JP7322923B2 - Secure element, transaction control method and device - Google Patents

Description

The present invention relates to a secure element, which is a semiconductor product having strong tamper resistance against analysis attacks from the outside. More particularly, the present invention relates to transaction control for maintaining data consistency.

A secure element, which is a semiconductor product with strong tamper resistance against analysis attacks from the outside, is installed in various devices (for example, IC cards). The main use of devices equipped with secure elements is security use (for example, financial settlement use).

A secure element installed in a device used for security purposes has a non-volatile storage consisting of an electrically rewritable non-volatile memory as a memory for storing data. The secure element's non-volatile storage is managed in units called pages of a fixed size.

Secure elements used for security require consistency of data that is not subject to rewriting when data stored in non-volatile storage is rewritten. Data consistency means that even if the power to the secure element is lost while data is being rewritten, at least the data that is not subject to rewriting can be restored to the state before rewriting. Data consistency is also called data completeness or data atomicity.

A Java card (registered trademark) or the like is provided in advance with a transaction function that guarantees data consistency. Further, as inventions for providing data consistency to a secure element, Patent Documents 1 and 2 disclose inventions in which a backup area for saving data is provided in a non-volatile storage.

While data consistency is required for secure elements, non-volatile storage durability is an issue for secure elements. This is because the electrically rewritable nonvolatile memory that constitutes the nonvolatile storage is provided with a write endurance count. Techniques for improving the durability of nonvolatile storage composed of electrically rewritable nonvolatile memory have already been disclosed. For example, as an invention for improving the durability of non-volatile storage, Patent Document 3 discloses an invention for multiplexing non-volatile storage areas in which data is rewritten.

JP-A-2003-85511 JP 2020-112855 A JP 2017-207863 A

In recent years, as the size of data used by secure elements has increased, the data capacity of non-volatile storage provided in secure elements has increased, and the size of pages, which are the management unit of non-volatile storage, has also tended to increase.

If the page size is large, there are advantages such as the number of pages to write data to can be reduced when handling large-sized data. However, when handling small-sized data, the number of data contained in one page increases, so if small-sized data is rewritten frequently, the number of writes to one page increases, and the durability of non-volatile storage increases. problems arise.

Therefore, the present invention aims to reduce the number of writes to one page while guaranteeing data consistency even when multiple pieces of data that are small in size and frequently rewritten are included in one page. do.

A first invention for solving the above-mentioned problems is a secure element having a non-volatile storage in which data can be written in units of pages. Write-ahead processing for writing write data in a write-ahead area provided in the non-volatile storage, and write data for each write data written to the write-ahead area when an instruction to end transaction control of the write-ahead method is received. It is characterized by comprising transaction control means for confirming the destination page and executing page update processing for collectively writing write data having the same destination page to the same destination page.

Furthermore, a second invention is the secure element described in the first invention, wherein in the page update process, when a plurality of write data having the same write destination page and write destination address exist in the preceding write area, The write data written in the preceding write area last is used for the page update process.

Furthermore, a third invention is the secure element according to the first invention or the second invention, wherein the transaction control means deletes the write data written to the write destination page from the preceding write area in the page update process, When write data exists in the preceding write area immediately after the power is turned on, the page updating process is performed using the write data existing in the preceding writing area.

Furthermore, a fourth invention is a device implementing the secure element described in any one of the first to third inventions.

Furthermore, a fifth invention is a transaction control method executed by a secure element having a non-volatile storage capable of writing data in units of pages, wherein the secure element issues an instruction to start write-ahead transaction control. Upon reception, a procedure for executing a write-in-advance process of writing write data in a write-in-advance area provided in a non-volatile storage separate from the data storage area; , confirming the write destination page of the write data for each write data written in the preceding write area, and executing the page update process of collectively writing the write data having the same write destination page to the same write destination page; characterized by comprising

Furthermore, a sixth invention is the transaction control method according to the fifth invention, wherein in the page update process, if a plurality of write data having the same write destination page and write destination address exist in the preceding write area , the last write data written in the preceding write area is used for the page update process.

Further, according to a seventh invention, in the transaction control method according to the fifth invention or the sixth invention, the secure element deletes the write data written to the write destination page from the pre-write area in the page update process, When write data exists in the preceding write area immediately after the power is turned on, the page updating process is performed using the write data existing in the preceding writing area.

