JP4576100B2 - Information reproducing apparatus, secure module, and information reproducing method - Google Patents

Description

[0001]
BACKGROUND OF THE INVENTION
The present invention relates to an information reproducing device, a secure module, and an information reproducing method for reproducing information downloaded via the Internet or information stored in a recording medium, and more particularly, to open a personal computer or the like. The present invention relates to an information reproducing apparatus, a secure module, and an information reproducing method capable of executing safe software processing by adding a minimum amount of hardware to an apparatus having an architecture.
[0002]
[Prior art]
In recent years, broadband Internet and digital broadcasting are becoming widespread, and rights protection technology for ensuring the security of distributed content (mainly digital AV (Audio Video)) has been highlighted.
[0003]
Among these, a personal computer (PC) is an open architecture, and basically it can be peeked, so that it is difficult to realize safety.
[0004]
However, personal computers, on the other hand, function as the main gateway for broadband Internet. Therefore, when safety is ensured by a personal computer (entrance / exit), digital AV contents can be distributed over the entire Internet, which is significant.
[0005]
Conventionally, obfuscation techniques that make it difficult to analyze algorithms that guarantee security have been the mainstream of rights protection using personal computer software.
[0006]
However, once the software on the personal computer is mounted on the main memory, it is easy to copy, and the rights protection algorithm can be analyzed by analyzing the copied result over time.
[0007]
Therefore, a system for protecting rights by obfuscation is considered to be a system with low safety, and it is difficult to adopt it assuming damage caused by analysis once by a system with high constancy such as broadcasting.
[0008]
FIG. 7 is a block diagram illustrating a configuration example of a conventional system using the personal computer 50. As shown in this figure, the conventional system includes a personal computer 50, a network 51, a speaker 52, a display device 53, and an input device 54.
[0009]
The personal computer 50 has a function as an information reproducing apparatus, and includes a CPU (Central Processing Unit) 50a, a ROM (Read Only Memory) 50b, a RAM (Random Access Memory) 50c, a hard disk drive 50d, and an MB (Multimedia Board) 50e. , An I / F (Interface) 50f, an I / F 50g, and a bus 50h, which decrypts the encrypted information downloaded via the network 51 and the encrypted information stored in the hard disk drive 50d to decrypt the speaker 52 and the display device To 53.
[0010]
The CPU 50a executes various arithmetic processes according to a program stored in the hard disk drive 50d and controls each part of the apparatus. The ROM 50b stores basic programs and data executed by the CPU 50a. The RAM 50c temporarily stores programs and data to be executed when the CPU 50a executes various arithmetic processes.
[0011]
The hard disk drive 50d stores programs executed by the CPU 50a, data, and the like. The MB 50e is supplied from the CPU 50a, decrypts the encrypted audio data and image data, generates the original audio signal and image signal, and outputs them to the speaker 52 and the display device 53.
[0012]
The I / F 50f is an interface for transmitting and receiving information via the network 51, and executes protocol conversion and data format conversion. The I / F 50 g converts data input from the input device 54 into data in an internal format of the personal computer 50.
[0013]
The bus 50h connects the CPU 50a, the ROM 50b, the RAM 50c, the hard disk drive 50d, the MB 50e, the I / F 50f, and the I / F 50g to each other, and enables information exchange between them.
[0014]
The network 51 is configured by the Internet, for example. The speaker 52 converts the sound signal supplied from the MB 50e into sound and outputs the sound. The display device 53 includes, for example, a CRT (Cathode Ray Tube) monitor or a liquid crystal monitor, and displays the image signal supplied from the MB 50e as an image. The input device 54 is configured by, for example, a mouse or a keyboard.
[0015]
FIG. 8 is a diagram showing a flow of information in the personal computer 50 shown in FIG. As shown in the figure, the hard disk drive 50d stores basic software, a decryption key group, and encrypted content.
[0016]
Here, the basic software is software for performing processing for decrypting the encrypted content, and is obfuscated for the purpose of preventing it from being decrypted by a malicious user. This obfuscation means that the following processing is performed.
[0017]
Before obfuscation X = X + Y
After obfuscation X = X * 2 + 1 + Y * 2-1
X = X / 2
[0018]
That is, as described above, the calculation results are the same before and after obfuscation, but it is difficult to decipher the algorithm after obfuscation.
[0019]
The decryption key group in the hard disk drive 50d is a plurality of keys for decrypting the cipher applied to the encrypted content. For the purpose of preventing easy acquisition by a malicious user, secret scrambling is performed. It is stored in a secret place.
[0020]
Encrypted content is content that has undergone encryption processing, and is composed of, for example, images, sound, computer data, and the like.
[0021]
When the reproduction of the encrypted content is started, the following processing is executed.
(1) The obfuscated basic software is read from the hard disk drive 50d and mounted on the RAM 50c.
[0022]
(2) The read basic software is stored in a secret place as necessary, and a secret scrambled decryption key is read from the hard disk drive 50d. The decryption key is stored in a secret location, for example, in 3 to 5 locations, and is processed so that a target key cannot be obtained unless a secret calculation or the like is performed.
[0023]
(3) The encrypted content is read from the hard disk drive 50d, and the encryption is decrypted with the decryption key.
[0024]
(4) When the decrypted content is compressed, decompression processing (in the case of video content, MPEG (Motion Picture Experts Group) decompression processing, etc.) is executed, and the obtained content is buffered in the RAM 50c. And then output to the MB 50e.
[0025]
(5) The MB 50e performs D / A (Digtal / Analog) conversion processing and drawing processing on the input content, outputs the obtained audio signal to the speaker 52 (see FIG. 7), and outputs an image signal. The data is output to the display device 53. Thereby, the content is reproduced.
[0026]
[Problems to be solved by the invention]
By the way, as described above, conventionally, since the basic software is installed in the RAM 50c of the personal computer 50, there is a risk that it will be decrypted or copied by a malicious user.
[0027]
Even if all the basic software and other data stored in the hard disk drive 50d are encrypted, if the decryption software for decrypting the encryption exists somewhere in the personal computer 50, the decryption software is analyzed. When the storage location of the decryption key is specified, the basic software is analyzed and the right protection algorithm is determined.
[0028]
In particular, in a highly public network such as broadcasting, a processing method that cannot easily decipher content even if a right protection algorithm is found is desired. In the current hardware-based digital television receiver, encryption such as MULTI2 and DES (Data Encryption Standard) is performed. Although these algorithms are known, it is extremely difficult to decrypt the content unless the decryption key is known.
[0029]
However, the digital television receiver is configured such that the decryption key is built in the hardware and cannot be read out on the software.
[0030]
Furthermore, in the digital television receiver, since the decryption circuit and the content processing circuit (MPEG video decompression circuit and MPEG audio decompression circuit) are also configured by hardware, it is extremely difficult to peek at the contents of the processing. Yes.
[0031]
Such digital television receivers are actually being commercialized. Japanese Perfect TV (trademark) and United States DirecTV (trademark) are good examples of such digital television receivers.
[0032]
On the other hand, in software processing, a decryption key, a decryption circuit, and a content processing circuit are realized by basic software, and such basic software itself, and further a personal computer that can easily read intermediate calculation results 50, there is a problem that analysis and peeping are easily performed.
[0033]
The present invention has been made in view of the above, and an information reproducing apparatus capable of executing safe software processing by adding minimum hardware to a device having an open architecture such as a personal computer. An object of the present invention is to provide a secure module and an information reproduction method.
[0034]
[Means for Solving the Problems]
In order to achieve the above object, according to the present invention, in an information reproducing apparatus for reproducing information, a secure module having a structure in which information stored inside cannot be referred to from outside, and can be referred from outside Memory and information stored in the secure module and read from the memory stored in the memory by direct access without any means, and the memory storage information and the secure module storage information stored in advance in the secure module And tampering check means for checking tampering of the memory storage information based on the comparison result.
