KR20150027677A - Data processing system including key manager and operating method of key manager - Google Patents

Abstract

The purpose of the present invention is to provide a data processing system including key manager that has improved security and manages keys for encryption and decryption, and an operating method of the key manager. The present invention relates to a data processing system. The data processing system includes a memory, a central processing unit, and a key manager. The key manager includes a first register configured to store commands, a second register configured to store user settings, a unique value storage unit configured to output unique values, and a main controller configured to generate keys using user settings and unique values. The unique value is used only in the key manager without being output to the outside of the key manager. The key manager generates same keys using same user settings, and generates different keys using different user settings.

Description

TECHNICAL FIELD [0001] The present invention relates to a data processing system including a key manager and a method of operating the key manager.

The present invention relates to a semiconductor device, and more particularly, to a data processing system including a key manager and a method of operating the key manager.

BACKGROUND OF THE INVENTION With the advancement of semiconductor technology, the performance of personal electronic devices such as personal computers, notebook computers, smart phones, smart pads, and the like is being advanced. As the performance of personal electronic devices becomes more sophisticated, the kinds of contents that are driven in personal electronic devices become diverse and capacity is increasing.

Content running on personal electronic devices may include personal information. For example, personal electronic devices may store personal financial information such as personal information such as memos, diaries, etc., authorized certificates, credit card payment information, and the like. If such personal information is leaked through the loss or hacking of personal electronic devices, financial accidents may result.

An encryption and decryption scheme may be used to improve the security of the content that is run on personal electronic devices. According to the encryption and decryption scheme, the data stored in the personal electronic devices is encrypted. When the personal electronic device wants to use the data, the encrypted data is decrypted. By encrypting and storing the data, leakage of personal information can be prevented.

However, hacking means have been found that can disable existing encryption and decryption schemes. Thus, there is a continuing need for encryption and decryption schemes to block hacking and achieve higher levels of security.

It is an object of the present invention to provide a data processing system and a method of operating a key manager including a key manager for managing keys for encryption and decryption having improved security.

A data processing system according to an embodiment of the present invention includes: a memory; A central processing unit configured to control the memory; And a key manager configured to manage a key under the control of the central processing unit, the key manager including: a first register configured to store a command received from the central processing unit; A second register configured to store a user setting value received from the central processing unit; An eigenvalue storage unit configured to output eigenvalues; And a main controller configured to generate the key using the user setting value and the eigenvalue stored in the second register in response to the command stored in the first register, And the key manager generates the same keys using the same user set values and generates different keys using different user set values.

In an embodiment, the main controller is configured to derive the key by performing block cipher or key hash using the eigenvalue and the user setting value.

The embodiment further includes a random number generator configured to output a random number, and the main controller is configured to select the random number output from the random number generator as the key.

As an embodiment, the apparatus further includes a key memory, and the main controller is configured to store the random number selected by the key in the key memory in association with the user setting value.

In one embodiment, the main controller is a command for requesting loading of a key generated in advance in the command stored in the first register, and if the user setting value is stored in the key memory, a key corresponding to the user setting value From the key memory.

In an embodiment, the main controller is a command for requesting a backup of a key generated in advance in the command stored in the first register, and if the user setting value is stored in the key memory, a key corresponding to the user setting value From the key memory and back up.

The apparatus further comprises a block encryption unit configured to encrypt the user set value and the key read from the key memory using the eigenvalue, wherein in response to the command requesting the backup, Data is backed up.

As an embodiment, the apparatus further comprises a hash unit configured to generate the user set value and a hash of the key read from the key memory, wherein in response to the command requesting the backup, the hash is read from the key memory Key.

As an embodiment, when the command stored in the first register is a command requesting restoration, the hash unit is configured to generate a hash of the backed up key and the user set value stored in the second register, And when the generated hash is the same, the backed up key is restored.

In an embodiment, the user setting value is set differently for each of applications executed in the central processing unit.

In an embodiment, the user setting value is a value generated based on identifier (ID) information of applications executed in the central processing unit.

In an embodiment, the eigenvalue storage unit includes a One-Time Program (OTP) circuit for storing and outputting the eigenvalue.

In an embodiment, the eigenvalue storage unit includes an electrical fuse storing and outputting the eigenvalue.

An operation method of a key manager according to an embodiment of the present invention for managing a key for encrypting or decrypting data includes the steps of: receiving a key request command and a user setting value; And outputting the key using the eigenvalue and the user setting value in response to the key request command, wherein the eigenvalue is not output to the outside of the key manager but is used only within the key manager, The same keys are generated using the same user settings, and different keys are generated using different user settings.

In an embodiment, the step of outputting the key may include outputting the key according to a first scheme when the key request command is the first type, and when the key request command is a second type different from the first type And outputting the key according to a second scheme different from the first scheme, and in response to the same user settings, output according to the second scheme and the key output according to the first scheme.

According to the present invention, a key is generated using a user-set value and an eigenvalue. The eigenvalue and the key are not allowed to be accessed by the application running on the central processing unit. Accordingly, a data processing system including a key manager with enhanced security and a method of operating the key manager are provided.

