JP5443552B2 - media - Google Patents

Description

  Embodiments described herein relate to an information recording apparatus, a host apparatus, and a processing method of the information recording apparatus.

In recent years, with the development of the information society, content that has been digitized such as books, newspapers, music and videos is distributed, and the content recorded on the recording medium via the user terminal or the user terminal is transmitted to the user terminal or the PC environment. Content distribution systems that enable browsing are widely used.

JP 2005-341156 A JP 2010-268417 A

The purpose is to prevent the spread of clone cards even when an authentication method based on public key cryptography is used.

An information recording apparatus according to an embodiment described below performs data communication with a host device through a secure channel, a memory unit that stores various data, a controller configured to control a given memory unit, and the like. And an interface unit. The controller holds a controller key and first controller identification information unique to the controller.

The controller includes a controller unique key generation unit that generates a unique controller unique key for each controller based on the controller key and the first controller identification information;
A controller identification information generation unit that generates second controller identification information based on the controller identification information, an authentication key exchange processing unit that executes an authentication key exchange process between the decoder and the host device.

The memory unit includes a normal recording unit that can be freely accessed from the outside, a secret recording unit, and a system information recording unit. The secret recording unit can be accessed on condition that the predetermined authentication process is completed. The system information recording unit includes an encrypted media device key obtained by encrypting a media device key that functions as a private key for public key cryptography with a controller unique key, a media device key certificate that functions as a public key for public key cryptography, Is stored.

The decryptor is configured to be able to obtain the media device key by decrypting the encrypted media device key using the controller unique key. The authentication key exchange processing unit is configured to perform an authentication key exchange process with the host device via the interface unit using the media device key and the media device key certificate to establish a secure channel.

The host device of the embodiment described below can be connected to an information recording device including a memory unit for storing various data, and a controller that is given a controller key and first controller identification information and controls the memory unit. It is comprised, and it is comprised so that a predetermined | prescribed authentication key exchange process may be performed between information recording devices, and data may be supplied. The host device includes a holding unit that holds a host device key that functions as a secret key of the public key cryptosystem and a host device key certificate that functions as a public key of the public key cryptosystem. In addition, the host device performs an authentication key exchange process with the information recording device using the host device key and the host device key certificate, and holds the public key encryption method public key held by the information recording device. An authentication key exchange processing unit for receiving media device key certificate information embedded in a functioning media device key certificate is provided. The host device also includes an interface unit for performing data communication with the information recording device via the secure channel, and the second controller identification information generated by the information recording device based on the first controller identification information. And an identification information generation unit that receives the data communication via the unit and generates information recording device identification information based on the second controller identification information and the media device key certificate information.

It is a block diagram which shows the structure of the memory card 1000 used for the information recording system which concerns on 1st Embodiment. FIG. 2 is an equivalent circuit diagram showing a configuration of the memory 100 (NAND flash memory) in FIG. 1. 6 is a schematic diagram illustrating a method for writing an encrypted media device key and a media device key certificate to the memory card 1000 in the first embodiment. FIG. It is a block diagram which shows the structure and operation | movement of the memory card 1000 and the host apparatus 2000 which are included in the information recording system which concerns on 1st Embodiment. It is a block diagram which shows the structure and operation | movement of the memory card 1000 and the host apparatus 2000 which are included in the information recording system which concerns on 1st Embodiment. It is a block diagram which shows the structure and operation | movement of the memory card 1000 and the host apparatus 2000 which are included in the information recording system which concerns on 2nd Embodiment. It is a flowchart which shows operation | movement of the information recording system which concerns on 2nd Embodiment.

Electronic content (hereinafter simply referred to as content) can be easily duplicated,
Fraudulent behavior that ignores copyright associated with content is likely to occur. From the viewpoint of protecting the content from such illegal acts, the content is normally encrypted and recorded on a recording medium, and is decrypted at the time of reproduction only by a legitimate device.

In addition, an encrypted double key scheme in which a content key for encrypting content is double-encrypted with two types of keys is considered. Of the encryption keys, a key unique to the recording medium (for example, a media unique key) is securely recorded in a secret area of the recording medium and cannot be accessed from the outside of the recording medium. For this reason, for example, even if only encrypted content key data is copied illegally, the content cannot be used (decrypted) without a media unique key necessary for decrypting the encrypted content key.

However, when such a media unique key is illegally read out by some method and passed to an unauthorized recording medium (memory card) manufacturer, a clone card that copies a legitimate recording medium (memory card) will be circulated, It is possible that content data is used illegally.

  Hereinafter, embodiments of the present invention will be described with reference to the drawings.