[0035]
The present invention is implemented in an information reproducing apparatus and can be referred to from the outside in a secure module having a structure in which information stored inside cannot be referred to from the outside, and is mounted in the information reproducing apparatus. The memory storage information stored in the memory is read out by direct access without any means, and the comparison result between the read memory storage information and the secure module storage information stored in advance in the secure module And a tampering check means for checking tampering of the memory storage information.
[0036]
In addition, the present invention is implemented in a secure module having a structure in which information stored therein cannot be referred to from the outside, and can be referred to from outside by direct access without using any means. A tampering of the memory storage information is checked based on a reading step of reading the stored memory storage information and a comparison result between the read memory storage information and the secure module storage information stored in advance in the secure module A tamper check process.
[0037]
According to this invention, the memory storage information stored in the memory by direct access without any means is read, and based on the comparison result between the memory storage information and the secure module storage information stored in advance in the secure module, Since tampering of memory storage information is checked, it is possible to execute safe software processing by adding a minimum hardware (secure module) to an apparatus having an open architecture such as a personal computer. it can.
[0038]
DETAILED DESCRIPTION OF THE INVENTION
DESCRIPTION OF EMBODIMENTS Hereinafter, an embodiment of an information reproducing apparatus, a secure module, and an information reproducing method according to the present invention will be described in detail with reference to the drawings.
[0039]
FIG. 1 is a block diagram showing the configuration of an embodiment according to the present invention. The system shown in the figure includes a personal computer 100, a network 200, a display device 300, an input device (not shown), a speaker, and the like, and decrypts and reproduces information (content) encrypted in a secure environment. Is to do.
[0040]
The personal computer 100 has a function as an information reproducing apparatus, and includes a PC main processor 101, a hard disk drive 102, an input / output interface 103, a south bridge 104, a north bridge 105, a main memory 106, and an image LSI (Large Scale Integrated Circuit). 107, an image memory 108, a PCI (Peripheral Component Interconnect) bus 109, and a secure module 150.
[0041]
Also, the personal computer 100 decrypts the encrypted information (content) downloaded via the network 200 and the encrypted information (content) stored in the hard disk drive 102 and outputs them to the display device 300 and the speaker (not shown). To do.
[0042]
The PC main processor 101 executes various arithmetic processes according to secure software stored in the hard disk drive 102 and other software, and controls each part of the apparatus.
[0043]
Here, the secure software corresponds to the secure software 180 shown in FIGS. 2 to 5 described later, is for providing a secure environment when reproducing information, and is installed in the main memory 106.
[0044]
The hard disk drive 102 is a mass storage device having a disk, and stores secure software 180 (see FIG. 2) executed by the PC main processor 101 and other software.
[0045]
The input / output interface 103 is an interface for transmitting and receiving information (contents) via the network 200, and executes protocol conversion and data format conversion.
[0046]
The south bridge 104 has a function of interconnecting the input / output interface 103 and the PCI bus 109 and incorporates a bridge circuit. The north bridge 105 has a function of bridging data by connecting the PC main processor 101, the main memory 106, and the image LSI 107 to each other. The south bridge 104 and the north bridge 105 are interconnected by a high-speed bus.
[0047]
The main memory 106 is constituted by, for example, a RAM, and the secure software 180 shown in FIGS. 2 to 5 and other software are installed. When the secure software 180 is executed by the PC main processor 101, the function of each block in the secure software 180 shown in FIGS.
[0048]
The secure software 180 is implemented in the main memory 106 and is executed by the PC main processor 101 to provide a function of decoding MPEG data encrypted in a secure environment in cooperation with the secure module 150.
[0049]
The image LSI 107 has a function of storing decoded image information in the image memory 108 or displaying the decoded image information on the display device 300 as an image. The image memory 108 stores image information under the control of the image LSI 107.
[0050]
The PCI bus 109 is a bus that interconnects the hard disk drive 102, the south bridge 104, and a PCI interface 155 of the secure module 150 described later.
[0051]
The secure module 150 has a TRM (Tamper Resistant Module) structure, and is hardware that prevents peeping from outside and prevents internal data from being falsified.
[0052]
The TRM structure refers to a structure for physically and logically protecting internal analysis and alteration of a semiconductor chip (in this case, the secure module 150). Specifically, the secure module 150 is coated with a strong and highly adhesive coating, and when the surface is peeled off, the internal circuit is completely destroyed or dummy wiring is arranged.
[0053]
The secure module 150 has a function of reading the secure software 180 (see FIGS. 2 to 5) and the like from the hard disk drive 102, a function of irregularly rewriting the secure software 180 installed in the main memory 106, and various settings set in the main memory 106. It has a function for changing the buffer position irregularly, an encryption function, a decryption function, and the like.
[0054]
The secure module 150 includes a secure module processor 151, a RAM 152, a ROM 153, an encryption / decryption engine 154, a PCI interface 155, and an internal bus 156. The secure module processor 151 implements various functions of the secure module 150 described above by executing firmware stored in the ROM 153.
[0055]
The RAM 152 temporarily stores programs and data to be executed when the secure module processor 151 executes various arithmetic processes. The RAM 152 stores an encryption key and the like. The ROM 153 stores basic firmware and data executed by the secure module processor 151.
[0056]
The encryption / decryption engine 154 realizes an encryption function and a decryption function. The PCI interface 155 interfaces with each unit via the PCI bus 109. The internal bus 156 is a bus that interconnects the secure module processor 151, the RAM 152, the ROM 153, the encryption / decryption engine 154, and the PCI interface 155.
[0057]
2 to 5 show blocks of functions (initialization / loading unit 160, driver 170, input buffer 181 to MPEG output unit 188) realized by the above-described secure software 180 and various types of software. In these drawings, portions corresponding to the respective portions in FIG.
[0058]
The initialization / loading unit 160 shown in FIG. 2 exists in the main memory 106 (see FIG. 1), has a function of searching for a free area on the main memory 106, and loading (mounting) software into the free memory area. ing. In practice, the initialization / loading unit 160 realizes the above functions by executing software on the PC main processor 101.
[0059]
In addition, the initialization / loading unit 160 has a function of setting a link between softwares when it is necessary to link with other application software (not shown) of the personal computer 100.
[0060]
Here, in the personal computer 100, when other application software and the secure software 180 operate simultaneously in a multitasking environment under the control of an operating system (not shown), the operating system allocates a time during which each software operates. Has function.
[0061]
The initialization / loading unit 160 notifies the operating system of information such as a memory area in which the secure software 180 is mounted, and performs control for assigning a time for the secure software 180 to operate.
[0062]
Thereby, for example, when the secure software 180 operates for 100 milliseconds, the operating system performs scheduling related to software execution such that another software operates for 100 milliseconds.
[0063]
In addition, the reason why the initialization / loading unit 16 cooperates with the operating system is that, in order to move the secure software 180 as one of a plurality of tasks (programs) under the operating system, the operating system that performs adjustment between processes I need help.
[0064]
The driver 170 corresponds to software for a normal driver that operates under the operating system. A large amount of information (encrypted MPEG stream or the like) is exchanged between the secure module 150 and the secure software 180 (input buffer 181) via the driver 170.
[0065]
That is, by using the driver 170, various functions for driver control in the operating system can be used.
[0066]
It is assumed that information other than the encrypted MPEG stream is exchanged between the secure module 150 and the secure software 180 by direct access such as DMA (Direct Memory Access). That is, the secure module 150 and the secure software 180 are directly accessed without going through the driver 170.
[0067]
Thus, when direct access is a major premise, there is a demerit that various services provided by the operating system to the driver 170 cannot be used.
[0068]
However, in this case, since the information can be exchanged in an environment outside the operating system and the operating system is not concerned, there is a great security advantage in that safety is increased.
[0069]
For example, when information is exchanged between the secure module 150 and the secure software 180 via the driver 170, an interrupt is always generated for the operating system, and other software receives information based on this interrupt. Can be "peeps" sequentially, and security is lowered. Here, some drivers have a function of transferring information to other software.
