JPS6120182A - Data processing system - Google Patents

Abstract

PURPOSE:To prevent a data processing system from incorrect use by checking the validity of a command outputted from an equipment in the data processing system by an IC card when the command is supplied to the IC card. CONSTITUTION:Random data are generated from a decoder 21. The random data are added to the back of data to be transmitted to transmit both the data to the IC card 23. After receiving a command, the IC card 23 separates the random data, stores the separated data in a prescribed address of a PROM203 and writes the observed/listened data. Then, the balance is calculated. After obtaining data indicating the balance, a fixed pattern is added to the data. The fixed pattern is a digital pattern previously stored in the IC card. The obtained data are ciphered. Said random data are used as the key of the cipher. A response is constituted by adding a header to the leading part of the ciphered data.

Description

DETAILED DESCRIPTION OF THE INVENTION [Technical Field of the Invention] The present invention relates to an IC card having a CPU and a memory in a card-sized carrier.

[Technical background of the invention and its problems]

Advances in LSI technology have made it possible to include OP[J and memory in conventional credit cards.

Such a card is called an IC card. A typical example is Horeywell I-Bul 1's CP-
It is 8. UP-8 shows the wide variety of uses for IC cards. For example, if it is used in cash card cards handled by banks, etc., the services provided will be dramatically increased compared to conventional cards.

On the other hand, since an IC card has a memory, data can be stored in the memory. Also, since there is an oPU, it is possible to communicate with a host computer, etc. Therefore, if the data is tampered with or the card is used fraudulently, the impact will be far greater than in the past.

Therefore, in order to prevent such a situation, oP-8 and the like check the normality of the card before using it.

For example, a random number is generated at a terminal into which an IC card can be inserted, and this random number is sent to the IO card side. In the 10 card, this random number is rearranged in a regular manner that only legitimate cards have, and sent to the host side.The host side performs the same rearrangement as above for the random number, and then sends it from the IC card. Compare with the calculated data.

When the validity of the IC card is determined by such a validity check, commands and responses are exchanged between the terminal and the IC card, and data processing is performed.

However, after the validity check has been completed, there is a possibility that unauthorized use, such as punching holes, may be performed on the messages, commands, and responses, and unauthorized use cannot be completely prevented.

[Object of the Invention] This invention eliminates the above-mentioned drawbacks and provides a method that prevents unauthorized use.1. The purpose is to provide a data processing system using O cards.

The present invention provides a data processing system comprising an IC card that integrally houses a CPU and a storage unit, and a device to which the 10 cards are installed, when a command from the device is supplied to the IC card. , the validity of the command is checked using the IC card.

A second invention is a data processing system comprising an IC card that integrally houses a CPU and a storage unit, and a device into which the IC card is installed, in which the IC card The device is characterized in that the device performs a validity check on the response sent from the device.

〔Effect of the invention〕

According to this invention, the validity of the response is checked each time a command is sent, so data cannot be tampered with, and the security of a data processing system using 10 cards is dramatically improved. .

[Embodiments of the invention]

Next, embodiments of the present invention will be explained according to the drawings. First, the outline of the system will be explained according to FIG. The system of this embodiment is an example in which an IC card is applied to pay broadcasting between a plurality of broadcasting stations α0 and a plurality of subscribers.

This system uses satellite broadcasting, and connects the above broadcasting station aυ to subscribers, a management center α9, and one or more I/O stations.
It consists of C card sales office αη. Note that the 10 card is a plastic plate the size of a credit card with a CPU and memory embedded in it, giving it memory and processing functions.

From the broadcasting station (II), the signal representing the program (analog or digital may be used) is scrambled and sent to the satellite (
It is delivered to subscriber α□□□ via II. In this embodiment, in addition to the signals representing the programs, at least four broadcast stations a
One feature is that a signal representing υ (hereinafter referred to as control data) is added and transmitted.