By making the secure element compatible with write-ahead transaction control, even if multiple pieces of small-sized, frequently-written data exist on a single page, multiple pieces of small-sized, frequently-written data can be batched together. Since the page can be written to as much as possible, the number of writes to the page can be reduced. In addition, since the write data written in the pre-write area does not disappear even if the power supply of the secure element is turned off, the consistency of the data can be guaranteed.

FIG. 4 is a diagram for explaining an example of a device equipped with a secure element; FIG. 4 is a diagram for explaining the hardware of a secure element; FIG. 4 is a diagram for explaining the configuration of a secure element related to data writing; FIG. 11 is a diagram for explaining processing related to transaction control of the pre-write method; FIG. 5 is a diagram for explaining the operation of the transaction control means after reset; Supplementary diagram for explaining the write-ahead transaction control.

Embodiments according to the present invention will now be described. This embodiment is intended to facilitate understanding of the present invention, and the present invention is not limited to this embodiment. In addition, unless otherwise specified, the drawings are schematic diagrams drawn to facilitate understanding of the present invention.

FIG. 1 is a diagram illustrating an example of a device 2 equipped with a secure element 1. As shown in FIG. In FIG. 1, a device 2 equipped with a secure element 1 is illustrated as a contact IC card that communicates with an external terminal by contact communication conforming to ISO7816.

In FIG. 1, the device 2 has the shape of a credit card, but the shape of the device 2 on which the secure element 1 is mounted is not limited to the shape of a credit card. The device 2 equipped with the secure element 1 may be a SIM (Subscriber Identity Module) attached to a smartphone or the like, or may be an eSIM (embedded Subscriber Identity Module) mounted on a substrate of the smartphone or the like.

In the device 2 illustrated in FIG. 1, the secure element 1 is resin-molded on the back side of the external terminals. The secure element 1 contacts and communicates with an external device (eg, reader/writer) (not shown) via an external terminal 20 . Note that the communication method supported by the secure element 1 is not limited to contact communication conforming to ISO7816. The communication method supported by the secure element 1 may be non-contact communication conforming to ISO14443, or may be a communication method used inside a computer (for example, SPI, Serial Peripheral Interface).

FIG. 2 is a diagram explaining the hardware of the secure element 1. As shown in FIG. The secure element 1 according to the present embodiment includes, as circuits, a contact communication interface 101, a CPU 100 (Central Processing Unit), a RAM 102 (Random Access Memory), a ROM 103 (Read Only Memory), a nonvolatile storage 104, a coprocessor 105 (Coprocessor). , a random number generator 106 (RNG: Random Number Generator), and a power supply circuit 107 . Naturally, the circuits integrated in the secure element 1 are not limited to these circuits.

In this embodiment, the CPU 100 of the secure element 1 is a circuit that interprets program codes stored in memory and executes predetermined processing. The power supply circuit 107 is a circuit that is connected to the external terminal 20 (VCC terminal) on the surface of the device 2 and supplies power supplied from the external terminal to other circuits (for example, the CPU 100). The contact communication interface 101 is a circuit that connects to the external terminal 20 (I/O terminal) on the surface of the device 2 and performs contact communication with the external terminal. The coprocessor 105 is a circuit configured to perform high-speed cryptographic operations using cryptographic keys. The random number generator 106 is a circuit that generates random numbers.

The RAM 102, ROM 103 and non-volatile storage 104 are memories provided in the secure element 1. FIG. RAM 102 is an electrically rewritable volatile memory. The ROM 103 is a read-only non-volatile memory that cannot be electrically rewritten. The non-volatile storage 104 is storage configured with an electrically rewritable non-volatile memory. For example, the non-volatile storage 104 is composed of EEPROM (registered trademark), flash memory (registered trademark), or the like.

FIG. 3 is a diagram for explaining the configuration of the secure element 1 related to data writing. The non-volatile storage 104 included in the secure element 1 serves as a hardware layer for writing data. An operating system 10 (hereinafter referred to as “OS 10”, OS is an abbreviation for Operating System) installed in the secure element 1 is an operating system layer related to data writing. The application 12 that executes processing to write data to the nonvolatile storage 104 is an application layer related to data writing.