[0070]
On the other hand, when information is exchanged between the secure module 150 and the secure software 180 by direct access without passing through the driver 170, no interruption occurs in the operating system.
[0071]
Therefore, when other software “peeks”, the state of the secure software 180 is always analyzed by polling or the like (the position of the buffer on the main memory 106 is analyzed to check whether the information in the buffer has been updated and updated. Need to be monitored).
[0072]
However, in the case of direct access, since it is not known when information arrives from the secure module 150 to the secure software 180, polling becomes virtually impossible. It should be noted that even if some information can be “peeked” by polling, it is impossible to “peep” all data.
[0073]
In this embodiment, the encrypted MPEG stream is routed through the driver 170 because the MPEG stream is encrypted and it is judged safe even if it is stolen. This is because priority is given to making the encrypted MPEG stream reach the secure software 180 well.
[0074]
The input buffer 181 is a buffer whose area is set on the main memory 106, and stores an encrypted MPEG stream. The TS decoder 182 receives a request from the encryption / decryption unit 184, reads an encrypted MPEG stream (more precisely, an MPEG-TS stream) from the buffer 181, performs TS decoding processing, and stores the encrypted MPEG video information in the video buffer 183. To do.
[0075]
The TS decoding process is a process for extracting compressed encrypted MPEG video information from an encrypted MPEG stream. The encrypted MPEG stream is composed of (1) encrypted MPEG video information, (2) encrypted MPEG audio information, and (3) encrypted MPEG video information and encrypted MPEG audio information in a time-division multiplexed form. Program information (program name, broadcast time, program outline, program fee, etc.) is included.
[0076]
In actual secure software, it is necessary to decode encrypted MPEG audio information in addition to encrypted MPEG video information. Needless to say, the decoding of the encrypted MPEG audio information in this case requires the same kind of program as the decoding of the encrypted MPEG video information.
[0077]
Also, the TS decoder 182 constantly monitors the capacity of the input buffer 181, and when it falls below a certain level, requests the secure software 180 to replenish the input buffer 181.
[0078]
The video buffer 183 is a buffer whose area is set on the main memory 106, and stores the above-described encrypted MPEG video information. The video buffer 183 is a buffer corresponding to a VBV buffer defined by the international standard for MPEG video.
[0079]
The encryption / decryption unit 184 receives the request from the MPEG video decoder 186, reads the encrypted MPEG video information from the video buffer 183, and decrypts the encrypted MPEG video information until the small buffer 185 is full. The encryption / decryption unit 184 stores the compressed MPEG video information that has been decrypted in the small buffer 185.
[0080]
The small buffer 185 is a buffer whose area is set on the main memory 106, and stores the above-described compressed MPEG video information. The MPEG video decoder 186 recognizes that the subsequent MPEG output unit 188 has output the image information.
[0081]
Here, since there is a free space for the image information output to the MPEG image memory 187, the MPEG video decoder 186 reads the next one piece of compressed MPEG video information from the small buffer 185, and performs expansion processing (decoding). After that, the image information is stored in the MPEG image memory 187.
[0082]
The small buffer 185 is set so that only a small amount (less than one image) of compressed MPEG video information can be stored. This is because it is very dangerous in terms of security to have the compressed MPEG video information that has been decoded exist in the main memory 106, and this danger is avoided.
[0083]
Therefore, the small buffer 185 does not hold compressed MPEG video information for one image, and becomes “empty” soon after the MPEG video decoder 186 starts decoding.
[0084]
Also, the MPEG video decoder 186 determines whether or not the small buffer 185 becomes “empty” or the amount of information in the small buffer 185 becomes smaller than a preset threshold value. A decoding request is issued, and compressed MPEG video information is stored in the small buffer 185.
[0085]
The MPEG image memory 187 stores image information corresponding to, for example, 4 frames, that is, 4/30 seconds (about 133 milliseconds). The MPEG output unit 188 reads the decompressed (decoded) image information (for one sheet or one frame) from the MPEG image memory 187 and DMA-transfers it to the image LSI 107. Here, the reason for using DMA (direct access) is to perform transfer from the MPEG output unit 188 to the image LSI 107 at high speed.
[0086]
In one embodiment, the encrypted MPEG video information stored in the video buffer 183 set in the main memory 106 is stored, and the encrypted MPEG video information stored in the video buffer 183 is decrypted little by little. It is characterized in that MPEG video decoding is executed while being stored in the small buffer 185.
[0087]
In the secure module 150 shown in FIG. 3, the memory space 152A is set in the RAM 152 (see FIG. 1), and is used for the first secret number communication executed between the secure module 150 and the TS decoder 182. .
[0088]
The secure module 150 (secure module processor 151) controls the memory space 152A so that a normal value is read first time and a different value is read second time.
[0089]
The memory space 152B is set in the RAM 152 (see FIG. 1), and is used in the second secret number communication executed between the secure module 150 and the encryption / decryption unit 184.
[0090]
Similarly to the memory space 152A, the secure module 150 (secure module processor 151) controls the memory space 152B so that a normal value is read first time and a different value is read the second time.
[0091]
(Secure function at power-on)
Next, with reference to FIG. 2, a secure function when the personal computer 100 shown in FIG. 1 is turned on will be described.
[0092]
FIG. 2 illustrates a case where the initialization / loading unit 160 loads the secure software 180 from the secure module 150 to the main memory 106 when the personal computer 100 is powered on.
[0093]
In the figure, when the personal computer 100 is turned on, the operating system is activated, and a list of software (programs, applications) to be activated is displayed on the desktop (not shown).
[0094]
As a result, the user sees the above list and activates, for example, secure software 180 as desired software. Specifically, when the user clicks on an icon corresponding to secure software 180 displayed on the desktop, secure software 180 is activated.
[0095]
That is, the initialization / loading unit 160 requests the secure module 150 to load the secure software 180. Note that a general initialization / loading unit directly loads software from the hard disk drive 102, but via the secure module 150 in one embodiment.
[0096]
After reading the secure software 180 from the hard disk drive 102, the secure module 150 (secure module processor 151) changes a specific part (for example, a part in which a secret number is described) of the secure software 180. Next, the secure module 150 passes the changed secure software 180 to the initialization / load unit 160.
[0097]
The initialization / loading unit 160 searches for an empty area on the main memory 106 and loads (implements) the changed secure software 180 in the empty area.
[0098]
Here, it is assumed that the memory space on the personal computer 100 can be directly accessed by the secure module 150, such as DMA, and needs to be a non-swappable area on the main memory 106, for example. The non-swappable area can be acquired using the function of the operating system.
[0099]
If the secure software 180 is installed in the swappable area, the secure software 180 may be automatically swapped from the main memory 106 to the memory space of the hard disk drive 102 by the function of the operating system.
[0100]
The reason for swapping is that a plurality of pieces of software operate simultaneously, and it becomes impossible to install all the software in the main memory 106 on the personal computer 100.
[0101]
However, in such a case, there is a possibility that the secure software 180 does not exist on the main memory 106, and there arises a problem that the secure module 150 cannot be directly accessed by DMA or the like.
[0102]
Therefore, in one embodiment, the secure module 150 is mounted in a non-swappable area at the time of loading so that the secure module 150 can always know the mounting position of the secure software 180. The above is an operation example from when the power is turned on until the secure software 180 is loaded into the main memory 106.
[0103]
In addition, as described above, when the initialization / load unit 160 is connected when the power is turned on, a link with the operating system can be pasted, so that (1) the buffer area of the program, (2) the entire program code, ( 3) It is possible to completely change the memory area where the program exists.
[0104]
(Secure function during normal operation)
Next, with reference to FIG. 3, the secure function during normal operation after power-on in the personal computer 100 shown in FIG. 1 will be described.
[0105]
In FIG. 3, secure software 180 is loaded (implemented) in the main memory 106 of the personal computer 100.