When viewing this pay broadcast, the subscriber inserts the 10 card ■ purchased from the IC card store αD into the metered section decoder. The decoder OD operates for the first time with this IC card, and the program signal is descrambled and made available for viewing. At the time of purchase, the IC card (c) stores a signal representing the viewing unit amount corresponding to the purchase price. Viewed data is written into this IC card (to) by the decoder OD as the program is viewed. 10 card (c) OPU calculates the remaining viewing unit amount by subtracting the number of viewed data from the original viewing unit amount, and notifies this to the decoder Qυ. decoder elD
judges this, and if the remaining viewing unit amount is 1 or more, viewing is enabled, but if the remaining viewing unit amount is 0, viewing is prohibited. This allows subscribers to view and listen to the amount they have paid for in advance, making it possible to realize a pay-as-you-go system. Although charges may vary depending on the program, this embodiment can accommodate this in the following manner. That is, a digital code indicating the viewing time based on the viewership rating is included in the control data, and each decoder uses this digital code to control the interval at which viewing data is written to the IC card. It is.

Another feature of this embodiment is that at least the station code to which the program belongs (program code if necessary) is included in the viewed data written in the 10 card (c). . As a result, the program information viewed by the subscriber is written in the SI0 card (to). Therefore, statistics regarding viewing information can be obtained by collecting used IC cards (c) as shown in FIG. 2 and reading them out at the management center 051. Another feature of this embodiment is that each broadcasting entity aυ
The first step is to decide how much the viewing fee will be divided into portions.

The above is the essence of this embodiment. Next, the signal flow will be explained in detail.

As shown in Fig. 3, a scrambler (31) is installed on the broadcasting station α0 side, and a disk scrambler (33) is installed on the subscriber side.
is provided.

The scrambler (33) is supplied with a normal broadcast signal. This signal form specifies the configuration of the scrambler (31) and descrambler (33). In this embodiment, the signal supplied to the scrambler (31) is a digital signal, and the scrambler (31) obtains an exclusive OR with the random number.

The random number aη in this case is supplied from a random number generator (not shown), and initial value data for setting the initial value of this random number generator is prepared at the broadcasting station αυ as part of the aforementioned control data. The control data also includes data prepared for program broadcasting, such as data identifying the broadcasting station aO, data representing the program category, data representing the program number, data representing the fee, and the like. The control data in this embodiment are a signal OH for identifying the station αυ and a signal MO representing the charge.

Among these fine signals, for example, data M representing the charge
O and initial value data are encrypted in an encoder (35). This encrypted data is sent to a transmitter (not shown) together with a signal OH identifying the station αυ. The output of the scrambler (31) is also supplied to the transmitter, and both are sent to a satellite (not shown).

As for this transmission mode, for example, when the output signal from the scrambler (31) is a digital signal (for example, in the case of a POM signal), since there is an empty space in the frame, a control signal is inserted therein and sent.

On the other hand, l subscribers receive the above signal via the satellite and separate it into a broadcast signal and control data.

As described above, the control data is separated into data OH for identifying the station, other data, that is, data MO representing the charge, and initial value data. The latter data is sent to the decoder (3
7) and is decrypted using the key K.

In this embodiment, the key is stored in the memory of the 10 card (23), and is read out from the IO card □□□ upon decryption. In this way, the broadcasting station aυ can eliminate counterfeit cards by changing K as necessary, such as when a counterfeit card is in circulation. In such a case, the key can be changed for the already mentioned card since it will be collected after the predetermined period of purchase has passed. Of course, for applications where it is okay to fix the key K of the encoder and decryptor,
The keys on both the broadcasting station and decoder sides may be stored in the ROM. Signal MO representing the charge after being decoded
and data OH for identifying the station are supplied to a billing circuit (39).

As mentioned above, the charging circuit (39) operates when the IC card (to) is inserted, passes the viewed data to the IO card @, and receives the remaining viewing unit amount from the IC card (2). take. This will be discussed later. Tile circuit (39)
determines whether to permit or disallow viewing of the program from this remaining viewing unit amount.

A 1-bit digital signal is sufficient for these viewing permission signals and viewing prohibition signals. Such a signal is supplied to switch 41. This switch 41 closes when the viewing permission signal is supplied, and opens when the viewing prohibition signal is no longer supplied. At one end of this switch 41 is the decoding described above.