[First Embodiment]
FIG. 1 shows a configuration of a memory card (nonvolatile memory system) 1000 used in the information recording system according to the first embodiment. The memory card 1000 is configured to be able to store content data encrypted. Note that the nonvolatile memory system is not necessarily in the form of a memory card, and the memory card 1000 may be mounted in a manner that is not removable from the host device 2000.

The memory card 1000 is configured to be connectable to a host device 2000 (not shown in FIG. 1), and is configured to execute a predetermined authentication key exchange process with the host device 2000. When the authentication key exchange process is completed, the memory card 10 is sent from the host device 2000.
Data can be written to or read from the 00 system information recording unit and secret recording unit. Further, the memory card 10 can be obtained by the host device 2000 or a playback device connected thereto.
Data necessary for decrypting the encrypted content data stored in 00 can be read, and the content data can be reproduced.

Then, the memory card 1000 according to the present embodiment uses the media device key Kmd_i, which is a secret key of the public key cryptosystem, and the public key of the public key cryptosystem for the authentication key exchange process with the host device 2000. The included media device key certificate Cert _media can be stored. Details will be described later.

The memory card 1000 includes a NAND flash memory 100 (hereinafter referred to as a memory 10).
0) and a controller 200 for controlling the read / write operation in the memory 100. Here, a case where a NAND flash memory is adopted as an example of the memory 100 will be described. However, other memory devices (magnetic disk drive device, resistance change memory, ferroelectric memory, magnetic memory that can store data in a nonvolatile manner are described. It is also possible to employ a resistance memory, a phase change memory, or the like) as the memory 100.

The controller 200 temporarily holds a NAND flash interface 201 for performing data transfer with the memory 100, a host interface 202 for performing data transfer with an external device such as the host device 2000, and read / write data. Buffer RAM 203, MPU 204 for performing data transfer control, NAND flash memory 21
Hardware sequencer 205, decryptor 206, encryptor 207, and fuse circuit 20 used for read / write sequence control of firmware (FW)
8 has.

The NAND flash interface 201 includes an error correction circuit (ECC).
When writing data to the NAND flash memory, the NAND flash interface 201 calculates an error correction code using an error correction circuit, and converts the data and the error correction code to NA.
Write to the ND flash memory 21. The NAND flash interface 201
When reading data from the NAND flash memory, the syndrome is calculated from the data and the error correction code, and the error of the data is corrected within a predetermined error correction capability range.

Firmware (FW) necessary for the controller 200 is stored in the memory 10 in an initialization operation (power-on initial setup operation) that is automatically executed after power-on.
It is automatically read from 0 and transferred to the data register (buffer RAM) 203.
This read control is performed by the hardware sequencer 205. The firmware may be stored in a ROM in the controller 200. The firmware in this embodiment includes a unidirectional converter 211, an ID generator 212, an authentication key exchange processing unit 213, and the like, as will be described later.

The fuse circuit 208 stores a controller key Kc and a controller unique ID (IDcu) for identifying the controller 20. The controller key Kc and the controller unique ID (IDcu) are used to generate a controller unique key Kcu as will be described later. The controller unique key Kcu is the media device key Kmd described above.
It is used to encrypt _i when it is recorded in the system information recording unit 103 of the memory card 1000. The controller unique key Kcu is generated in the unidirectional converter 211 using the controller key Kc and the controller unique ID (IDcu) as input values. That is, the one-way converter 211 is an aspect of a controller unique key generation unit for generating a controller unique key.

Further, the ID generator 212 (controller identification information generation unit) generates a public controller unique ID (IDcntr) transmitted to the outside using the controller key Kc and the controller unique ID (IDcu) as input values.

The authentication key exchange processing unit 213 executes an authentication key exchange process with the host device 2000 based on the media device key Kmd_i and the media device key certificate Cert _media .

As shown in FIG. 2, the memory 100 includes a NAND cell unit (NAND string) in which a plurality of electrically rewritable nonvolatile memory cells (32 memory cells in the illustrated example) M0 to M31 are connected in series. NU is arranged.

One end of the NAND cell unit NU is connected to the bit line BL via the selection gate transistor S1.
The other end of o and BLe is connected to the common source line CELSRC via the selection gate transistor S2. The control gates of the memory cells M0 to M31 are word lines WL0 to WL31, respectively.
And the gates of the select gate transistors S1, S2 are select gate lines SGD, SGS.
Connected to.

A set of NAND cell units arranged in the word line direction constitutes a block serving as a minimum unit of data erasure, and a plurality of blocks BLK0 to BLK are arranged in the bit line direction as shown in the figure.
n-1 is arranged. Some of the blocks BLK are set as the normal recording unit 101 that the user can freely access without special authentication processing, and the other part can be accessed after a certain authentication key exchange processing The other part is set as the system information recording unit 103 that records predetermined information at the time of manufacturing the memory card. Each of the normal recording unit 101, the secret recording unit 102, and the system information recording unit 103 is assigned a logical address. Designation of the logical address of the secret recording unit 102 is allowed only when an authentication key exchange process described later is completed.