[0106]
In this case, the secure software 180 performs the following operation, for example.
In the figure, it is assumed that the display device 300 eventually consumes image information and is linked to the image LSI 107.
[0107]
First, when the image LSI 107 finishes displaying an image on the display device 300, the secure LSI 180 is requested to prepare for displaying the next image. As a result, the MPEG output unit 188 reads image information (for one sheet) from the MPEG image memory 187 and DMA-transfers it to the image LSI 107.
[0108]
The encryption / decryption unit 184 receives the request from the MPEG video decoder 186, extracts the encrypted MPEG video information from the video buffer 183, and decrypts the encrypted MPEG video information until the small buffer 185 is full. At the time of decryption, the encryption / decryption unit 184 exchanges a decryption key from the secure module 150.
[0109]
The decryption key is only valid for a limited time (for example, several seconds), and after that, a new decryption key needs to be exchanged from the secure module 150. The algorithm for exchanging the decryption key from the secure module 150 may be included in the second secret number communication described later, for example.
[0110]
As a result, the secure module 150 can provide the decryption key to the secure software 180 with peace of mind while confirming that the secure software 180 knows the secret number.
[0111]
Further, the encryption / decryption unit 184 constantly monitors the remaining amount of the encrypted MPEG video information in the video buffer 183. When the amount remains below a certain amount, the encryption / decryption unit 184 requests the TS decoder 182 to replenish the encrypted MPEG video information.
[0112]
Next, the TS decoder 182 receives the request from the encryption / decryption unit 184, reads the encrypted MPEG stream from the input buffer 181 and performs TS decoding processing. Next, the TS decoder 182 stores the encrypted MPEG video information in the video buffer 183.
[0113]
Also, the TS decoder 182 constantly monitors the capacity of the input buffer 181, and when it falls below a certain level, requests the secure module 150 to replenish the encrypted MPEG stream.
[0114]
As a result, the secure module 150 reads the encrypted MPEG stream encrypted from the hard disk drive 102. Next, the encryption / decryption engine 154 of the secure module 150 once decrypts the encrypted MPEG stream and then re-encrypts it with another encryption key. The re-encrypted encrypted MPEG stream is provided from the secure module 150 to the secure software 180.
[0115]
Here, the re-encryption is to pass the decryption key to the secure software 180 having the lowest security in the personal computer 100 when the encrypted MPEG stream read from the hard disk drive 102 is provided to the secure software 180 as it is. Because it is dangerous.
[0116]
On the other hand, when re-encryption is performed in the secure module 150, the secure software 180 is re-encrypted for the secure software 180 at that time, not the encrypted MPEG stream stored in the hard disk drive 102. An encrypted MPEG stream that can only be used with the secure software 180 is provided.
[0117]
Therefore, the re-encrypted encrypted MPEG stream is less dangerous than the encrypted MPEG stream in the hard disk drive 102 that can be read at any time.
[0118]
Further, in FIG. 3, an operation for confirming the safety of the secure software 180 is executed in parallel with the above-described operation. In this operation, the processes shown in the following (1) to (4) are executed, the secure module 150 exerts various actions on the secure software 180, and a response is exchanged.
[0119]
(1) Scan authentication processing
(2) Processing to rewrite the program irregularly
(3) Processing to rewrite the buffer position irregularly
(4) Secret number communication processing
[0120]
Here, in (1) to (4), (1) to (3) are executed by the secure module 150. (4) is executed by the secure module 150 and the secure software 180.
[0121]
Hereinafter, the processes (1) to (4) will be sequentially described. First, (1) scan authentication processing will be described.
[0122]
In the scan authentication process, the secure module 150 directly accesses a partial area or the entire area of the main memory 106 in which the active secure software 180 is mounted by DMA or the like, and reads a part or all of the data of the secure software 180. .
[0123]
Next, the secure module 150 compares the read data with data stored in advance in the RAM 152 (see FIG. 1) and performs authentication based on whether or not they match. For example, if the secure software 180 has been tampered with by a malicious user, the program has been rewritten, so that the comparison result is inconsistent and authentication NG.
[0124]
On the other hand, when the secure software 180 has not been tampered with, the comparison result is matched and the authentication is OK.
[0125]
As a specific implementation method, the same content as the secure software 180 is stored in the RAM 152 of the secure module 150, the secure software 180 is directly read from the main memory 106 by DMA or the like, and the result and the content stored in the RAM 152 are stored. There is a method to compare with each one.
[0126]
In one embodiment, when the memory capacity of the RAM 152 of the secure module 150 is small and the entire secure software 180 cannot be stored, the scan authentication process may be performed by a method such as a checksum.
[0127]
That is, in this case, only the result of adding all the codes of the secure software 180 is stored in the RAM 152, and after the secure software 180 is read out from the main memory 106 by DMA, the result of adding the codes is stored in the RAM 152. If the comparison results match, it is determined that the secure software 180 has not been tampered with (authentication result = OK).
[0128]
Further, detection of tampering by scan authentication is performed by the secure module 150 directly accessing the main memory 106 in which the secure software 180 is mounted independently of the secure software 180.
[0129]
In addition, since the scan authentication process does not go through the operating system at all, it is highly secure against tampering and peeping using functions of the operating system.
[0130]
On the other hand, when going through the operating system, for example, there is a possibility that a malicious user can be easily informed by the interrupt information notified to the operating system such as “when scan authentication processing is executed”. Is expensive.
[0131]
Next, (2) a process of rewriting the program irregularly will be described. In the process of rewriting the program irregularly, the secure module 150 (secure module processor 151) directly transfers the DMA to the memory area (main memory 106) in which the secure software 180 is mounted while the secure software 180 is operating. Write in real time.
[0132]
Here, in contrast to the above-described (1) scan authentication process is a read operation, (2) a write operation is performed in a process of rewriting a program irregularly. Specifically, the secure module 150 rewrites a part of the program of the secure software 180 without using the operating system so that the operating system does not know.
[0133]
As a result, when the scan authentication process is executed later, the authentication result changes in real time even while the secure software 180 is operating, and the degree of safety in the scan authentication process is improved.
[0134]
Here, a synergistic effect between the scan authentication and the irregular rewriting of the program will be described. In FIG. 2, for example, the “program for performing secret number communication” in the secure software 180 is rewritten.
[0135]
In this case, rewriting is performed in real time, and then the scan authentication processing is executed for the code of the rewritten program, so that the safety level is improved. It is easily imagined that it is difficult to hack a program that changes in real time, no matter how capable a malicious user (hacker) is.
[0136]
In one embodiment, it is also possible to confirm that the program actually being rewritten has been rewritten by confirming the actual operation of the rewritten program.
This is effective against the following attacks.
[0137]
In other words, in order for a malicious user to deceive scan authentication, the secure software “scan software” for scan authentication (for deception) and “secure software b” that actually operates are stored in the main memory 106 of the personal computer 100. In other words, the scan authentication process is executed for “secure software a” as an object, and the actual operation is considered to be performed by “secure software b”.
[0138]
The purpose of scan authentication is to make it impossible to rewrite the program. However, by creating a fake “secure software a”, a malicious user can freely rewrite “secure software b”, and the scan authentication is falsified.
[0139]
When the initialization / loading unit 160 loads the secure software 180, the initialization / loading unit 160 notifies the secure module 150 of the load destination memory area.
[0140]
However, at that time, the initialization / loading unit 160 notifies the secure module 150 of the memory area of the secure software a as a fake memory area, thereby enabling the above-described attack.
[0141]
In contrast, in one embodiment, a part (or all) of the secure software 180 is rewritten in real time, and the actual operation of the secure software 180 is changed based on the rewritten result, and the change is detected by the secure module 150. By doing so, the safety of the secure software 180 can be further improved.
[0142]
In one embodiment, for example, a “secret number communication program” is changed. This “secret number communication program” communicates the “secret number” between the secure module 150 and the secure software 180 in the secure software 180, and the secure module 150 confirms the safety of the secure software 180. It is a program for.