1 is a block diagram showing a data processing system according to an embodiment of the present invention.
2 is a block diagram illustrating the key manager of FIG.
3 is a flowchart illustrating an operation method of a key manager according to an embodiment of the present invention.
Figure 4 is a flow chart showing in more detail the step of analyzing the command.
5 is a diagram for explaining the operation of the key manager when the first scheme is selected.
6 is a flow chart showing an example of the first scheme.
7 is a flowchart showing a first example of the second scheme.
8 is a block diagram showing an example of a key memory.
9 is a flowchart showing a second example of the second scheme.
10 is a flowchart showing a third example of the second scheme.
11 is a flowchart showing a fourth example of the second scheme.
12 is a flowchart showing a first example of a method of operation of the data processing system of FIG.
13 is a flowchart showing a second example of a method of operation of the data processing system of FIG.
14 is a flowchart showing a third example of the operation method of the computing device of FIG.
15 is a flowchart showing a fourth example of the operation method of the computing device of FIG.

Hereinafter, embodiments of the present invention will be described in detail with reference to the accompanying drawings, so that those skilled in the art can easily carry out the technical idea of the present invention. .

1 is a block diagram illustrating a data processing system 10 in accordance with an embodiment of the present invention. Referring to FIG. 1, a data processing system 10 includes a system-on-chip (SoC) 100, a display 135, and an external memory 155. The data processing system 10 may be, but is not limited to, a mobile device, a smartphone, a PDA, a personal computer, a tablet PC, a notebook computer, a netbook, an e-reader, a PMP, an MP3 player,

The system-on-chip 100 may be an application processor. The application processor can control all operations of the data processing system 10. The system-on-chip 100 includes a central processing unit 110, a key manager 120, a display controller 130, a ROM 140, a RAM 160, a memory controller 150, and a bus. The system-on-chip 100 may further include other components such as a power management unit, a television processor, a graphics processing unit, a clock unit, and the like.

The central processing unit 110 may process or execute programs or data stored in the memory 140, 160 or 155, depending on the operating clock frequency. The central processing unit 110 may be implemented as a multi-core processor. A multicore processor may be a single computing device having two or more independent processors (e.g., cores). Each of the processors may read and execute program instructions. The multi-core processors can drive a plurality of accelerators at once, and thus a data processing system including multi-core processors can perform multi-acceleration.

The key manager 120 manages the keys used for encryption, and can encrypt and decrypt the data and keys. Secure storage is a technology that allows only authorized users or programs to access sensitive data. For secure storage, data is encrypted and securely stored in memory and decrypted when needed. Thus, the data is protected from illegal users or programs. The determination of illegal access may be performed depending on whether the access has authority to use an encryption or decryption key.

Key manager 120 protects keys from attacks that intercept keys and attacks that contaminate keys. An attack that intercepts a key is an attack that illegally accesses a key, while an attack that contaminates a key is an attack that destroys or destroys a key. Thus, in order to securely manage the key, the key manager 120 can block this illegal attack on the key and ensure the integrity of the key.

The key manager 120 provides a key management function. The key management function is a function associated with the management of the entire period of the key including the generation, use, storage, encryption and destruction of the key. The key management function includes a function of encrypting a key in preparation for power-off and storing it in a nonvolatile memory, and decrypting it when necessary. The key management function may include key encryption, key hashing, and access control to prohibit the host (e.g., hosted software or application) from accessing the key.

By way of example, the host can only run the key manager 120 via a command, and software (e.g., a host) is prohibited from accessing the key.

The program or data stored in the external memory 155 may be loaded into the memory or the central processing unit 110 in the system-on-chip 100 when necessary.

The ROM 140 may store persistent programs or data. The ROM 140 may be implemented as an EPROM or an EEPROM.

The RAM 160 may temporarily store programs, data, or instructions. The program or data stored in the ROM 140 may be temporarily stored in the RAM 160 under the control of the central processing unit 110 or the boot code stored in the ROM 140. [ The RAM 160 may be implemented as a DRAM or SRAM.

The memory controller 150 may be used for interfacing with the external memory 155. [ The memory controller 150 can control all operations of the external memory 155 and can control data communication between the host and the external memory 155. [ The memory controller 150 can control the external memory 155 to read or write data at the request of the host. The host may be a master device such as the central processing unit 110 or the display controller 130.

The external memory 155 may be a storage device that stores data, an operating system, and various programs. The external memory 155 may be implemented as a volatile memory such as a DRAM, or a nonvolatile memory such as a flash memory, PRAM, MRAM, RRAM, FRAM, or the like. As another example, external memory 155 may be implemented in system-on-chip 100.

The components 110 to 160 of the data processing system 10 may communicate with each other via a bus.

The display device 135 may display the multimedia data. The display device 135 may be an LCD, but is not limited thereto. As another example, the display device 135 may be implemented as an LED display device, an OLED display device, or the like. The display controller 130 can control the operation of the display device 135. [

2 is a block diagram illustrating the key manager 120 of FIG.

1 and 2, the key manager 120 includes a key management core 200, a random number generator 250, a unique value storage 260, a key memory 270, and an encrypted key memory 280. [ .

The key management core 200 supports the block encryption unit 230 having various key sizes and can provide a key generation function, a key encryption function, a key decryption function, a key load function, and a key destruction function. The key management core 200 may be implemented in hardware.

The random number generator 250 may generate a pure random number or a pseudo random number. The random number generator 250 may provide the generated random number DEK to the key management core 200. [ The random number generator 250 may transmit the generated random number DEK to the other components of the data processing system 10 via the host interface 22. Although the random number generator 250 is shown as being located in the key manager 120, the random number generator 250 may be located outside the key manager 120.