Application 12 supports multiple commands that require processing to write data to non-volatile storage 104 . These commands include not only write commands but also authentication commands. Authentication commands require at least a retry counter 104d that counts the number of interruptions or failures in authentication. The retry counter 104d becomes data stored in the non-volatile storage 104, and the retry counter 104d is rewritten in the processing related to the authentication system command.

The OS 10 implemented in the secure element 1 has transaction control means 11 that executes processing related to data consistency when writing data to the non-volatile storage 104 . The transaction control means 11 according to this embodiment corresponds to transaction control of a backup method for backing up the contents of the write destination of the write data. Furthermore, the transaction control means 11 according to the present embodiment, in addition to the backup-type transaction control, writes the write data to another area before writing it to the original write destination, and when the end of the transaction control is instructed, It corresponds to transaction control of the write-in-advance method in which write data written in another area is written to the original write destination.

As illustrated in FIG. 3, the non-volatile storage 104 included in the secure element 1 is divided into units called pages and managed by the OS 10 installed in the secure element 1. The non-volatile storage 104 according to this embodiment is Data can be written in units of pages. A page number is assigned to each page, and the page is identified by the page number. In the case of the non-volatile storage 104 with relatively small capacity, the page size is about several tens of bytes, but in the case of the non-volatile storage 104 with relatively large capacity, the page size is 128 bytes, 256 bytes, 512 bytes, etc. become.

The non-volatile storage 104 provided in the secure element 1 includes a data storage area 104a, a backup area 104b and a pre-write area 104c.

Program codes and data used by the OS 10 and program codes and data used by the application 12 are stored in the pages allocated to the data storage area 104a. In FIG. 3, one of the pages assigned to the data storage area 104a and having the page number "a" contains a retry counter 104d, which is data used in command processing related to authentication commands, and a A password counter 104e serving as data used in such command processing is stored. The password counter 104e is a counter used for generating a one-time password.

In the secure element 1 according to this embodiment, the backup area 104b and the pre-write area 104c are areas used at least by the transaction control means 11 that executes processing related to data consistency. In the backup area 104b, which is the area used by the transaction control means 11 in the backup method, the contents of the write destination page, which is the write destination page for writing the write data, are backed up. In addition, write data to be written to the write destination page and management information thereof are written in the write data to be written to the write destination page in the write data to be written to the write destination page and management information thereof.

In FIG. 3, a page with a page number of "b" that is not included in the data storage area 104a is allocated to the backup area 104b. Also, a page with a page number of "c" that is not included in the data storage area 104a is allocated to the pre-write area 104c. The number of pages assigned to the pre-write area 104c may not be one page. By allocating a plurality of pages to the pre-write area 104c and rotating (circulating) the pages used as the pre-write area 104c, deterioration of the durability of the non-volatile memory can be prevented. The same applies to the backup area 104b.

As explained above, the transaction control means 11 supports two types of transaction control: the backup type transaction control and the pre-write type transaction control. Only the write-ahead transaction control will be described in detail here.

The transaction control of the backup method is explained. In the transaction control of the backup method, the transaction control means 11 duplicates the contents of the write destination page in the backup area 104b provided in the nonvolatile storage 104 before writing the write data to the write destination page, and the power is turned on. After that, if it is determined that the end instruction of transaction control has not been received, a process of reflecting the contents of the backup area 104b to the page that is the copy source is executed.

FIG. 4 is a diagram for explaining processing related to a write-preceding transaction control method. Processing related to the write-in-precedence transaction control method is processing executed by the transaction control means 11, and this processing is executed in the following procedure.

When the application 12 starts a series of processes for writing data to the non-volatile storage 104, it gives the OS 10 an instruction to start transaction control including a transaction control method (step S1). The transaction control means 11 according to this embodiment supports two methods of transaction control: the backup method and the write-in-advance transaction control method. explain. The data to be subject to the write-ahead transaction control is small in size and frequently rewritten.

Next, the application 12 provides the OS 10 with a data write instruction including the write data to be written to the nonvolatile storage 104 and the write destination (step S2). The write destination of write data is composed of a write destination page, which is the page to which write data is written, and a write destination address, which is an address in this write destination page.

When the transaction control means 11 receives a data write instruction from the application 12 after being instructed to start the transaction control of the pre-write method, the write data specified by the application 12 is written to the data storage area 104 a of the non-volatile storage 104 . Instead, a pre-write process is executed to write the write data in the pre-write area 104c provided in the non-volatile storage 104 (step S3).