[0143]
For example, after notifying the secure software 180 of a secret number from the secure module 150, the secure software 180 returns a regular secret number to the secure module 150.
[0144]
Here, when a number other than the regular secret number is returned to the secure module 150, the secure module 150 determines that the secure software 180 has been tampered with. The secret number may be a number sequence composed of a plurality of numbers.
[0145]
As described above, in one embodiment, the secure module 150 directly executes a scan authentication process on the secure software 180 by a method such as DMA, rewrites a part of the code in real time, and the code operates. By confirming that this is the case, the above-described attack can be prevented.
[0146]
The configuration example for detecting the “spoofed” program has been described above. If the “spoofing” is found, the secure module 150 stops providing the decryption key to the encryption / decryption unit 184 of the secure software 180.
[0147]
In the secure module 150, there are a plurality of decryption keys, and each decryption key is valid for only a few seconds, for example. Therefore, if the provision of the decryption key is stopped, after a few seconds, the secure software 180 cannot continue a series of processes related to the encrypted MPEG stream.
[0148]
Next, (3) processing for rewriting the buffer position irregularly will be described.
In the process (3), while confirming the safety of the secure software 180 by the processes (1) and (2) described above, the buffer (data area) used by the secure software 180 is further changed in real time to Deal with “see” attacks.
[0149]
Here, “peep” means that another program that operates simultaneously with this program (in a time division manner) “seeks” the data area in the secure software 180 and steals information.
[0150]
Originally, the memory space in the personal computer 100 can be “peek” from any program that operates in a time-sharing manner. This is because the current processor is designed so that any memory area can be accessed, and there is no mechanism for controlling access to the memory space for each program.
[0151]
Recently, there are some things that can control the memory space that can be accessed for each program at the operating system level, but this is not enough. If a malicious user is worried about it, it is easy to “peek” into other memory spaces, analyze the structure of the secure software 180, find out where the important data is, and “peek”. It is possible to steal data.
[0152]
For example, in the secure software 180 shown in FIG. 3, if the positions of the input buffer 181, the video buffer 183, the small buffer 185, and the MPEG image memory 187 (collectively referred to as a buffer) are specified, the memory space is “peeked”. By doing this, it is possible to steal MPEG stream information and the like.
[0153]
In particular, the small buffer 185 in which the decoded raw compressed MPEG video information is stored is easy to handle and is easily targeted by malicious users. The MPEG image memory 187 stores a large amount of decoded image information even if the position is specified.
[0154]
Therefore, it is difficult to store and steal the image information in the hard disk drive 102 in consideration of the data transfer speed of the hard disk drive 102 and the transfer speed of the PCI bus 109 connected to the hard disk drive 102.
[0155]
Therefore, in one embodiment, the position of the buffer is rewritten irregularly, that is, the program code is rewritten with DMA such as the start address of the buffer, thereby making it difficult to steal information by “peeps”.
[0156]
Next, (4) secret number communication processing will be described. In the secret number communication process, the secure module 150 shown in FIG. 3 writes data (such as the first secret number) in a certain area of the secure software 180 (first and second secret number communication).
[0157]
Next, the secure module 180 confirms this data and returns an appropriate number, so that the secure module 150 confirms the safety of the secure software 180.
[0158]
In addition to a single number, the secret number may be a sequence number or text information. Of course, this secret number is information that only the secure module 150 and the secure software 180 know. Accordingly, since this number is not analyzed in the previous “peek” analysis or the like, the secret number is changed by the secure module 150 each time.
[0159]
Further, in the secret number communication process, when data is written from the secure module 150 to the memory area of the secure software 180, there is a risk of “peeping” at the data.
[0160]
Therefore, in one embodiment, in order to avoid the above-described danger, a normal value can be read once read into the secure module 150, but a different value (for example, “0”) is read the second time. And 152B are provided, and data is exchanged through these memory spaces 152A and 152B.
[0161]
In one embodiment, a decryption key, an encryption key, etc. are used between the secure module 150 and the secure software 180 using the memory space 152B etc. in which a normal value is read once and “0” is output the second time. Information is exchanged. Of course, the memory spaces 152A and 152B can also be used for transmitting information other than the encryption key.
[0162]
(Secure function at all switching)
Next, the secure function at the time of full switching in the personal computer 100 shown in FIG. 1 will be described with reference to FIG.
[0163]
In FIG. 4, during the normal operation of the secure software 180 loaded (implemented) in the main memory 106 of the personal computer 100, the initializing / loading unit 160 is used to transfer all of the secure software 180 to another secure software 180 ′ ( A case of switching to a TS decoder 182 ′, an encryption / decryption unit 184 ′, an MPEG video decoder 186 ′, an MPEG output unit 188 ′, etc.) is illustrated.
[0164]
At the time of all switching, the secure software 180 before the change and the secure software 180 ′ after the change exist in parallel on the main memory 106 for a period of time.
[0165]
This is a measure for avoiding that, for example, when the secure software 180 is stopped during the operation, the MPEG image reproduction may stop in the middle.
[0166]
Here, when the secure software 180 ′ is loaded from the initialization / loading unit 160 after the secure software 180 is deleted from the main memory 106, it takes time and a situation occurs in which MPEG image reproduction stops.
[0167]
In one embodiment, in order to avoid the above situation, the initialization / loading unit 160 loads the secure software 180 ′ into the main memory 106 before deleting the secure software 180. Thereby, the transition time from the secure software 180 to the secure software 180 ′ is shortened.
[0168]
In addition, when switching from the secure software 180 to the secure software 180 ′, it is necessary to take over the buffer area used by the secure software 180.
[0169]
For example, in FIG. 2 and FIG. 3, there is a possibility that encrypted MPEG video information for several seconds is stored in the video buffer 183, and for example, four frames, that is, four thirty seconds for four seconds in the MPEG image memory 187 ( Image information of about 133 milliseconds) may be stored.
[0170]
In addition, the number of seconds of encrypted MPEG video information stored in the video buffer 183 cannot be known unless the MPEG video decoding process is executed.
[0171]
This is because the MPEG compression rate depends on the image, and if it is an easily compressible image, a large number of images can be stored, but if the image has poor compression efficiency (there are many moving image components that must be updated each time) This is because only a small amount can be stored in the video buffer 183. For this reason, in one embodiment, it is necessary for the secure software 180 ′ to take over the buffer information being processed from the secure software 180.
[0172]
Normally, the secure software is switched (changed) using the initialization / load unit 160 for the following reason. The secure software is changed in real time by direct writing (DMA) by the secure module 150.
[0173]
However, with this change, it is difficult to change the entire secure software only by changing a part of the secure software. In order to change the secure software as a whole, it is necessary to drastically do it via the initialization / load unit 160. For this reason, in the embodiment, the initialization / load unit 160 can be changed.
[0174]
Specifically, the secure module 150 issues a secure software switching request to the initialization / load unit 160. As a result, the initialization / loading unit 160 issues a load request to the secure module 150. In response to the request of the initialization / load unit 160, the secure module 150 “passes the changed secure software 180 ′ to the initialization / load unit 160 in the same manner as described above.
[0175]
Here, the reason why the secure module 150 issues the first switching request to the initialization / load unit 160 is that it is safer to issue from the secure module 150 than from the initialization / load unit 160 close to the operating system. This is to make it difficult to know when the secure software was switched from the operating system.
[0176]
Next, the initialization / loading unit 160 finds a non-swappable free memory area on the personal computer 100 and loads the secure software 180 ′ into the main memory 106.
[0177]
Then, the secure module 150 performs switching control. For example, the secure module 150 controls switching by writing a special number in a certain memory space in the secure software.
[0178]
Next, control is transferred from the secure software 180 to the secure software 180 ′. However, when the control is transferred, it is necessary to transfer the control of the buffer memory space used by the secure software 180 to the secure software 180 ′.
