

Legal Events

Date Code Title Description
A621 Written request for application examination

Free format text: JAPANESE INTERMEDIATE CODE: A621

Effective date: 20061215

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20061215

A977 Report on retrieval

Free format text: JAPANESE INTERMEDIATE CODE: A971007

Effective date: 20090514

A131 Notification of reasons for refusal

Free format text: JAPANESE INTERMEDIATE CODE: A131

Effective date: 20090526

A521 Written amendment

Free format text: JAPANESE INTERMEDIATE CODE: A523

Effective date: 20090713

TRDD Decision of grant or rejection written
A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

Effective date: 20090924

A01 Written decision to grant a patent or to grant a registration (utility model)

Free format text: JAPANESE INTERMEDIATE CODE: A01

A61 First payment of annual fees (during grant procedure)

Free format text: JAPANESE INTERMEDIATE CODE: A61

Effective date: 20091019

R150 Certificate of patent or registration of utility model

Ref document number: 4395302

Country of ref document: JP

Free format text: JAPANESE INTERMEDIATE CODE: R150

Free format text: JAPANESE INTERMEDIATE CODE: R150

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20121023

Year of fee payment: 3

FPAY Renewal fee payment (event date is renewal date of database)

Free format text: PAYMENT UNTIL: 20131023

Year of fee payment: 4