The transaction control means 11 repeats the procedure S3 every time it receives a data write instruction from the application 12 after being instructed to start the transaction control of the advance write method. Therefore, the number of write data to be written in the pre-write area 104c is not limited to one. In addition, management information including the write destination (write page and write address) of the write data and the data length of the write data is added to the write data to be written in the pre-write area 104c.

When the series of processes for writing data to the non-volatile storage 104 is finished, the application 12 gives the OS 10 an instruction to end the transaction control (step S4). When the application 12 instructs to end the transaction control, the transaction control means 11 checks the write destination page of the write data for each piece of write data written in the preceding write area 104c, and determines whether the write data has the same write destination page. are collectively written to this write destination page (step S5).

In the page update process, the write destination page to which the write data is written can be determined from the write data management information existing in the pre-write area 104c. By collectively writing write data for the same write destination page to this write destination page, the number of page rewrites can be reduced. Also, in the page update process, if there are a plurality of pieces of write data with the same write destination in the pre-write area 104c, using the last write data written in the pre-write area 104c for the page update process reduces the number of page rewrites. It is preferable from the point of view.

Next, the transaction control means 11 deletes the write data written to the write destination page from the preceding write area 104c (step S6), and the procedure of FIG. 4 ends.

The advance write area 104 c is an area provided in the nonvolatile storage 104 . Therefore, even if the secure element 1 is powered off, the write data written in the advance write area 104c is not erased until the write data existing in the advance write area 104c is erased. By using this, when the secure element 1 is powered off, the state in the data storage area 104a of the nonvolatile storage 104 can be restored to the state immediately before the secure element 1 was powered off.

FIG. 5 is a diagram for explaining the operation of the transaction control means 11 after reset. When the secure element 1 is reset, the transaction control means 11 determines whether write data exists in the pre-write area 104c (step S10). If no write data exists in the pre-write area 104c, the procedure of FIG. 5 ends. If write data exists in the pre-write area 104c, the transaction control means 11 executes page update processing using the write data existing in the pre-write area 104c (step S11). After deleting the write data existing in the area 104c (step S12), the procedure of FIG. 5 ends.

The write-ahead transaction control will be described in more detail. FIG. 6 is a supplementary diagram for explaining transaction control of the pre-write method. In this description, the write data are the value of the retry counter 104d and the value of the password counter 104e, and both of these data are data to be written in advance.

The retry counter 104d stored in the data storage area 104a of the nonvolatile storage 104 is rewritten to a value decremented by one when an authentication-related command is executed, and when the processing related to authentication succeeds, it reaches the maximum number of retries. can be rewritten. Also, the password counter 104e stored in the data storage area 104a of the nonvolatile storage 104 is rewritten to a value incremented by one each time an authentication command is executed. As shown in the first line of FIG. 6, the value of the retry counter 104d when the authentication command is executed is assumed to be "C0". Also, the value of the password counter 104e when the authentication command is executed is assumed to be "TC0". Also, at this time, the contents of the pre-write area 104c are empty.

After receiving an instruction from the application 12 to write "C1", which is a value obtained by subtracting one from "C0", to the retry counter 104d after an instruction to start the write-preceding transaction control is given, the second line in FIG. As described above, the transaction control means 11 writes the management information of the retry counter 104d and "C1", which is the value of the retry counter 104d, to the preceding write area 104c. Further, when the transaction control means 11 receives an instruction from the application 12 to write "TC1", which is a value obtained by adding "TC0" by one, to the password counter 104e, the transaction control means 11 executes the transaction as shown in the third line of FIG. The control means 11 writes the management information of the password counter 104e and its value "TC1" into the preceding write area 104c. Note that even if the transaction control means 11 writes data to the preceding write area, the write destination page such as "C1" (here, the page with the page number "a") is not updated.

When the application 12 receives a write instruction from the application 12 to write "Cmax", which is the maximum value of the number of retries, to the retry counter 104d after the collation processing related to authentication is successful, as shown in the fourth line of FIG. The transaction control means 11 writes the management information of the retry counter 104d and its value "Cmax" to the advance write area 104c. Note that even if "Cmax", which is the write data of the retry counter 104d, is written to the preceding write area 104c, the write destination page of "Cmax" (here, the page whose page number is "a") is not updated.