Initial value data is supplied, and the other end is a descrambler (3
3) is connected to the initial value data supply terminal.

The descrambler (3&)l in this embodiment may have the same configuration as the scrambler (31).

On the other hand, the billing circuit (39) receives a signal OH for identifying the station;
Pair the program codes and write them on the IC card (to).

Such an IC card (to) is returned to the IC card sales office aη when the signal representing the pre-stored viewing unit amount becomes equal to or greater than that.

The IC card sales office αη sends the used IC card and the fee to the management center 0!9. In the management center α9, the IC
The content of the card (to) is deciphered and viewing information statistics are collected for each broadcasting station 0υ. The management center Oe allocates fees to each broadcast station aυ based on this statistical value.

In the above explanation, in order to collect the IC card (c), the fee for the IC card (c) is set to be higher than the program viewing fee, and when the IC card (to) is returned to the sales office 071 etc., the surplus portion is returned. You can also do this. Also, 10 cards (to)
It is also possible to set a valid period and collect the fee within this period even if the fee is not viewed.

Next, the 10 card @, which is a feature of this invention, will be explained. The 10 card (C) in this embodiment has a CPU (201) and a PROM (Pro
gramable Read only memory
) (203). The CPU (201) receives commands from the billing circuit (39) in the decoder Qυ, and returns a response to the billing circuit (39). However, decoder Q
A one-command/co-response system is adopted in which a command from the D side always receives a response from the IC card. This is monitored by a reader/writer (not shown) installed in decoder 01), and the next command is supplied from the decoder side before a response is received from the IC card (c) to a certain command. If so, disable this command.

The IC card (c) here has eight terminals on the outer surface of the card. These terminals are data lines, clock lines,
Operating power supply terminal, GND terminal, vpp terminal, Re5e
It consists of a t-terminal, etc. The synchronization with the decoder clυ side is performed using an asynchronous method.

First, when the IC card (c) is inserted into the decoder Qυ, the CPU (201) enters a command waiting state.

When a command is given to the IC card (c) from the decoder QD, the 0PU (201) performs processing according to the command. The command from the decoder clυ has a format as shown in FIG. 5, for example. The command in this embodiment has the content of writing watched data, and the watched data is prepared as a pair of data that identifies the station, and this data is written to the F ROM (203). Write to the specified address. This data will not be written if data indicating that program viewing is free is sent from the broadcasting station as control data. Also, the timing of writing is when the 10 card (c) is installed, when the channel is set, the station selection may be changed or viewing may be stopped, so the viewed data is not written immediately. Here, it is assumed that the channel is set and the viewed data is written when the set time has elapsed. Furthermore, the writing interval of one viewed data changes depending on the data indicating the charge, as described above. It makes sense that the viewing unit amount can be considered as the number of pieces of viewed data.

Subsequently, 0PU (201) collects the already written viewed data. Then, this false value is checked against the viewing unit amount (as mentioned above, this is the data stored as the initial data of the IC card) to determine the amount of programs that can be viewed according to the charge. Ru.

Now, as mentioned above, conventional IC cards (for example, Hone)
ywell Bul1's 0P-8, etc.), the validity of the IC card is checked before communication is performed between the IC card and the terminal. However, once the legitimacy was discredited, no further checks were carried out. However, after checking the validity, decoder 011 and IC card (
c) by modifying the transmission path between the decoder UK and
There was a risk that the data in the received response could be tampered with.

This problem should not be tolerated in paid broadcasting because it involves money.

In this embodiment, such drawbacks are eliminated as follows. In other words, instead of checking the validity prior to communication, the validity check can be performed while the communication is in progress.

To achieve this, first, as shown in Figure 1,
Random number data is generated by the decoder Qυ.

This random number data is added after the data to be sent and sent to the IC card. For example, as shown in FIG. 7, random number data is added after the viewed data consisting of data OH for identifying a station.

After receiving the command, the IC card (to) separates the random number data and stores it in a predetermined address of the P)LOM (203), and also writes the viewed data.

Next, calculate the remaining amount as described above. Once data representing this balance is obtained, a fixed pattern is added to this data. The fixed pattern is a digital pattern stored in advance in the IC card (c).