The eigenvalue storage unit 260 may store the eigenvalue (KEK). The eigenvalue (KEK) may be a unique value corresponding to the data processing system 10. The eigenvalues of a plurality of different data processing systems may be different. Illustratively, the eigenvalue storage 260 may include a One-Time Program (OTP) circuit configured to store an eigenvalue (KEK), an electric fuse, a laser fuse, . ≪ / RTI > The eigenvalue storage unit 260 may include a nonvolatile memory configured to store an eigenvalue (KEK). The eigenvalue storage unit 260 may output the eigenvalue (KEK) to the key management core 200.

The eigenvalue storage unit 260 may be disabled (or prohibited) by software, such as an operating system, an application, or the like, which is driven in the data processing system 10. [ For example, the eigenvalue storage unit 260 may be a block in which addresses that can be accessed by software are not allocated. Even when an address is assigned to the eigenvalue storage unit 260, the access request (read, write or erase request) of the software to the eigenvalue storage unit 260 can be ignored.

2, the eigenvalue storage unit 260 is located inside the key manager 120, but the eigenvalue storage unit 260 may be located outside the key manager 120.

The key memory 270 stores the unencrypted key, and the encrypted key memory 280 stores the encrypted key.

The key management core 200 includes a register 210, a main controller 220, a block encryption unit 230, and a hash unit 240.

The register 210 includes a command register 211, a user setting value register 213, and a status register. The command register 211 stores commands received from the host 21. The status register 212 stores the result of executing the command of the host 21. The data in the status register 212 is reported to the host 21 via an interrupt or poll. The user setting value register 213 stores a user setting value (USV) received from the host 21.

The command and user set value USV may be issued by an operating system or application driven by the host 21. The command CMD may include a command requesting the key manager 120 for a key, a command requesting a backup of the key, and a command requesting a restore of the key. The command CMD may include a command to the key manager 120 to request a key according to the first scheme and a command to request a key according to a second scheme different from the first scheme.

The user setting value (USV) may be a value set by the user. The same user settings correspond to the same user, and different user settings correspond to different users. Illustratively, the user may be an application running on the host 21. Applications running on the host 21 may use different user settings. For example, identifiers (IDs) of applications may be used as user settings.

The user may be an account set in the operating system running on the host 21. [ The same account can use the same user settings, and different accounts can use different user settings. The user setting value may include a password set in the account, data generated from the password set in the account, name of the account, data generated from the name of the account, and the like.

The user may be a terminal including the data processing system 10. The same terminal can use the same user setting value. The user setting value may be a lock password set by the user using the terminal.

The user may be groups of software running on the host 21. [ The same group can use the same user settings, and different groups can use different user settings. The groups of software can be classified according to the category of the software or the folder where the software is placed.

The user may be a general user. The same person can use the same user settings.

The main controller 220 translates and executes the command from the host 21. [ The main controller 220 may be implemented as a finite state machine (FSM).

The main controller 220 can operate in response to the command stored in the command register 211. [ The main controller 220 may operate using the user setting value USV stored in the user setting value register 213. [ The main controller 220 can store the execution result of the command in the status register 212. [ For example, the execution result may be stored in the status register 212 as the control signal CTRL.

The main controller 220 can receive the random number DEK from the random number generator 250. [ The main controller 220 may receive the eigenvalue (KEK) from the eigenvalue storage 260. [ Based on the user set value USV, the random number DEK, and the eigenvalue (KEK), the main controller 220 can generate a key.

For example, according to a first scheme, the main controller 220 can derive a key from a user-set value USV and a unique value KEK using a block cipher or a key hash have. The main controller 220 may derive the key from the user set value USV and the unique value KEK using one of various derivation methods that can not extract or infer an input value from the output value.

For example, according to the second scheme, the main controller 220 can select a random number (DEK) received from the random number generator 250 as a key. The main controller 220 can correlate and manage the random number (DEK) and the user setting value (USV) selected by the key. The main controller 220 may store the correlated key and user set value (USV) in the key memory 270. The main controller 220 may transmit the mutually related keys and the user setting value USV to the block encryption unit 230 and the hash unit 240. [

The main controller 290 includes a user check block 290. The user check block 290 may determine whether the user setting value USV received from the user setting value register 213 matches one of the user setting values stored in the key memory 270. [ When the user check is performed in the user check block 290, the main controller 220 may perform a subsequent operation according to the result of the user check.

For example, when the command received from the command register 211 is a command requesting a key of the first type, the main controller 220 can derive the key from the unique value KEK and the user set value USV have. For example, when a first type of key is needed, the host 21 may send a command to request a key of the first type and a user set value USV to the register 210.

For example, when the command received from the command register 211 is a command for requesting (e.g., generating request) a key of the second type, the main controller 220 selects the random number DEK as a key, The selected key and the user set value USV may be stored in the key memory 270 in association with each other. That is, when a second type of key is needed, the host 21 may send a command to request a second type of key and a user set value USV to the register 210.

For example, when the command received from the command register 211 is a command to request a second type of key (e.g., request loading of a pre-generated key), the user check block 290 returns a user- (For example, the same) user setting value corresponding to the user setting value USV received from the register 213 is present in the key memory 270. [ The main controller 220 can select the key stored in the key memory 250, i.e., the random number DEK, in association with the corresponding user setting value, if a corresponding user setting value exists in the key memory 270. [ That is, when a second type of key is needed, the host 21 may send a command to request a second type of key and a user set value USV to the register 210.