In the normal recording unit 101, data of 2 bits or more can be stored in one memory cell. On the other hand, the secret recording unit 102 and the system information recording unit 103 can store only 1-bit data in one memory cell from the viewpoint of ensuring data reliability. In the normal recording unit 11, the correspondence relationship between the logical address and the physical address is dynamically changed as the data is updated. However, the data recording reliability of the secret recording unit 12 and the system information recording unit 103 is ensured. From the viewpoint, the correspondence between the logical address and the physical address may be controlled to be fixed statically.

A sense amplifier circuit 3 used for reading and writing cell data is arranged on one end side of the bit lines BLe and BLo, and a row decoder 2 for selecting and driving the word line and the selection gate line is arranged on one end side of the word line. The In the figure, adjacent even-numbered bit lines BLe and odd-numbered bit lines BLo are selectively connected to each sense amplifier SA of the sense amplifier circuit 3 by a bit line selection circuit.
The case where it is connected to is shown.

Next, a manufacturing process of the memory card 1000 and a method of writing the media device key Kmd_i and the media device key certificate Cert _media of FIG. 1 will be described with reference to FIG.

The media device key Kmd_i and the media device key certificate Cert _media to be written to the memory card 1000 are sent from the key issuing / management center 3000 to the memory card manufacturer C.
1 and the memory 1 constituting the memory card 1000 via the controller 200
00 is written in the system information recording unit 103. Although not shown in FIG. 1, the memory card 1000 is connected to a device (a personal computer, a mobile phone terminal, a public terminal, etc.) having a predetermined communication function. The key issuing / management center 3 is connected via a device having such a communication function.
Data issued from 000 is written to the memory card 1000.

As described above, the media device key Kmd_i is a secret key of the public key cryptosystem, while the media device key certificate Cert _media is data including a public key corresponding to the media device key Kmd_i as a secret key. Media device key certificate Cert _{m
The media} includes a media device key certificate ID (IDm_c) that is identification information unique to the certificate.
ert) is also embedded.

In the manufacture of the memory card 1000, the controller 200 is provided from the controller manufacturer A, and the memory 100 is provided from the memory manufacturer B to the memory card manufacturer C. In addition, any or all of manufacturers A, B, and C may be the same company. In order for the memory card 1000 to be operable, the memory card manufacturer C must
Write necessary information.

When the controller manufacturer A manufactures the controller 200, the controller 200
Of the controller key Kc and the controller unique ID (IDcu) as confidential information.
) Is written. The controller key Kc is used for a plurality of controllers 2 for reasons of manufacturing processes.
00 may be a common key. On the other hand, the controller unique ID is different for each controller 200, and a controller unique key generated in one controller 200 is always different from a controller unique key generated in another controller 200.

The controller manufacturer A discloses the data of the controller key Kc assigned to the controller 200 to the key issuing / management center 3000. The controller key Kc can be transmitted from the controller manufacturer A to the key issuing / management center 3000 using PGP encryption or the like.

Key issuing / management center 3000, the media device key Kmd_i or media device key certificate and key generating unit 3002 for generating a _{Cert media,} generated media device key Kmd_i and a device key database managing media device key certificate _{Cert media} 3001 And an encryption unit 3003 for encrypting the media device key Kmd_i using the controller key Kc received from the controller manufacturer A.

The controller key Kc is the media device key K in the key issuing / management center 3000.
Used to encrypt md_i. The media device key Kmd_i is the key generator 30
After being generated at 02, it is stored in the device key database 3001. Encryptor 3003
Is supplied with the corresponding media device key Kmd_i from the device key database 3001, and encrypts it with the controller key Kc to encrypt the encrypted media device key Enc (Kc,
Kmd_i) is generated.

The controller key Kc is information that only the controller manufacturer A and the key issuing / management center 3000 can know. However, in order to reduce the damage when the information of the controller key Kc leaks to the outside due to some accident or circumstances, it is desirable to change it in units of a certain amount of controller, for example, every production lot.

In the key generator 3002 and the device key database 3001, the memory card 100
Not only the media device key Kmd_i for 0 and the media device key certificate Cert _media but also the host device key Khd_i and host device certificate Certost for the host device 2000 described later are generated and managed in the same manner.