When the application 12 instructs the end of transaction control, the transaction control means 11 executes page update processing for writing the write data written in the preceding write area 104c to the write destination. Since the value of the retry counter 104d and the value of the password counter 104e, which are the write data written in the pre-write area 104c, are the same, the transaction control means 11 changes the value of the retry counter 104d and the value of the password counter 104e. The value of the counter 104e is collectively written to the same write destination page (the page whose page number is "a").

Two values of "C1" and "Cmax" are written in the advance write area 104c as the values of the retry counter 104d. Of these, the last value written in the advance write area 104c is "Cmax". Therefore, the transaction control unit 11 writes "Cmax" as the value of the retry counter 104d to be written to the write destination page. 6, the transaction control means 11 writes "Cmax" to the retry counter 104d and writes "TC1" to the password counter 104e. page 'a'). When the write destination page is updated, the transaction control means 11 deletes all write data stored in the pre-write area 104c, and the pre-write area 104c becomes empty.

In this example, the value of the retry counter 104d and the value of the password counter 104e must be written to the pages of the data storage area 104a provided in the nonvolatile storage 104. The value of the retry counter 104d and the value of the password counter 104e can be written at once. Also, with respect to the retry counter 104d, the number of times of writing of the retry counter 104d, which is normally performed twice, can be reduced to one. That is, in this case, it is possible to reduce the number of writes required three times to one.

After writing "C1", which is a value obtained by subtracting one from "C0", and the management information of the retry counter 104d to the pre-write area 104c, if the secure element 1 is powered off and then reset, The transaction control means 11 reflects "C1" written in the preceding write area 104c to the retry counter 104d in the write destination page. Therefore, the value of the reset counter can be set to the value immediately before the secure element 1 is powered off.

As explained above, by making the secure element 1 compatible with write-ahead transaction control, even if multiple pieces of data that are small in size and frequently rewritten exist in a single page, they can be rewritten in a small size. Since multiple pieces of data with high frequency can be written to the page at once, the number of times of writing to the page can be reduced. Moreover, since the write data written in the pre-write area does not disappear even if the power of the secure element 1 is turned off, the consistency of the data can be guaranteed.

1 Secure Element 10 Operating System 11 Transaction Control Means 12 Application 104 Nonvolatile Storage 104a Data Storage Area 104b Backup Area 104c Advance Write Area 2 Device

Claims (7)

A secure element having a non-volatile storage in which data can be written in units of pages, and a pre-write area provided in the non-volatile storage separately from the data storage area when an instruction to start transaction control of the pre-write method is received. , upon receiving a write-in-advance process for writing write data and an instruction to end the transaction control of the write-in-advance method, the write destination page for each piece of write data written in the advance write area is confirmed, and the write destination page is checked. A secure element comprising transaction control means for executing page update processing for collectively writing the same write data to the same write destination page. In the page update process, if a plurality of pieces of write data having the same write destination page and write destination address exist in the preceding write area, the transaction control means causes the last write data written into the preceding write area to be processed in the page update process. A secure element according to claim 1, characterized in that it uses In the page update process, the transaction control means deletes the write data written to the write destination page from the advance write area, and if the write data exists in the advance write area after the power is turned on, the write data is deleted from the advance write area. 3. The secure element according to claim 1, wherein said page update processing is executed using write data existing in a write area. A device implementing a secure element according to any one of claims 1 to 3. A transaction control method executed by a secure element having a non-volatile storage to which data can be written in units of pages, wherein the secure element receives an instruction to start write-ahead transaction control, and a data storage area and a data storage area. is a procedure for executing a write-in-advance process in which write data is written in a write-in-advance area separately provided in a non-volatile storage; A transaction characterized by including a procedure for confirming the write destination page of the write data for each write data received, and executing page update processing for collectively writing the write data with the same write destination page to the same write destination page. control method. In the page update process, if a plurality of pieces of write data having the same write destination page and write destination address exist in the preceding write area, the secure element transfers the last write data written into the preceding write area to the page update process. 6. The transaction control method according to claim 5, characterized by using In the page update process, the secure element deletes the write data written to the write destination page from the pre-write area, and if the write data exists in the pre-write area after the power is turned on, the pre-write 7. The transaction control method according to claim 5, wherein the page update processing is executed using write data existing in the area.

Images