For example, when the command received from the command register 211 is a command requesting a backup of a second type of key, the user check block 290 receives a user set value (USV (E.g., the same) user setting value is present in the key memory 270. [ The main controller 220 sends the corresponding user setting value USV and the associated key KEY to the block encryption unit 230 and the hash unit 240 Lt; / RTI > The encrypted key through the block encryption unit 230 and the hash unit 240 may be stored in the encrypted key memory 280. [ That is, when a backup of the second type of key is needed, the host 21 may send a command to request the second type of key and a user set value USV to the register 210.

The block encryption unit 230 can encrypt or decrypt (or restore) the data and the key under the control of the main controller 220. For example, the block encryption unit 230 may receive a key and a user setting value (USV) from the main controller 220. The block encryption unit 230 may receive a hash from the hash unit 240. [ The block encryption unit 230 can encrypt a key, a user set value (USV), and a hash using a fixed value. The encrypted data may be stored in the encrypted key memory 280. In addition, the block encryption unit 230 may read the encrypted data from the encrypted key memory 280 and perform decryption using the fixed value. The block encryption unit 230 may perform a decryption to recover a key, a user set value (USV), and a hash. Illustratively, the fixed value may include a unique value (KEK) output from the eigenvalue author book 260.

The block encryption unit 230 includes a core logic 231, a key register 232, an input data register 233, and an output data register 234.

Core logic 231 may be logic that performs encryption and decryption. The key register 232 may temporarily store a key (e.g., DEK KEK). The input data register 233 may temporarily store data to be encrypted or decrypted. The output data register 234 may temporarily store the encrypted or decrypted data.

The hash unit 240 may generate a hash of the key and the user set value USV according to the control of the main controller 220. [ The hash algorithm of the hash unit 240 may convert an input value having an arbitrary length into an output value having a fixed length. The output value may be a hash. The hash portion 240 may include a core 232 that generates a hash, an input data register 242 that stores input data, and an output data register 243 that stores output data (e.g., a hash) .

The key manager 120 interfaces with the host 21 via the host interface 22. The host interface 22 may send commands, status and keys between the host 21 and the key manager 120. The host interface 22 may include, but is not limited to, AMBA, AHB, and the like.

3 is a flowchart illustrating an operation method of the key management block 170 according to an embodiment of the present invention. Referring to FIGS. 2 and 3, in step S110, the key manager 120 receives a command CMD and a user setting value USV from the host 21. For example, the key manager 120 may receive a command (CMD) and a user setting value (USV) issued by an operating system or application running on the host 21.

In step S120, the key manager 120 analyzes the received command CMD. For example, the main controller 220 may analyze the command stored in the command register 211. [

In step S130, the key manager 120 generates a key KEY using the user set value USV according to the analysis result of the command CMD. For example, the main controller 220 may derive a key KEY from a user setting value USV and an eigenvalue (KEK) according to a first scheme. The main controller 220 can select the random number DEK output from the random number generator 250 as the key KEY according to the second scheme. The main controller 220 may select the key KEY corresponding to the user set value USV stored in the key memory 270 according to the second scheme.

Illustratively, the generation of the key KEY may be performed based on authentication of the user set value USV. If the user setting value USV is not a correct value, the main controller 220 generates an improper key from the user setting value USV and the eigenvalue KEK. If the user set value USV is not a correct value, the main controller 220 can not select the correct key (KEY) in the key memory 270. If the correct key is not selected, encryption or decryption can not be performed normally. That is, improper access to the encrypted data is prevented.

According to the present invention, authentication is performed using a user setting value (USV), and when authentication is successful, encryption and decryption of data is performed using a key that can not be accessed by software. The key is generated using a unique value (KEK) that can not be accessed by software, or is generated using a random number (KEK). Thus, the security of the data processing system 10 including the key manager 120 and the key manager 120 is improved because an attempt to acquire or acquire the key in an improper manner such as hacking is blocked.

4 is a flow chart showing in more detail the step of analyzing the command CMD (S120). Referring to Figs. 2 to 4, in step S121, it is determined whether the received command CMD is the first type. For example, the main controller 220 can determine whether the command CMD received from the command register 211 is the first type.

If the received command CMD is the first type, the first scheme for managing the key KEY is selected in step S123. For example, the main controller 220 may select a first scheme for generating a key KEY using a unique value KEK and a user set value USB.

If the received command CMD is not the first type, the second scheme for managing the key KEY is selected in step S125. For example, the main controller 220 may select a random number (DEK) output from the random number generator 250 as a key or a second scheme for selecting a random number (DEK) stored in the key memory 270 as a key .

5 is a diagram for explaining the operation of the key manager 120 when the first scheme is selected. Illustratively, compared to the key manager 120 of FIG. 2, the blocks that are not used when the first scheme is selected are shown in dashed lines. 5, when the first scheme is selected, the block encryption unit 230, the hash unit 240, the random number generator 250, the key memory 270, the encrypted key memory 280, (290) may not be used.

6 is a flow chart showing an example of the first scheme. Illustratively, the operation of generating a key using the first scheme is shown in FIG. For example, the command CMD received from the host 21 may be a command of the first type.

Referring to FIGS. 5 and 6, in step S141, the eigenvalue (KEK) is read. For example, the main controller 220 may read the eigenvalue (KEK) from the eigenvalue storage 260. [ For example, the key derivation block 173 may read a portion of the eigenvalues stored in the eigenvalue storage unit 260 as an eigenvalue (KEK).