The memory card manufacturer C receives the supply of the controller 200 from the controller manufacturer A, and encrypts the media device key (encrypted media device key Enc (Kc, Kmd_i) for the controller 200 and the corresponding media) The device key certificate Cert _media is received from the key issuance / key management center 3000. In order to receive the desired encrypted media device key Enc (Kc, Kmd_i), for example, the model number or manufacturing lot number of the controller 200 is presented. It is possible to receive the media device key encrypted with the correct controller key Kc.

The encrypted media device key Enc (Kc, Kmd_i) is temporarily written in the buffer RAM 203 of the controller 200. Then, the controller 200 decrypts the encrypted media device key Enc (Kc, Kmd_i) in the decryptor 206 using the controller key Kc that the controller 200 has. As a result, the media device key Kmd_i is obtained in the controller 200.

On the other hand, the one-way converter 211 calculates a one-way function using the controller key Kc and controller unique ID (IDcu) held in the controller 200 as input values, and generates a controller unique key Kcu. Using this newly generated controller unique key Kcu, the media device key Kmd_i is encrypted again by the encryptor 207,
An encrypted media device key Enc (Kcu, Kmd_i) is generated. The encrypted media device key Enc (Kcu, Kmd_i) is stored in the system information recording unit 103 of the memory 100 supplied from the memory manufacturer B. Media device key certificate Cert _me corresponding to the encrypted media device key Enc (Kcu, Kmd_i) written at this time
_Dia is similarly stored in the system information recording unit 103.

The controller unique key (Kcu) is generated using the controller key Kc and the controller unique ID (IDcu) that are concealed in the controller 200. Therefore, there is little risk that information necessary for decrypting the encrypted media device key Enc (Kcu, Kmd_i) will be leaked to the outside, and the encrypted media device key Enc once written in the memory 100
In order to make (Kcu, Kmd_i) usable by the separate controller 200, it is very difficult to illegally re-encrypt (encrypt with the original controller unique key Kcu1 and then with another controller unique key Kcu2). It has become difficult.

In the first embodiment, the controller key Kc and the controller unique ID (IDc
The one-way function is used when generating the controller unique key Kcu from u).
Any function that can generate one output data from one input data may be used, and the function is not particularly limited to a one-way function.

Next, the overall configuration and operation of the information recording system according to the first embodiment will be described with reference to FIG. The memory card 1000 given the encrypted media device key Enc (Kcu, Kmd_i) and the media device key certificate Cert _media as described above is connected to the host device 2000 as shown in FIG. The content data C can be written from the host device 2000, or the captured content data C can be output to the host device 2000. The memory card 1000 and the host device 2000 constitute one information recording system.

Here, the structure of the host device 2000 will be described. The host device 2000 includes a holding unit 401, an authentication key exchange processing unit 402, an ID combination unit 403, a one-way converter 404, a random number generator 405, an encryption / decryption unit 406, and an encryption / decryption unit 407.

The holding unit 401 stores the host device key Khd_j and the host device certificate C described above.
It stores ert _host . The host device key Khd_j is a private key of a public key cryptosystem, and the host device certificate Cert _host is data including a public key that is paired with the host device key Khd_j.

The authentication key exchange processing unit 402 executes an authentication key exchange process with the authentication key exchange processing unit 213 of the memory card 1000 via the interface units 500 and 202 and the secure channel to perform a media device key certificate ID (IDm_cert ). The ID combining unit 403 also uses the memory card unique ID (IDmc) based on the public controller unique ID (IDcntr) and the media device key certificate ID (IDm_cert).
). This ID combination unit 403 is a controller unique ID.
It functions as an identification information generating unit that generates a memory card unique ID (IDmc) based on (IDcntr) and the media device key certificate ID (IDm_cert). This I
The D combining unit 403 generates another new ID by simply combining two IDs. Instead of such simple coupling, a new ID may be generated using, for example, a one-way function or a cryptographic algorithm.

The one-way converter 404 has a memory card unique ID (IDmc) and a random number generator 4
A media unique key Kmu is generated by a one-way function using the media key Km generated in 05 as an input. The random number generator 405 generates a random number and generates a media key Km and a title key Kt based on the acquired random number. The encryption / decryption device 406 encrypts the title key Kt with the above-mentioned media unique key Kmu. The encryption / decryption device 407 encrypts the content data C with the title key Kt (encrypted content data Enc (K
t, C)).

The media unique key Kmu is generated by the host device 2000 and is used as an encryption key for encrypting the title key Kt in the present embodiment. Similarly to the conventional content protection technology, a form in which the media unique key Kmu recorded in the secret recording unit 102 is directly used for encryption of the content data C is also possible. Also applicable to the double encryption method that encrypts the user key Ku unique to the user with the media unique key Kmu, further encrypts the content key Kct with the user key Ku, and further encrypts the content data with the content key Kct. It is.