[0179]
For this reason, the following specific control is executed.
[0180]
(1) The secure module 150 passes the switching request signal to the initialization / loading unit 160.
[0181]
(2) The initialization / loading unit 160 requests secure software 180 ′ from the secure module 150.
[0182]
(3) The secure module 150 passes the secure software 180 ′ to the initialization / load unit 160.
[0183]
(4) The initialization / loading unit 160 loads the secure software 180 ′ into the non-swappable area on the main memory 106.
[0184]
(5) Now, the secure software 180 and the secure software 180 ′ exist in parallel on the main memory 106.
[0185]
(6) The secure module 150 issues a secure software switching instruction to the secure software 180.
[0186]
(7) Upon receiving the secure software switching instruction, the secure software 180 waits for the input of an image display end signal from the image LSI 107 in order to transfer control to the secure software 180 ′ at a place where MPEG processing is good, and displays the image. When the end signal is input, the following measures are taken.
[0187]
(A) The secure software 180 notifies the secure software 180 ′ of the start address of the MPEG image memory 187 and related information. For example, when the MPEG image memory 187 has a four-frame structure, the related information includes information on the type of each MPEG frame (I picture, P picture, B picture), an updatable frame, an image to be displayed in the next frame, and the like. It is.
[0188]
(B) The secure software 180 notifies the secure software 180 ′ of information related to the memory start address of the small buffer 185 and the remaining data amount.
[0189]
(C) The secure software 180 notifies the secure software 180 ′ of information regarding the memory start address and the remaining data amount of the video buffer 183.
[0190]
(D) The secure software 180 notifies the secure software 180 ′ of information regarding the memory start address and the remaining memory capacity of the input buffer 181.
[0191]
(E) The secure software 180 notifies the secure software 180 ′ of information on the encryption key and decryption key being used.
[0192]
(8) The secure software 180 transfers control to the secure software 180 ′.
[0193]
(Secure function during partial switching)
Next, a secure function at the time of partial switching in the personal computer 100 shown in FIG. 1 will be described with reference to FIG.
[0194]
FIG. 5 shows a part of secure software 180 (for example, MPEG video decoder 186) using initialization / load unit 160 during normal operation of secure software 180 loaded (implemented) in main memory 106 of personal computer 100. ) Is switched to another MPEG video decoder 186 ′.
[0195]
Here, in FIG. 4 described above, the case where all of the secure software 180 is switched to the secure software 180 ′ has been described, but the case of FIG. 5 where a part is switched is practical. In the case of FIG. 5, since only a part of the secure software 180 is switched, only a part of the buffer is taken over.
[0196]
The following operations are performed through the operations (1) to (5) at the time of full switching.
[0197]
(6 ′) The secure module 150 issues a secure software switching instruction to the secure software 180.
[0198]
(7 ′) The secure software 180 that has received the secure software switching instruction shifts the control to the MPEG video decoder 186 ′ at the point where the MPEG processing is good, so that the image display end signal from the image LSI 107 is transferred. When the image display end signal is input, the following measures are taken.
[0199]
(A ′) The secure software 180 notifies the MPEG video decoder 186 ′ of the start address of the MPEG image memory 187 and related information. For example, when the MPEG image memory 187 has a four-frame structure, the related information includes information on the type of each MPEG frame (I picture, P picture, B picture), an updatable frame, an image to be displayed in the next frame, and the like. It is.
[0200]
(B ′) The secure software 180 notifies the MPEG video decoder 186 ′ of information on the memory start address of the small buffer 185 and the remaining data amount.
[0201]
(8 ′) The secure software 180 incorporates the MPEG video decoder 186 ′ as an official MPEG video decoder instead of the MPEG video decoder 186, and starts processing.
[0202]
Note that the video buffer 183 and the input buffer 181 are not directly related to the MPEG video decoder 186 and need not be switched.
[0203]
As described above, according to the embodiment, the secure module 150 shown in FIG. 3 is provided, and the secure module 150 directly accesses the main memory 106 in which the secure software 180 is stored, thereby rewriting the program and buffering the program. Since the position change, the scan authentication, and the like are executed, a minimum software (secure module 150) is added to a device having an open architecture such as the personal computer 100, so that safe software processing can be performed. Can be executed.
[0204]
Further, according to the embodiment, since the secret information is stored in the memory space that is controlled so that the regular information is read at the first time and the different information is read at the second time, the secure environment is further increased. Can be provided.
[0205]
Although one embodiment of the present invention has been described in detail with reference to the drawings, a specific configuration example is not limited to this one embodiment, and the design can be changed without departing from the gist of the present invention. And the like are included in the present invention.
[0206]
For example, in the above-described embodiment, a program for realizing the above-described secure function is recorded on the computer-readable recording medium 500 shown in FIG. 6, and the program recorded on the recording medium 500 is the same. Each function may be realized by being read and executed by the computer 400 shown in the figure.
[0207]
A computer 400 shown in FIG. 1 executes a program from a CPU 410 that executes the above program, an input device 420 such as a keyboard and a mouse, a ROM 430 that stores various data, a RAM 440 that stores calculation parameters and the like, and a recording medium 500. A reading device 450 for reading, an output device 460 such as a display and a printer, and a bus 470 for connecting each part of the device are configured.
[0208]
The CPU 410 reads the program recorded on the recording medium 500 via the reading device 450 and then executes the program to realize the above-described function. Examples of the recording medium 500 include an optical disk, a flexible disk, and a hard disk.
[0209]
(Supplementary note 1) In an information reproducing apparatus for reproducing information,
A secure module having a structure in which information stored inside cannot be referred to from outside;
Memory that can be referenced from outside,
The memory storage information mounted in the secure module and stored in the memory by direct access without any means, and the comparison result between the memory storage information and the secure module storage information stored in advance in the secure module Falsification check means for checking falsification of the memory storage information based on
An information reproducing apparatus comprising:
[0210]
(Supplementary note 2) The information reproducing apparatus according to supplementary note 1, wherein the tampering check means reads all of the memory storage information.
[0211]
(Supplementary note 3) The information reproducing apparatus according to supplementary note 1, wherein the falsification check means reads a part of the memory storage information.
[0212]
(Supplementary note 4) The information reproducing apparatus according to any one of Supplementary notes 1 to 3, wherein the tampering check unit compares the memory storage information with the secure module storage information by a checksum.
[0213]
(Supplementary note 5) The information reproducing apparatus according to any one of supplementary notes 1 to 4, wherein the memory storage information is software.
[0214]
(Supplementary note 6) The information reproducing apparatus according to any one of supplementary notes 1 to 5, wherein the falsification check unit reads data from the memory irregularly.
[0215]
(Additional remark 7) It is equipped with the rewriting means mounted in the said secure module, and rewrites the memory storage information stored in the said memory by direct access without going through any means, The said tampering check means is the memory storage information after rewriting, The information reproducing apparatus according to any one of appendices 1 to 6, wherein tampering of the memory storage information is checked based on a comparison result with the secure module storage information.
[0216]
(Supplementary note 8) The information reproducing apparatus according to supplementary note 7, wherein the rewriting means rewrites the memory storage information irregularly.
[0217]
(Supplementary note 9) The information reproducing apparatus according to supplementary note 7 or 8, wherein the rewriting means rewrites a part of the memory storage information.
[0218]
(Supplementary note 10) Any one of Supplementary notes 1 to 9, further comprising: a storage control unit which is mounted on the secure module, changes the original information, and stores the changed information in the memory as memory storage information. The information reproducing apparatus according to one.
[0219]
(Supplementary note 11) The information according to supplementary note 10, wherein when the memory storage information is updated, the storage control means causes the memory storage information before the update to be taken over from the memory storage information after the update. Playback device.
[0220]
(Supplementary note 12) The storage control means encrypts the original information using a key existing only in the secure module, and stores the encrypted original information in the memory as the memory storage information. The information reproducing apparatus according to Supplementary Note 10 or 11.