In step S143, the key KEY is generated using the user setting value USV1 and the eigenvalue (KEK). For example, the main controller 220 may generate a key KEY by applying a predefined algorithm to the user set value USV and the unique value KEK. The main controller 220 may derive the key KEY from the user set value USV and the unique value KEK using a block cipher or a key hash. The main controller 220 can derive the key KEY from the user set value USV and the unique value KEK using one of various derivation algorithms that can not extract or infer an input value from the output value. The main controller 220 may generate the key KEY using an algorithm that produces the same output for the same input.

Illustratively, the generated key (KEY) may be output to the host (21) or transmitted to the block encryption unit (230). In the host 21 or the block encryption unit 230, the key KEY may be used for encrypting the data.

As described above, the first scheme uses a method of instantly generating a key (KEY) whenever a key (KEY) is needed. The eigenvalue storage unit 260 always outputs an eigenvalue (KEK) having the same value. Accordingly, when the user set value USV having the same first value is input, the key KEY having the same first value is always output. When a user set value (USV) having a second value different from the first value is input, a key (KEY) having a second value different from the first value is output. Therefore, since the appropriate key (KEY) is generated only for the right user, the data processing system 10 including the key manager 120 and the key manager 120 having the improved security based on the user authentication, and the data management method / RTI > In addition, the eigenvalue (KEK) is not accessed by the software running on the host 21. Accordingly, a data processing system 10 including a key manager 120 and a key manager 120 with improved security, and a data management method are provided.

7 is a flowchart showing a first example of the second scheme. Illustratively, the operation of generating a key using the second scheme is shown in FIG. For example, the command CMD received from the host 21 is of the second type, and may be a command requesting the generation of the key KEY.

2 and 7, in step S151, the random number DEK and the user setting value USV are received. The main controller 220 may receive the random number DEK from the random number generator 250 and receive the user setting value USV from the user setting value register 213. [

In step S153, the random number DEK is selected with a key associated with the user setting value USV. For example, the random number DEK may be selected with a key corresponding to the user setting value USV. The random number DEK selected with the key may be stored in the key memory 270 together with the associated user setting value USV.

Illustratively, the random number DEK selected by the user setting value USV and the key KEY may be transmitted to the hash portion 240. [ The hash unit 240 may generate a hash based on the user setting value USV and the key KEY. The generated hash can be transmitted to the block encryption unit 230.

The random number DEK selected by the user setting value USV and the key KEY may also be transmitted to the block encryption unit 230. [ The block encryption unit 230 may receive a hash from the hash unit 240. [ The block encryption unit 230 may encrypt a user set value (USV), a random number (DEK) selected by a key, and a hash using a fixed value. The fixed value may be a unique value (KEK) output from the eigenvalue storage unit 260. [ The encrypted data may be stored in the encrypted key memory 280. That is, the key is encrypted and backed up. Illustratively, a backup of the key may be performed following the creation of the key or upon the request of the host 21.

As another example, the user check block 290 may perform a user check using a user set value (USV). That is, the user check block 290 can check whether the user setting value USV is stored in the key memory 270. [ If the user set value USV is not stored in the key memory 270, the main controller 220 can select the random number DEK output from the random number generator 250 as a key KEY. If the user setting value USV is stored in the key memory 270, the main controller 220 notifies the host 21 that the key KEY corresponding to the user setting value USV has already been generated . As another example, when the user set value USV is stored in the key memory 270, the main controller 220 generates a random number DEK corresponding to the user set value USV and stored in the key memory 270, Can be selected by the key.

Illustratively, the generated key (KEY) may be output to the host (21) or transmitted to the block encryption unit (230). In the host 21 or the block encryption unit 230, the key KEY may be used for encrypting the data.

FIG. 8 is a block diagram showing an example of the key memory 270. FIG. Referring to FIG. 8, the key memory 270 may store a user set value list (UL) and a key list (KL). The user set value list UL may include a plurality of user set values USV_1 to USV_n. The key list KL may include a plurality of keys KEY_1 to KEY_n. The plurality of user setting values USV_1 to USV_n may correspond to the plurality of keys KEY_1 to KEY_n, respectively. For example, when the user setting value USV_k and the key KEY_k are respectively registered in the user setting list UL and the key list KL, the user setting value USV_k and the key KEY_k are correlated May be created and stored together. As another example, the correlated user setting value USB_k and the key KEY_k may be stored in a predetermined position (e.g., a predetermined address, etc.) according to a predetermined rule.

9 is a flowchart showing a second example of the second scheme. Illustratively, the operation of selecting (or loading) a pre-generated key using the second scheme is shown in FIG. For example, the command CMD received from the host 21 is of the second type, and may be a command requesting the key KEY generated in advance.

Referring to FIGS. 2 and 9, in step S161, it is determined whether the user setting value USV is stored in the key memory 270. For example, the user check block 290 can determine whether the user setting value USV received from the user setting value register 213 is stored in the key memory 270.

If the user set value USV is present in the key memory 270, the key KEY corresponding to the user set value USV is read from the key memory 270 in step S163. If the user set value USV is not present in the key memory 270, the user check block 290 or the main controller 220 can treat the error as occurring. The main control block 220 may notify the host 21 that no key KEY corresponding to the user set value USV has been generated.

As another example, when the user setting value USV is not present in the key memory 270, the main controller 220 may generate the key KEY as described with reference to FIG.