In addition, the media key Km and the title key Kt are not only generated in the host device, but may be written in a memory card in advance or may be given from an external device (not shown).

Next, the operation when the content data C is written from the host device 2000 to the memory card 1000 will be described with reference to FIG. First, the memory card 10
00 uses the one-way converter 211 and the controller key Kc and the controller unique I
A controller unique key Kcu is generated from D (IDcu). Then, using this controller unique key Kcu, the encrypted media device key Enc (Kcu, Kmd_i)
To obtain the media device key Kmd_i. The media device key Kmd_i and the media device key certificate Cert _media are transferred to the authentication key exchange processing unit 213.

On the other hand, the host device 2000 transfers the host device key Khd_j and the host device key certificate Cert _host to the authentication key exchange processing unit 402. As a result, the authentication key exchange processing units 213 and 402 execute an authentication key exchange process. When the processing is completed, a secure channel is established between the memory card 1000 and the host device 2000. When the secure channel is established, the ID generator 212 can output the public controller unique ID (IDcntr) generated by the ID generator 212 through the secure channel via the interface unit.

When the secure channel is established, the ID generator 403 performs public controller unique I
A memory card unique ID (IDmc) is generated by combining D (IDcntr) and the media device key certificate ID (IDm_cert).

The host device 2000 generates a media key (Km) using the random number generator 405 and records the generated media key Km in the secret recording unit 102 of the memory card 1000 via the secure channel and interface units 500 and 202.

The host device 2000 generates a media unique key Kmu from the media key Km and the memory card unique ID (IDmc) using the unidirectional converter 404.

The host device 2000 generates the title key Kt using the random number generator 405, further encrypts the title key Kt with the media unique key Kmu using the encryption / decryption device 406, and encrypts the encrypted title key Kte = Enc (Kmu, Kt ) Is recorded in the normal recording unit 101 of the memory card 100. Further, the host device 2000 encrypts the content data C using the title key Kt, and records the encrypted content data Ce = Enc (Kt, C)) in the normal recording unit 101 of the memory card 1000. Thus, the recording operation of the content data C is completed.

Next, an operation when reading content data C from the memory card 1000 to the host device 2000 will be described with reference to FIG. The authentication key exchange processing by the authentication key exchange processing units 213 and 402 and the operation in the ID combination unit 403 are substantially the same as in the case of the write operation (FIG. 4).

When the authentication key exchange process is completed and the secure channel is established, the secret recording unit 102 and the system information recording unit 103 can be accessed (that is, the logical addresses of the secret recording unit 102 and the system information recording unit 103 are set). The media key Km recorded in the secret recording unit 102 of the memory card 1000 is provided to the unidirectional converter 404 of the host device 2000 via the secure channel. The one-way converter 404 generates a media unique key Kmu using the media key Km and the above-mentioned memory card unique ID (IDmc). The encryption / decryption device 407 uses this media unique key Kmu to decrypt the encrypted title key Enc (Kmu, Kt) stored in the memory card 100 to obtain the title key Kt. Then, using the obtained title key Kt, the memory card 1
The content data C is obtained by decrypting the encrypted content data Enc (Kt, C) stored in 00.

As described above, in this embodiment, the media device key Kmd_i and the media device key certificate Cert _media according to the public key cryptosystem are used for the authentication key exchange process. However, the controller key Kc of the controller 200 and the controller unique I
A controller unique ID (IDcntr) is generated based on D (IDcu), and this controller unique ID (IDcntr) is supplied to the host device 2000 via a secure channel. Since the transmission is via the secure channel, the controller unique ID (IDcntr) is not leaked to the outside, and tampering is prevented. Further, the controller unique ID (IDcntr) and the media device key certificate ID (IDm
_Cert) and the ID combination unit 403 based on the memory card unique ID (ID
mc) is generated. Based on this memory card unique ID (IDmc), a media unique key Kmu of the memory 100 in the memory card 1000 is generated. in this way,
According to the present embodiment, even when an authentication key exchange process using a public key cryptosystem is performed,
A public key / private key pair and a controller unique ID (IDc unique to the controller 200)
ntr) can be associated with each other, thereby preventing the spread of clone cards.

[Second Embodiment]
FIG. 6 is a block diagram showing a configuration of an information recording system according to the second embodiment. Since the hardware configuration of the memory card 1000 may be the same as that shown in FIGS. 1 and 2, description thereof will be omitted below. In the present embodiment, as shown in FIG. 6, the authentication key exchange processing unit 213
The operation is different. That is, the authentication key exchange processing unit 213 here is the ID generator 21.
The controller unique ID (IDcntr) generated in step 2 is directly connected to the host device 2000.
Is transmitted to the authentication key exchange processing unit 213 in the controller 200. The controller unique ID (IDcntr) is used as one of the parameters for the authentication key exchange process. When the authentication key exchange process is completed, the controller unique ID (I
Dcntr) is transmitted to the ID combination unit 403 together with the media device key certificate ID (IDm_cert). Subsequent operations are substantially the same as those in the first embodiment.