The data obtained in this way is encrypted.

However, the aforementioned random number data shall be used as the encryption key.

The response consists of a header added to the beginning of encrypted data. When the decoder 01) receives such a response, the decoder Qη decodes the data portion. This decryption key uses random number data first generated by the decoder.

The decoded data is separated into data to be truly transmitted and a fixed pattern. This can be done by forcibly separating the decoded data into a former stage and a latter stage. The latter stage is treated as a fixed pattern. And this latter bit string is
Check whether it is the same as the fixed pattern added in the IC card (c). Naturally, the fixed pattern from the front is held and sealed in common on the decoder Qη and the IC card (c).

With such a check, it is possible to reliably detect even if any fraud is committed on the data between the decoder 01) and the IC card (2). However, it is necessary that the security of the decoder 0υ is maintained. That is, it is assumed that the main part of the decoder QD is made into an LSI and will not be counterfeited, and the design of the decoder Qυ will not be made public.

Since no response is returned, the decoder can detect the abnormality.

Note that even if the data attached to the billing command from the decoder 01) is changed, in this embodiment, the writing time interval of the viewed data is controlled according to the charge of the program, so the billing command Nomata, IC card (c)
If a number digit is added to the output data from Qυ, a correct fixed pattern cannot be obtained in the decoder Qυ, and a meku can be detected.

Since such checks are constantly performed for each command/response, it is impossible to modify the data at all.

On the other hand, the fixed pattern check is completed and the decoder 01
) If the same pattern as the fixed pattern within ) is detected, it is determined that the previous data is the correct image data representing the remaining amount. This data may be displayed externally as the remaining viewing unit amount to notify the viewer. However, if the remaining amount is zero, viewing of the program is prohibited as described above.

[Other embodiments of the invention]

Next, another embodiment of the invention will be described with reference to FIG. In the embodiment, data sent when commands are sent from the billing circuit (39) is encrypted.

Encrypt the information. This encryption algorithm is specified by random number data obtained by random number data generation. The simplest method of encryption algorithm is the rearrangement of bit data. This is the same in the embodiments described above.

Next, a command code OMD is given according to the command, and the aforementioned random number data is also given, and the data is sent to the IC card (c) in a predetermined format.

In the IC card (c), command data and random number data are separated from the parts other than the code. Next, decrypt the command bootara. This algorithm is assumed to be specified by random number data. However, the Alprism here is an algorithm that has an inverse function relationship with the algorithm used for encryption in the billing circuit Qυ.

The decoded data consists of viewing data and first fixed patterns 1st F and P. It is determined whether the first fixed patterns F and P obtained here match the pattern generated and added by the billing circuit υ. It is assumed that the first fixed pattern is stored in advance in the billing circuit Qυ and the valid IC card (c). If they do not match, it is assumed that the data between the billing circuit Qυ and the IC card (c) has been tampered with, and the operation is stopped.

On the other hand, if the patterns match, predetermined processing is performed. That is, the viewing data is written to the FROM in the IC card (to), and the remaining amount is calculated. The remaining amount, which is the data thus obtained, is sent to the billing circuit Qυ.

At this time, the second fixed pattern 2nd F, P is added and then encrypted. The encryption algorithm is an IC card (
Specified by random number data obtained by separating (to). In this way, the encrypted data is formed into a predetermined format and then sent as a response to the billing circuit QB.

The billing circuit CH+1 first separates the data portion of the response and decodes it. It is assumed that this decoding algorithm is an algorithm based on random number data generated by the billing circuit Qη. As described above, the encryption/decryption algorithm here may be set independently for the billing command and response.

The data decoded in this way represents the remaining amount (this pattern 2nd F, P is assumed to be stored in advance in the charging circuit C1, and the legitimate IC card). Determine if they match.

If they do not match, it is determined that the response has been modified and the operation is stopped. For example, viewing may be prohibited or the IC card attached to the billing circuit Qυ may be rejected. If a match is confirmed, it is assumed that the remaining amount as data is correct, and this remaining amount is displayed. Next, it is determined whether the remaining amount is greater than zero. If it is below zero, viewing is prohibited. When Zero Yoshi is big, keep watching.