Illustratively, the read key KEY may be output to the host 21, or may be transmitted to the block encryption unit 230. In the host 21 or the block encryption unit 230, the key KEY may be used for encrypting the data.

10 is a flowchart showing a third example of the second scheme. Illustratively, the operation of backing up a key using the second scheme is shown in FIG. For example, the command CMD received from the host 21 is of the second type, and may be a command requesting a backup of the key KEY.

Referring to FIGS. 2 and 10, in step S171, it is determined whether a user setting value USV exists in the key memory 270. FIG.

If the user setting value USV is not stored in the key memory 270, the backup is not performed in step S179 and is terminated. The main controller 220 can notify the host 21 that no key KEY corresponding to the user set value USV has been generated.

If the user set value USV is stored in the key memory 270, a hash is generated using the user set value USV and the key KEY in step S173. For example, the main controller 220 may transmit the key KEY and the user setting value USV to the hash unit 240. The hash unit 230 may generate the hash using the key KEY and the user set value USV.

In step S175, the user setting value USV, the key KEY, and the hash are encrypted using the fixed value. For example, the main controller 220 transmits the user setting value USV and the key KEY to the block encryption unit 230. The hash unit 240 transmits the hash to the block encryption unit 230. The block encryption unit 230 encrypts the user set value USV, the key KEY and the hash using the fixed value. The fixed value may be a fixed value generated in the block encryption unit 230 or an eigenvalue (KEK) output from the eigenvalue storage unit 260. [

In step S177, the encrypted data is stored. For example, the encrypted data may be stored in the encrypted key memory 280. As another example, the encrypted data may be stored in a non-volatile memory connected to the host interface 22 via the host interface 22. That is, the encrypted data may be backed up internally in the key manager 120 or in non-volatile memory outside the key manager 120.

11 is a flowchart showing a fourth example of the second scheme. Illustratively, the operation of restoring a backed up key using the second scheme is shown in FIG. For example, the command CMD received from the host 21 is of the second type and may be a command requesting restoration of the backed-up key KEY.

2 and 11, in step S181, the encrypted data is received. For example, encrypted data can be read from the backed-up repository. The encrypted data may be read from the encrypted key memory 280 or from a non-volatile memory connected to the host interface 22. [

In step S183, the encrypted data is decrypted. The block encryption unit 230 receives the encrypted data and can decrypt the encrypted data using a fixed value. The fixed value may be an eigenvalue (KEK) output from the eigenvalue storage 260.

In step S185, a hash check is performed. For example, the main controller 220 transmits the user setting value USV stored in the user setting value register 213 and the key KEY decrypted by the block encryption unit 230 from the encrypted data to the hash unit 240, Lt; / RTI > The hash unit 240 may generate a hash using the user set value USV sent from the user setting value register 213 and the key KEY decrypted from the encrypted data. The main controller 220 can compare the hash decrypted by the block encrypting unit 230 from the hash generated in the hash unit 240 and the encrypted data.

In step S187, it is determined whether or not the hash check succeeds. For example, when the two hashes to be compared are the same, the main controller 220 can determine that the hash check is successful. When the two hashes to be compared are not the same, the main controller 220 can determine that the hash check has failed.

If the hash check is successful, the key KEY and the user set value USV are stored in the key memory 280 in step S189. If the hash check is not successful, it is determined in step S188 that an error has occurred. The key KEY is not restored, and the main controller 220 can notify the host 21 that the restoration has failed.

Illustratively, when the user set value USV received with the command requesting the restoration of the key KEY is equal to the user set value USV used in encrypting the key KEY, Hashes can be the same. Further, when there is no error in the key (KEY) decrypted from the encrypted data, the two hashes to be compared can be the same. That is, when a correct user setting value indicating a user with authority is input, and when there is no error in the key KEY, the key KEY is restored from the backed-up store and stored in the key memory 270 . When an invalid user setting value indicating an unauthorized user is input, or when an error exists in the key (KEY), the key (KEY) is not restored.

As described above, according to the second scheme, only when a correct user setting value (USV) is inputted from the host 21, the corresponding key KEY is output. Accordingly, a key manager 120 having improved security based on user authentication, a data processing system 10 including a key manager, and a data management method are provided.

12 is a flowchart showing a first example of a method of operation of the data processing system 10 of FIG. Illustratively, the manner in which the data processing system 10 writes data to the external memory 155 is shown in FIG.

Referring to FIGS. 1 and 12, in step S210, a data write event occurs. The write event refers to a situation in which it is required to write data in the external memory 155. For example, a write event may be generated by software such as an operating system, an application, or the like, which is driven by the central processing unit 110.

The central processing unit 110 transmits the user setting value USV and the command CMD to the key manager 120 in step S220. The command CMD may be a command for requesting a key KEY. For example, the command CMD may be a command requesting to generate a key KEY according to a first scheme, or a command requesting to generate or load a key KEY according to a second scheme. The user setting value may be an identifier of the operating system or application requesting the writing of data.