FIG. 7 illustrates an operation procedure when standard authentication key exchange based on elliptic curve cryptography is used.

The host device generates a random number RNh (step S1), and the host device key certificate Cert
_The data is sent to the memory card 1000 together with the _host (step S2). The memory card 1000 verifies the digital signature attached to the received host device key certificate Cert _host and generates a random number RNm (step S3).

Subsequently, the memory card 1000 stores the random number RNm and the media device key certificate (Cert _m
edia ) is sent to the host device (step S4). In response to this, the host device 2000 verifies the digital signature attached to the received media device key certificate Cert _media . The memory card 1000 performs the process of step S4, generates a random number Mk necessary for Diffie-Hellman key exchange processing in elliptic curve cryptography, and uses the base point G of the elliptic curve for a challenge value Mv (= Mk * G) is calculated. Then, IDcntr is generated by the ID generator 212, the challenge value Mv using the media device key Kmd_i, the random number RNh received in step S2, and the controller unique I
A digital signature for D (IDcntr) is generated (step S6). Memory card 1
000 is the challenge value Mv generated in step S6, the controller unique ID (I
Dcntr) and the digital signature are sent to the host device 2000 (step S7).

The host apparatus 2000 verifies the signature received in step S7, and D in the elliptic curve encryption
A random number Hk necessary for the iffie-Hellman key exchange process is generated, and a challenge value Hv (= Hk * G) is calculated using the base point G of the elliptic curve. Then, using the host device key Khd_j, the challenge value Hv and the random number RNm received in step S4
And a shared key K generated by the authentication key exchange process
s (= Hk * Mv) is calculated (step S8). The host device 2000 sends the challenge value Hv and the digital signature generated in step S8 to the memory card 1000 (step S9). In response to this, the memory card 1000 verifies the digital signature received in step S9 and calculates a shared key Ks (= Mk * Hv). If the signature cannot be correctly verified in the digital signature verification process of the above process, the subsequent process is stopped in any step.

By performing the above authentication key exchange process, the host device and the memory card can share the shared key secretly. In the authentication key exchange process, since the shared key is calculated using the challenges generated by the host device and the memory card, the value of the shared key differs for each authentication key exchange process.

As mentioned above, although several embodiment of this invention was described, these embodiment is shown as an example and is not intending limiting the range of invention. These novel embodiments can be implemented in various other forms, and various omissions, replacements, and changes can be made without departing from the scope of the invention. These embodiments and modifications thereof are included in the scope and gist of the invention, and are included in the invention described in the claims and the equivalents thereof. For example, in the above embodiment, the ID generator 212 generates a controller unique ID (IDcntr) based on the controller key Kc and controller unique ID (IDcu) pair. However, instead of this, the controller unique ID (IDcntr) may be generated based only on the controller unique ID (IDcu). Controller unique ID (IDcu) concealed by the controller 200
If other unique information that can be disclosed to the outside can be generated while keeping the information secret, the parameters used are not questioned. However, the function used for generation is irreversible, such as a one-way function, and a function that does not obtain the original control unique ID (IDcu) by performing a reverse calculation from the obtained control unique ID (IDcntr). Must be selected.

  Several embodiments will be described below.

[1] A memory unit that stores various data, a controller that is given a controller key and first controller identification information unique to the controller, and that is configured to control the memory unit, a host device, and a secure channel An interface unit for performing data communication, and the controller generates a controller unique key unique to each controller based on the controller key and the first controller identification information; and A controller identification information generation unit that generates second controller identification information based on the first controller identification information; a decoder; and an authentication key exchange processing unit that executes an authentication key exchange process with the host device. The memory unit includes a normal recording unit that is freely accessible from the outside. A system for storing an encrypted media device key obtained by encrypting a media device key that functions as a secret key of a public key cryptosystem with the controller unique key, and a media device key certificate that functions as a public key of the public key cryptosystem An information recording unit, and a secret recording unit that can be accessed on the condition that a predetermined authentication process is completed, and the decryptor decrypts the encrypted media device key using the controller unique key, and the media device The authentication key exchange processing unit performs authentication key exchange processing with the host device via the interface unit using the media device key and the media device key certificate. The secure channel is configured to be established.

[2] In the description of [1], the controller identification information generation unit transmits the second controller identification information via the interface unit after the secure channel is established.

[3] In the description of [2], the controller permits access to the system information recording unit when the secure channel is established.