[0221]
(Supplementary Note 13) Key management implemented in the secure module, which holds a key used for encryption or decryption of the memory storage information, and supplies the key to the outside when no alteration is detected by the alteration check means The information reproducing apparatus according to any one of appendices 1 to 12, further comprising: means.
[0222]
(Supplementary note 14) The information reproducing apparatus according to supplementary note 13, wherein the key management means supplies the key with a valid time set.
[0223]
(Supplementary note 15) The information reproducing apparatus according to supplementary note 13 or 14, wherein the key management means changes the key each time it is supplied.
[0224]
(Supplementary note 16) The information reproducing apparatus according to any one of Supplementary notes 13 to 15, wherein the key management unit stops the supply of the key when the alteration check is detected by the alteration check unit.
[0225]
(Supplementary Note 17) A writing unit that is mounted on the secure module and writes the secret information in the secure module to the memory by direct access, and the tamper check unit includes response information corresponding to the written secret information. The information reproducing apparatus according to any one of appendices 1 to 16, wherein the alteration of the memory storage information is checked based on the information.
[0226]
(Supplementary note 18) The information according to supplementary note 17, wherein the secret information is stored in a memory space controlled so that regular information is read out first time and different information is read out a second time Playback device.
[0227]
(Supplementary note 19) The information reproducing apparatus according to any one of supplementary notes 1 to 18, wherein the memory storage information is encrypted MPEG data.
[0228]
(Supplementary note 20) It is executed in a secure module having a structure in which information stored inside cannot be referred to from the outside, and is stored in a memory that can be referred to from outside by direct access without any means. A reading process of reading out stored memory information;
A tamper check step of checking tampering of the memory storage information based on a comparison result between the read memory storage information and the secure module storage information stored in advance in the secure module;
A method for reproducing information, comprising:
[0229]
(Supplementary Note 21) In a secure module that is mounted on an information reproducing device and has a structure in which information stored inside cannot be referred to from outside,
Reading means that can be referred to from the outside and reads the memory storage information stored in the memory mounted in the information reproducing apparatus by direct access without any means;
A tamper check means for checking tampering of the memory storage information based on a comparison result between the read memory storage information and the secure module storage information stored in advance in the secure module;
A secure module characterized by comprising:
[0230]
(Supplementary note 22) The secure module according to supplementary note 21, wherein the reading means reads all the memory storage information.
[0231]
(Supplementary note 23) The secure module according to supplementary note 21, wherein the reading unit reads a part of the memory storage information.
[0232]
(Supplementary note 24) The secure module according to any one of supplementary notes 21 to 23, wherein the tampering check unit compares the memory storage information with the secure module storage information by a checksum.
[0233]
(Supplementary note 25) The secure module according to any one of supplementary notes 21 to 24, wherein the memory storage information is software.
[0234]
(Supplementary note 26) The secure module according to any one of supplementary notes 21 to 25, wherein the reading unit performs reading from the memory irregularly.
[0235]
(Supplementary note 27) Rewriting means for rewriting memory storage information stored in the memory by direct access without any means is provided, and the tamper check means compares the memory storage information after rewriting with the secure module storage information. 27. The secure module according to any one of appendices 21 to 26, wherein the tampering of the memory storage information is checked based on a result.
[0236]
(Supplementary note 28) The secure module according to supplementary note 27, wherein the rewriting means rewrites the memory storage information irregularly.
[0237]
(Supplementary note 29) The secure module according to supplementary note 27 or 28, wherein the rewriting means rewrites a part of the memory storage information.
[0238]
(Supplementary note 30) The secure module according to any one of Supplementary notes 21 to 29, comprising storage control means for changing the original information and storing the changed information in the memory as memory storage information. .
[0239]
(Supplementary note 31) The secure storage unit according to supplementary note 30, wherein when the memory storage information is updated, the storage control means causes the memory storage information before update to be taken over from the memory storage information after update. module.
[0240]
(Supplementary Note 32) The storage control means encrypts the original information using a key that exists only in the secure module, and stores the encrypted original information in the memory as the memory storage information. The secure module according to Supplementary Note 30 or 31.
[0241]
(Supplementary note 33) A key management unit is provided that holds a key used for encryption or decryption of the memory storage information and supplies the key to the outside when the tampering check unit does not detect tampering. The secure module according to any one of appendices 21 to 32.
[0242]
(Supplementary note 34) The secure module according to supplementary note 33, wherein the key management means supplies the key with a valid time set.
[0243]
(Supplementary note 35) The secure module according to supplementary note 33 or 34, wherein the key management means changes the key each time it is supplied.
[0244]
(Supplementary note 36) The secure module according to any one of supplementary notes 33 to 35, wherein the key management unit stops supply of the key when the alteration check is detected by the alteration check unit.
[0245]
(Supplementary Note 37) A writing unit for writing secret information in the secure module to the memory by direct access, wherein the tampering checking unit stores the memory storage information based on the response information corresponding to the written secret information. 37. The secure module according to any one of appendices 21 to 36, wherein tampering is checked.
[0246]
(Supplementary note 38) The secure information according to supplementary note 37, wherein the secret information is stored in a memory space that is controlled so that regular information is read first time and different information is read second time. module.
[0247]
(Supplementary note 39) The secure module according to any one of Supplementary notes 21 to 38, wherein the memory storage information is encrypted MPEG data.
[0248]
(Additional remark 40) In the recording medium which stored the program for making the secure module which is mounted in the information reproducing | regenerating apparatus and has the structure which cannot refer the information stored inside from the outside,
Read process means that can be referred to from the outside and read out the memory storage information stored in the memory mounted in the information reproducing apparatus by direct access without any means;
A tamper check step of checking tampering of the memory storage information based on a comparison result between the read memory storage information and the secure module storage information stored in advance in the secure module;
A recording medium storing a program for executing the program.
[0249]
【The invention's effect】
As described above, according to the present invention, the memory storage information stored in the memory is read by direct access without using any means, and the memory storage information and the secure module storage information stored in advance in the secure module are read out. Based on the comparison result, it was decided to check the tampering of the memory storage information. Therefore, by adding a minimum hardware (secure module) to a device having an open architecture such as a personal computer, a safe software There exists an effect that a process can be performed.
[0250]
Further, according to the present invention, a rewriting unit that is mounted on the secure module and rewrites the memory storage information stored in the memory by direct access without any means is provided, and the memory storage information after rewriting, the secure module storage information, Based on the comparison result, it was decided to check the alteration of the memory storage information. Therefore, it is safe to add a minimum hardware (secure module) to a device having an open architecture such as a personal computer. There is an effect that software processing can be executed.
[0251]
Further, according to the present invention, since it is mounted on the secure module, the original information is changed, and the changed information is stored in the memory as the memory storage information, it is possible to provide a safer secure environment. There is an effect.
[0252]
In addition, according to the present invention, when the memory storage information is updated, the memory storage information before the update is taken over from the memory storage information after the update. There is an effect that can be.
[0253]
Further, according to the present invention, the original information is encrypted using a key that exists only in the secure module, and the encrypted original information is stored in the memory as memory storage information. There is an effect that it can be provided.
[0254]
In addition, according to the present invention, the key used for encryption or decryption of the memory storage information is held, and when tampering is not detected by the tampering check means, the key is supplied to the outside, so that the security is high. There is an effect that encryption or decryption can be performed in the state.
[0255]
Further, according to the present invention, when the alteration is detected by the alteration check means, the supply of the key is stopped, so that it is possible to minimize the damage caused by the alteration.
[0256]
Further, according to the present invention, there is provided a writing means for writing the secret information in the secure module into the memory by direct access, and checking for alteration of the memory storage information based on the response information corresponding to the written secret information; As a result, it is possible to provide a safer secure environment.
[Brief description of the drawings]
FIG. 1 is a block diagram showing a configuration of an embodiment according to the present invention.
FIG. 2 is a block diagram for explaining a secure function at power-on in the personal computer 100 shown in FIG.