In step S230, the key manager 120 outputs a key KEY. For example, the key manager 120 may generate the key KEY according to the first scheme or generate or load the key KEY according to the second scheme, based on the user setting value USV have. In step S230, it is assumed that the key KEY is normally output without the error described above. Illustratively, the key manager 120 may output a key KEY to an element that encrypts data to be written to the external memory 155. [ When the central processing unit 110 performs encryption, the key manager 120 may output the key KEY to the central processing unit 110. [ The key manager 120 outputs the key KEY when the key manager 120 performs the encryption of the data, that is, when the block encryption unit 230 performs the encryption of the data to be written in the external memory 155 But can be used internally. When separate circuits or logic for performing encryption of data to be written to the external memory 155 is provided to the data processing system 10, the key manager 120 outputs a key KEY to a separate circuit or logic . In FIG. 12, it is assumed that the key manager 120 outputs the key KEY to the central processing unit 110, but the technical idea of the present invention is not limited thereto.

In step S240, the central processing unit 110 transmits the write command, the address, and the encrypted data to the external memory 155. [ Illustratively, the central processing unit 110 may encrypt the data using the key (KEY) received from the key manager 120. The central processing unit 110 may transmit the encrypted data to the external memory 155 together with the write command and the address. Illustratively, when the encryption of the data to be written in the external memory 155 is performed by a separate circuit or logic, the encrypted data is transferred from the separate circuit or logic other than the central processing unit 110 to the external memory 155 . When the encryption of the data to be written in the external memory 155 is performed by the key manager 120, the encrypted data can be transferred from the key manager 120 to the external memory 155. [

In step S250, the encrypted data is written in the external memory 155. [

As described with reference to Fig. 12, the data written in the external memory 155 is encrypted using the key KEY. The key KEY is generated through user authentication based on a user setting value (USV). Therefore, the security of the data stored in the external memory 155 is improved.

13 is a flowchart showing a second example of a method of operation of the data processing system 10 of FIG. Illustratively, the manner in which the data processing system 10 reads data from the external memory 155 is shown in FIG.

Referring to FIGS. 1 and 13, in step S310, a data read event occurs. The data read event refers to a situation where it is required to read data from the external memory 155. [ For example, a data read event may be generated by software such as an operating system, an application, or the like, which is driven in the central processing unit 110 of the data processing system 10. [

In step S320, the central processing unit 110 transmits the user setting value USV and the command CMD to the key manager 120. The command CMD may be a command for requesting a key KEY.

In step S330, the key manager 120 may transmit a key KEY to the central processing unit 110. [ For example, the key manager 120 may generate the key KEY according to the first scheme or generate or load the key KEY according to the second scheme, based on the user setting value USV have.

In step S330, it is assumed that the key KEY is normally output without the error described above. Illustratively, the key manager 120 may output a key (KEY) as an element for decrypting data read from the external memory 155. When the central processing unit 110 performs decoding, the key manager 120 may output the key KEY to the central processing unit 110. [ When the key manager 120 performs the decryption of data, that is, when the block encryption unit 230 decrypts the data read from the external memory 155, the key manager 120 does not output the key KEY It can be used internally. The key manager 120 may output the key KEY to a separate circuit or logic when the data processing system 10 is provided with a separate circuit or logic for performing the decryption of the data read from the external memory 155 have. 13, it is assumed that the key manager 120 outputs the key KEY to the central processing unit 110, but the technical idea of the present invention is not limited thereto.

In step S340, the central processing unit 110 may transmit a read command and an address to the external memory 155. [

In step S350, the external memory 155 may read the encrypted data stored in the position corresponding to the address received in step S340, in response to the read command received in step S340.

In step S360, the external memory 155 transmits the read data, that is, the encrypted data, to the central processing unit 10. [ As described above, the external memory 155 may transmit the encrypted data to the component that decrypts the encrypted data. The external memory 155 may transmit the encrypted data to the component to which the key KEY is transmitted. When decryption is performed by the central processing unit 110, the external memory 155 may transmit the encrypted data to the central processing unit 110. [

Illustratively, steps S320 and S330 may be performed sequentially. Steps S340 to S360 may be performed sequentially. Steps S320 and S330 may be performed in parallel with each of steps S340 through S360, or before or after each step. Steps S340 through S360 may be performed in parallel with each of steps S320 and S330, or before or after each step.

As described with reference to Fig. 13, the data read from the external memory 155 is decrypted using the key KEY. The key (KEY) is output through user authentication based on the user setting value (USV). Therefore, the security of the data stored in the external memory 155 is improved.

14 is a flowchart showing a third example of a method of operation of the data processing system 10 of FIG. Illustratively, the manner in which the data processing system 10 backs up the keys KEY to the external memory 155 in accordance with the second scheme is shown in FIG.

Referring to FIGS. 1 and 14, in step S410, a backup event occurs. The backup event refers to a situation where it is required to back up the key KEY to the external memory 155 according to the second scheme. For example, a backup event may be generated by software, such as an operating system, an application, or the like, which is driven in the central processing unit 110 of the data processing system 10. [

In step S420, the central processing unit 110 transmits a user setting value (USV) and a command (CMD) to the keyer 120. Illustratively, the command CMD may be a command requesting a backup of the key KEY.

In step S430, the key manager 120 generates a hash using the user setting value USV and the key KEY. The hash can be generated by the hash unit 240. The key manager 120 encrypts the user setting value USV, the key KEY, and the hash H to generate encrypted data. The encryption may be performed by the block encryption unit 230.

In step S440, the key manager 120 transmits the encrypted data to the external memory 155. [

In step S450, the central processing unit 110 transmits the write command and the address to the external memory 155. [ Illustratively, step S450 may be performed in parallel with at least one of steps S420 through S440. Step S450 may be performed before or after each of steps S420 to S440.