[4] In any one of [1] to [3], the controller identification information generation unit generates second controller identification information based on the controller key and the first controller identification information.

[5] An information recording apparatus configured to be connectable to a memory unit that stores various data and a controller that is given a controller key and first controller identification information and controls the memory unit. A host device key that functions as a private key for public key cryptography and a host device key certificate that functions as a public key for public key cryptography are stored. An authentication key exchange process between the holding unit and the information recording device using the host device key and the host device key certificate, and the information recording device holds the public key encryption method. An authentication key exchange processing unit for receiving media device key certificate information embedded in a media device key certificate functioning as a public key; and the information recording And an interface unit for performing data communication via a secure channel and a second controller identification information generated by the information recording device based on the first controller identification information, and data communication via the secure channel and the interface unit. And an identification information generation unit that generates information recording device identification information based on the second controller identification information and the media device key certificate information.

[6] In the description of [5], a key generation unit that generates key information used to encrypt content data or key data for encrypting content data based on the information recording device identification information. Further provided.

[7] A method for executing an authentication process between an information recording device and a host device, wherein the information recording device includes a memory unit and a controller for controlling the memory unit. A system in the memory unit which is provided with a key and first controller identification information and further functions as a secret key of the public key cryptosystem and a media device key certificate functioning as a public key of the public key cryptosystem While being held in the information recording unit, the media device key is encrypted with the controller unique key generated based on the controller key and the first controller identification information, and is stored in the system information recording unit as an encrypted media device key. The host device key recorded and the host device functions as a secret key of the public key cryptosystem A host device key certificate that functions as a public key of a public key cryptosystem, and the method generates second controller identification information based on the first controller identification information, and the encrypted media device Media device key certificate information embedded in the media device key certificate by executing an authentication key exchange process based on the key and the media device key certificate, and the host device key and the host device certificate Obtaining information recording device identification information based on the second controller identification information and the media device key certificate information, and generating a media unique key based on the information recording device identification information And with.

[8] In the description of [7], the second controller identification information is transmitted via the interface unit after the secure channel is established.

[9] In the description of [7] or [8], the second controller identification information is generated based on the controller key and the first controller identification information.

[10] An information recording apparatus comprising a data storage unit and a controller, wherein the data storage unit is a media device key (Kmd_i) that functions as a secret key of a public key cryptosystem
Encrypted media device key En encrypted with controller unique key (Kcu)
c (Kcu, Kmd_i) and a media device key certificate (Certmedia) that functions as a public key of the public key cryptosystem, and the controller stores the controller key (Kc) and the controller Unique first controller identification information (
IDcu), a one-way function calculation based on the controller key (Kc) and the first controller identification information (IDcu), and a controller unique key (Kcu) unique to the controller A key generation unit that generates, an identification information generation unit that executes a one-way function calculation based on at least the first controller identification information (IDcu), and generates second controller identification information (IDcntr); and the media device key (Km
d_i) is encrypted with the controller unique key (Kcu) to generate an encrypted media device key Enc (Kcu, Kmd_i), the media device key (Kmd_i) and the media device key certificate (Certmedia) And a key exchange unit that performs authentication key exchange processing with the host device.

[11] In the description of [10], the identification information generation unit transmits the second controller identification information (IDcntr) to the host device after the authentication key exchange process is completed.

[12] In the description of [10] or [11], the identification information generation unit performs a one-way function calculation based on the controller key (Kc) and the first controller identification information (IDcu), Second controller identification information (IDcntr) is generated.

[13] In the description of [10], the data storage unit includes a normal recording area that can be accessed without the completion of the authentication key exchange process.

[14] In the description of [13], the normal recording area is an encrypted content (Ce).
Can be stored.

[15] In the description of [14], the data storage unit includes a secret recording area that can be accessed on condition that the authentication key exchange process is completed.

[16] In the description of [15], the secret recording area can store a media key (Km).

[17] In the description of [16], the media key (Km) is necessary to decrypt the encrypted content (Ce).

[18] In a medium configured to perform an authentication process using a key with a host, the medium includes a memory and a controller that controls the memory, and the controller includes a controller key (Kc). And first controller identification information (IDcu) for identifying the controller, and a first encrypted media device key Enc (Kc, K
md_i) is decrypted using the controller key (Kc) to generate a media device key (Kmd-i) that functions as a secret key of the public key cryptosystem, and the controller key (Kc) and the first key A controller unique key (Kcu) is generated by executing a one-way function calculation based on the controller identification information (IDcu), and the media device key (Kmd_i) is encrypted using the controller unique key (Kcu). To generate a second encrypted media device key Enc (Kcu, Kmd_i), and the memory stores the second encrypted media device key Enc (Kcu, Kmd-i) and the public key of the public key cryptosystem. Configured to store a media device key certificate (Certmedia) that includes the media The media manufacturer is supplied with the controller from a controller manufacturer and the first from a key manager.
Upon receiving the encrypted media device key Enc (Kc, Kmd_i) and the media device key certificate (Certmedia), the second encrypted media device key Enc (K
cu, Kmd_i) and the media device key certificate (Certmedia) are recorded in the memory.