FIG. 3 is a block diagram for explaining a secure function during normal operation in the personal computer 100 shown in FIG. 1;
4 is a block diagram for explaining a secure function at the time of full switching in the personal computer 100 shown in FIG. 1. FIG.
FIG. 5 is a block diagram for explaining a secure function at the time of partial switching in the personal computer 100 shown in FIG. 1;
FIG. 6 is a block diagram showing a configuration of a modification of the same embodiment.
FIG. 7 is a block diagram showing a configuration example of a conventional system using a personal computer 50.
8 is a diagram for explaining the flow of information in the personal computer 50 shown in FIG. 7;
[Explanation of symbols]
100 Personal computer
101 PC main processor
102 Hard disk drive
106 Main memory
107 Image LSI
108 Image memory
109 PCI bus
150 Secure Module
151 Secure Module Processor
152 RAM
153 ROM
154 Encryption / decryption engine
155 PCI interface
200 network
300 Display device
160 Initialization / loading section
170 drivers
180 Secure Software
180 'secure software
181 Input buffer
182 TS decoder
183 video buffer
184 Encryption / decryption unit
185 small buffer
186 MPEG video decoder
187 MPEG picture memory
188 MPEG output section

Claims (38)

In an information reproducing apparatus for reproducing information,
Have a structure that can not be referring to the information stored in the inside from the outside, and a secure module for previously storing a previous secure software loaded as a secure module storing information,
A memory that can be referenced from the outside and loaded with the secure software ;
Wherein is implemented in the secure module, said read by directly accessing the memory storage information is a secure operating software loaded into memory without any means, and said memory storing information, the result of comparison between the secure module stores information And a tamper check means for checking tampering of the memory storage information,
An information reproducing apparatus comprising: 2. The information reproducing apparatus according to claim 1, further comprising changing means for changing a buffer position used by secure software mounted on the secure module and loaded into the memory as the memory storage information. The information reproducing apparatus according to claim 1, wherein the tampering check unit reads all of the memory storage information. 3. The information reproducing apparatus according to claim 1, wherein the tampering check unit reads a part of the memory storage information. 5. The information reproducing apparatus according to claim 1, wherein the tampering check unit compares the memory storage information with the secure module storage information using a checksum. The information reproduction apparatus according to claim 1, wherein the tampering checker reads data from the memory irregularly. Rewriting means mounted on the secure module and rewriting the memory storage information stored in the memory by direct access without any means, and the tamper check means includes the memory storage information after rewriting and the secure module storage information. 7. The information reproducing apparatus according to claim 1 , wherein the information stored in the memory is checked for falsification based on a comparison result with the information reproducing apparatus. The information reproducing apparatus according to claim 7, wherein the rewriting unit rewrites the memory storage information irregularly. 9. The information reproducing apparatus according to claim 7, wherein the rewriting unit rewrites a part of the memory storage information. The storage module includes a storage control unit that is mounted on the secure module, changes original information that is secure software stored in a hard disk drive, and stores the changed information in the memory as memory storage information. The information reproducing apparatus according to claim 1 . When the storage control means updates the memory storage information by switching the secure software loaded into the memory , the storage control means transfers the buffer position information used by the secure software before the update to the secure software after the update. the information reproducing apparatus according to claim 10, characterized in that. The storage control means encrypts original information, which is MPEG data to be processed by secure software loaded into the memory, using a key existing only in the secure module, and stores the encrypted original information in the memory 12. The information reproducing apparatus according to claim 10 or 11 , wherein the information is stored in the memory as MPEG data to be processed of stored information. A key management unit that is mounted on the secure module, holds a key used for encryption or decryption of the memory storage information, and supplies the key to the outside when the tampering check unit does not detect tampering The information reproduction apparatus according to claim 1 , wherein the information reproduction apparatus is a reproduction apparatus. The information reproducing apparatus according to claim 13, wherein the key management unit supplies the key with a valid time set. 15. The information reproducing apparatus according to claim 13, wherein the key management unit changes the key each time the key is supplied. 16. The information reproducing apparatus according to claim 13, wherein the key management unit stops supply of the key when tampering is detected by the tampering checking unit. A writing unit that is mounted on the secure module and writes the secret information in the secure module to the memory by direct access, and the tampering checking unit is configured to store the memory based on the response information corresponding to the written secret information. The information reproducing apparatus according to claim 1, wherein the stored information is checked for tampering. 18. The information reproducing apparatus according to claim 17, wherein the secret information is stored in a memory space controlled so that regular information is read first time and different information is read second time. Is mounted on the information reproducing apparatus, have a structure that can not be referring to the information stored in the inside from the outside, in the secure module to pre-stored as a secure module stores information in front of secure software loaded,
Reading means that can be referred to from the outside and reads memory storage information that is secure software in operation loaded in a memory mounted in the information reproducing apparatus by direct access without any means;
Wherein a read the memory storage information was based on a comparison result between the secure module storing information, a falsification check means for checking falsification of the memory storage information,
A secure module comprising: 20. The secure module according to claim 19, further comprising changing means for changing a position of a buffer used by secure software loaded into the memory as the memory storage information. 21. The secure module according to claim 19, wherein the reading unit reads all of the memory storage information. 21. The secure module according to claim 19, wherein the reading unit reads a part of the memory storage information. The secure module according to any one of claims 19 to 22, wherein the tampering check unit compares the memory storage information with the secure module storage information by a checksum. The secure module according to any one of claims 19 to 23, wherein the reading unit performs reading from the memory irregularly. Rewriting means for rewriting memory storage information stored in the memory by direct access without any means, and the tamper check means is based on a comparison result between the memory storage information after rewriting and the secure module storage information. The secure module according to any one of claims 19 to 24, wherein tampering of the memory storage information is checked. 26. The secure module according to claim 25, wherein the rewriting unit rewrites the memory storage information irregularly. 27. The secure module according to claim 25 or 26, wherein the rewriting means rewrites a part of the memory storage information. 28. A storage control means for changing original information, which is secure software stored in a hard disk drive, and storing the changed information in the memory as memory storage information. The secure module as described in one. When the storage control means updates the memory storage information by switching the secure software installed in the memory, the storage control means transfers the buffer position information used by the secure software before the update to the secure software after the update. 29. The secure module according to claim 28, wherein: The storage control means encrypts original information, which is MPEG data to be processed by secure software loaded into the memory, using a key existing only in the secure module, and stores the encrypted original information in the memory 30. The secure module according to claim 28 or 29, wherein the secure module is stored in the memory as MPEG data to be processed. 20. A key management unit that holds a key used for encryption or decryption of the memory storage information and supplies the key to the outside when the tampering check unit does not detect tampering. 30. The secure module according to any one of 30. 32. The secure module according to claim 31, wherein the key management means supplies the key with a valid time set. 33. The secure module according to claim 31 or 32, wherein the key management means changes the key every time it is supplied. The secure module according to any one of claims 31 to 33, wherein the key management unit stops supply of the key when tampering is detected by the tampering check unit. Write means for writing the secret information in the secure module to the memory by direct access, and the tamper check means checks the tampering of the memory storage information based on the response information corresponding to the written secret information The secure module according to any one of claims 19 to 34, wherein: 36. The secure module according to claim 35, wherein the secret information is stored in a memory space controlled so that regular information is read first time and different information is read second time. Have a structure that can not be referring to the information stored in the inside from the outside, is performed within the secure module for previously storing a previous secure software loaded as a secure module storing information, it can be referenced from outside A read process for reading out memory storage information, which is secure software in operation loaded into a simple memory, by direct access without any means ;
The runs in the secure module, based on a result of comparison between the read said memory stores information was to the secure module storing information, a tampering check process for checking the tampering with the memory storage information,
A method for reproducing information, comprising: 38. The information reproducing method according to claim 37, further comprising a changing step of changing a position of a buffer used by secure software installed in the memory as the memory storage information.

Images