For example, the key manager 120 may output the key KEY to the central processing unit 110 instead of outputting the key KEY to the external memory 155. The central processing unit 110 can transmit the key KEY to the external memory 155 together with the write command and the address.

In step S460, the external memory 155 writes the encrypted data in a position corresponding to the address received in step S450, in response to the write command received in step S450.

As described with reference to FIG. 14, the keys created and managed according to the second scheme are backed up via user authentication based on user settings (USV). Therefore, since the key KEY can not be restored through an illegal means such as hacking, the security of the key KEY is improved.

In Fig. 14, the key KEY has been described as being backed up to the external memory 155. However, the key KEY may be backed up to the encrypted key memory 280 rather than to the external memory 155. [ In other words, the key KEY can be backed up in the key manager 120.

15 is a flowchart showing a fourth example of a method of operation of the data processing system 10 of FIG. Illustratively, a method by which data processing system 10 retrieves a key KEY from external memory 155 in accordance with a second scheme is shown in FIG.

Referring to FIGS. 1 and 15, a restore event occurs in step S510. The restoration event refers to a situation where it is required to restore the key KEY from the external memory 155 according to the second scheme. For example, a restore event may be generated by software, such as an operating system, an application, or the like, which is driven in the central processing unit 110 of the data processing system 10. [

In step S520, the central processing unit 110 may transmit the user setting value and the command CMD to the key manager 120. [ The command CMD may be a command requesting the restoration of the key KEY.

In step S530, the central processing unit 110 transmits a read command and an address to the external memory 155. [

In step S540, the external memory 155 may read the encrypted data from the location corresponding to the address received in step S530, in response to the read command received in step S530.

In step S550, the external memory 155 may transmit the read data, that is, the encrypted data to the key manager 120. [

Illustratively, step S520 may be performed in parallel with at least one of steps S530 through S550. Step S520 may be performed before or after each of the steps S530 through S550.

For example, the external memory 155 may output the encrypted data to the central processing unit 110, instead of outputting the encrypted data to the key manager 120. The central processing unit 110 may transmit the encrypted data to the key manager 120. [ The key manager 120 may decrypt the encrypted data and store the decrypted data in the key memory 270.

As described with reference to Fig. 15, the keys generated and managed according to the second scheme are restored through user authentication based on the user set value (USV). Therefore, since the key KEY can not be restored through an illegal means such as hacking, the security of the key KEY is improved.

In Fig. 15, it is described that the key (KEY) is restored from the external memory 155. However, the key KEY can be recovered from the encrypted key memory 280 rather than from the external memory 155. [ That is, the key KEY can be restored in the key manager 120.

While the invention has been shown and described with reference to certain preferred embodiments thereof, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention. Therefore, the scope of the present invention should not be limited to the above-described embodiments, but should be determined by the equivalents of the claims of the present invention as well as the claims of the following.

10; Data processing system
100; System-on-Chip
135; Display device
155; External memory
110; Central processing unit
120; Key Manager
130; Display controller
140; ROM
150; Memory controller
160; RAM

Claims (10)

Memory;
A central processing unit configured to control the memory; And
And a key manager configured to manage a key under the control of the central processing unit,
The key manager,
A first register configured to store a command received from the central processing unit;
A second register configured to store a user setting value received from the central processing unit;
An eigenvalue storage unit configured to output eigenvalues; And
And a main controller configured to generate the key using the user setting value and the eigenvalue stored in the second register in response to the command stored in the first register,
Wherein the eigenvalue is not output to the outside of the key manager but used only inside the key manager,
Wherein the key manager generates the same keys using the same user set values and generates different keys using different user set values. The method according to claim 1,
Wherein the main controller is configured to derive the key by performing a block cipher or a key hash using the eigenvalue and the user set value. The method according to claim 1,
And a random number generator configured to output a random number,
And the main controller is configured to select the random number output from the random number generator with the key. The method of claim 3,
Further comprising a key memory,
Wherein the main controller is configured to store the random number selected with the key in the key memory in association with the user setting value. 5. The method of claim 4,
Wherein the main controller is a command for requesting loading of a key generated in advance in the command stored in the first register and if the user setting value is stored in the key memory, And outputting the data from the data processing system. 5. The method of claim 4,
Wherein the main controller is a command for requesting a backup of a key generated in advance in the command stored in the first register, and if the user setting value is stored in the key memory, And to back up the data. The method according to claim 6,
And a block encryption unit configured to encrypt the user set value and the key read from the key memory using the eigenvalue,
And in response to the command requesting the backup, the data encrypted by the block encryption unit is backed up. The method according to claim 6,
Further comprising a hash unit configured to generate the user set value and a hash of the key read from the key memory,
And in response to the command requesting the backup, the hash is backed up with the key read from the key memory. 1. An operation method of a key manager for managing a key for encrypting or decrypting data, comprising:
Receiving a key request command and a user set value; And
In response to the key request command, outputting the key using the eigenvalue and the user setting value,
Wherein the eigenvalue is not output to the outside of the key manager but used only inside the key manager,
Wherein the same keys are generated using the same user set values and different keys are generated using different user set values. 10. The method of claim 9,
Wherein the outputting of the key comprises:
Outputting the key according to a first scheme when the key request command is of a first type and outputting the key according to a second scheme different from the first scheme when the key request command is a second type different from the first type And outputting the key,
Wherein the key output in accordance with the first scheme and the key output in accordance with the second scheme are in response to the same user settings.

Images