[19] In the description of [18], the controller includes the controller key (Kc
) And the first controller identification information (IDcu) to generate the second identification information (IDcntr).

[20] In the description of [18], the memory includes a media device key certificate ID (
IDm_cert).

1000 ... Memory card, 2000 ... Host device, 3000 ... Key issuance /
Management center, 100 ... memory, 200 ... controller.

Claims (8)

Memory,
A controller for controlling the memory,
Media key information (Kmd_i), media certification information (Certmedia), controller key information (Kc), and controller identification information (IDcu) are stored.
Receiving a first random number (RNh) and host certification information (Certhost) from the host, and verifying the first signature information attached to the host certification information (Certhost);
The second random number (RNm) and the media certification information (Certmedia) are
To the strike,
When the verification of the first signature information fails, the processing after the verification is stopped, and when the verification of the first signature information is successful, a third value calculated based on the second random number (RNm) and the elliptic curve encryption
A random number (Mk) is generated, a first value (Mv) is calculated using the third random number (Mk) and a base point (G) of the elliptic curve, and the controller key information (Kc) and the controller identification Based on the information (IDcu), a one-way function calculation is performed to obtain unique ID information (IDcn)
tr) and using the media key information (Kmd_i), the first random number (RNh),
Signature processing is performed on the first value (Mv) and the unique ID information (IDcntr) to generate second signature information, and the second signature information is different from the second signature information . 1 value (Mv) and the unique ID information (IDcntr) are sent to the host,
In the media certification information (Certmedia), along with the verification failure at the host,
A medium characterized by being sent with third signature information for stopping processing after the verification. Memory,
A controller for controlling the memory,
Media key information (Kmd_i), media certification information (Certmedia), controller key information (Kc), and controller identification information (IDcu) are stored.
Receiving a first random number (RNh) and host certification information (Certhost) from the host, and verifying the first signature information attached to the host certification information (Certhost);
Generating a second random number (RNm) and a third random number (Mk) calculated based on elliptic curve cryptography;
A first value (Mv) is calculated using the third random number (Mk) and the base point (G) of the elliptic curve,
Generates unique ID information (IDcntr) running a one-way function operation based on said controller key information (Kc) with the controller identification information (IDcu),
Using the media key information (Kmd_i), the first random number (RNh), the first value (M
v) and the second signature by performing signature processing on the unique ID information (IDcntr)
Generate information ,
Media, characterized in that sending said second signature information, different first value and the second signature information (Mv) and the unique ID information (IDcntr) to the host. The media according to claim 2,
When the verification of the first signature information fails, a medium for stopping the processing after the verification. The media according to claim 2,
Media sent if verification can pre Symbol host fails, the media certification information in a state in which with a third signature information for stopping the said verification and subsequent processing (Certmedia) to the host. In the media according to claim 1 or 2,
Receiving a second value (Hv) generated by the host using a fourth random number (Hk) and an elliptic curve base point (G);
A medium characterized by generating shared key information shared by key exchange processing. The media according to claim 5,
A medium that generates the shared key information based on the third random number (Mk) and the second value (Hv). In a media having media key information (Kmd_i) , media certification information, controller key information, and controller identification information,
Receives the first random number and host certification information from the host,
The first signature information attached to the host certification information is verified, a second random number and a third random number calculated based on the elliptic curve encryption are generated, and the third random number and the base point of the elliptic curve are used. Te first value is calculated, by performing a one-way function operation based on said controller key information and said controller identification information to generate a unique ID information (IDcntr), using the media key information (Kmd_i) The first random number, the first value, and the unique ID information (
IDcntr) is subjected to signature processing to generate second signature information, the second signature information,
Media, characterized in that sending said different first value and the unique ID information and the second signature information (IDcntr) to the host. Memory,
A controller for controlling the memory,
Media key information (Kmd_i) , controller key information, and controller identification information are stored,
A value based on elliptic curve cryptography is calculated, a one-way function calculation is performed based on the controller key information and the controller identification information to generate unique ID information (IDcntr) , and the media key information (Kmd_i) is generated. The signature information is obtained by performing signature processing on the random number from the outside, the value based on the elliptic curve encryption, and the unique ID information (IDcntr) .
And sending the signature information to the host.

Images