In addition, in the above embodiment, when separating data etc., it is necessary to unify the formats to be handled by the billing circuit Qυ and the IC card (2).

[Other embodiments of the invention]

Next, an example in which the billing circuit QD and the IC card (c) have the same processing for validity will be described with reference to FIG.

When sending a command, a charging command is sent to the IO card from the OMD code, data (viewing data), and random number data. Among these commands, processing is performed according to the OMD code for viewing. That is, writing the viewing data and calculating the remaining amount.

An authentication code consisting of a predetermined bit example is generated for the remaining amount of data. This generation uses random number data, which will be described later. Add the obtained authenticator to the data,
into the specified format and send the billing circuit Q as a response.
Send to υ.

The billing circuit clυ separates the data representing the remaining amount from the authentication code. For the data representing the remaining amount, an authentication code is obtained using exactly the same procedure as the authentication code generation on the IC card side. This authenticator is compared with the authenticator obtained by separation earlier.

If they do not match, it is assumed that the response has been tampered with, and the operation is stopped. If they match, the response data is considered valid and processing continues. That is, the remaining amount is displayed, and then it is checked whether the remaining amount is greater than zero. When it is large, the above operation (
Writing the viewing data = receiving and playing the broadcast signal) is repeated. When the temperature is below zero, the operation is stopped.

In the above embodiments as well, the IC card (
c) The validity may be checked on the side.

Specifically, a fixed pattern may be added, encryption, etc. may be applied. Similarly, the response may also be encrypted.

Next, authentication code generation will be explained according to FIG. 10.

In this generation procedure, first, data is separated into several blocks E, ~In. These blocks consist of a predetermined number of bits. Then, the first block is encrypted. This encryption is assumed to be specified by random number data.

The output of such an encryption means is assumed to be OI.

This output OI and the second block E! Exclusive-or is taken. Then, the exclusive OR of the encoded output O3 and the block I3 is performed. Thereafter, the same process is repeated to obtain an output On from the encryption means. The upper m bits of this output ON are used as the authentication code.

Next, the above processing will be clarified using mathematical expressions. That is, Ex(I,)→0°Ex(0,■It)→0! Ex(0, ■Is)→08 Ex(On-1■In)-+On. The key to generating this authentication code is to compress the data to a predetermined number of bits, since a long data length for a command response or the like places a heavy burden on hardware and software. Furthermore, the procedure for generating this authenticator is as follows.
This billing circuit is provided in both the at+ and 10 cards (to), and it is based on the fact that if the same data is input to this generation procedure, the same authentication code will be obtained. This is in contrast to the above-mentioned embodiment, in which a pair of procedures was prepared, such as one for encrypting and the other for decoding.

Although the embodiments of this invention have been described above, this invention is not limited to the above embodiments, and is characterized in that the device checks the validity of one of the 10 cards every time a command or response is issued. Any combination of fixed patterns, encryption, authentication codes, etc. can be used.

[Brief explanation of the drawing]

FIG. 1 is a diagram showing an embodiment of a data processing system according to an embodiment of the present invention, FIGS. 2 and 3 are diagrams showing a pay broadcast system to which this data processing system can be applied, and FIG.
The figure shows an example of the structure of an IC card, FIGS. 5 to 7 show examples of command and response formats, and FIGS. 8 to 10 show other embodiments. (21)...Pay-as-you-go decoder, (231...IC
Card, (39)... Charging circuit, (201)-CP
U, (203) ・PR(N.

Claims (3)

[Claims] (1) In a data processing system consisting of an IC card that integrally houses a CPU and a storage unit, and a device to which this IC card is installed, when a command from the device is supplied to the IC card, A data processing system characterized in that the validity of a command is checked using the IC card. (2) The data processing system according to claim 1, wherein the command is formed by adding data. (3) In a data processing system consisting of an IC card that integrally houses a CPU and a storage unit, and a device to which this IC card is installed, data is sent from the ten cards in response to commands from the device. A data processing system characterized in that the device performs a validity check on a response.