TWI464616B - Apparatus for processing information, and computor program - Google Patents
Apparatus for processing information, and computor program Download PDFInfo
- Publication number
- TWI464616B TWI464616B TW099108855A TW99108855A TWI464616B TW I464616 B TWI464616 B TW I464616B TW 099108855 A TW099108855 A TW 099108855A TW 99108855 A TW99108855 A TW 99108855A TW I464616 B TWI464616 B TW I464616B
- Authority
- TW
- Taiwan
- Prior art keywords
- value
- auxiliary
- authentication
- unit
- calculation
- Prior art date
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Description
本發明有關於用以防止倣造品之對策用之機器間認證機構及認證方式,特別有關於利用廉價之構造排除洩漏秘密鍵之危險性同時進行機器之認證之認證機構及認證方式。The present invention relates to an inter-machine certification mechanism and an authentication method for preventing countermeasures against counterfeit products, and more particularly to a certification authority and an authentication method for performing device authentication while eliminating the risk of leaking secret keys by using an inexpensive structure.
由於倣造品或盜版商品使受害步上增加之一途,對於製造業者謀求防止倣造品之對策為當務之急的課題。Since counterfeit goods or pirated goods increase the number of victims, it is a matter of urgency for manufacturers to seek countermeasures against counterfeit products.
倣造品不只會造成潛在市場之喪失與品牌形象之降低,而且由於有關產品責任(product liability)之紛爭之增加,亦會造成正規品之生產力之降低。Imitations not only cause a loss of potential market and a reduction in brand image, but also increase the productivity of formal products due to increased disputes over product liability.
要謀求防止倣造品之對策時,需要設置某種之認證機構。In order to prevent countermeasures against counterfeit products, it is necessary to set up a certain certification body.
但是,因為認證機構是用來防止倣造品之使用,所以與屬於產品之裝置之本來功能無關,對使用者沒有直接之好處。However, since the certification authority is used to prevent the use of counterfeit goods, it has no direct benefit to the user regardless of the original function of the device belonging to the product.
另外一方面,要謀求防止對策時需要籌措零件或開發費等之成本,該等防止倣造品之對策所需要之成本,包含在產品之製造成本。On the other hand, in order to prevent countermeasures, it is necessary to raise costs such as parts and development costs, and the costs required to prevent such counterfeit products are included in the manufacturing cost of the products.
但是,以防止倣造品之對策作為理由提高裝置價格時,對使用者來說不需要之功能會成為使用者在金錢上之負擔,通常不能從市場之使用者獲得理解。However, when the price of the device is raised for the purpose of preventing the counterfeit product, the function that is unnecessary for the user becomes a burden on the user, and it is usually not available to the user of the market.
結果是,製造業者雖體會到需要防止倣造品之對策之事實,但由於成本方面之限制而往往斷了引進之念頭,因此如何才可以以廉價實現成為非常重要。As a result, although manufacturers have realized the fact that countermeasures against counterfeit products are needed, the introduction of the idea is often broken due to cost constraints, so how to achieve them at low cost becomes very important.
另一方面,在技術上一般採用使用詰問-回應(challenge/response)方式之認證方式。以下對詰問-回應方式進行簡單之說明。On the other hand, the authentication method using the challenge/response method is generally employed in the art. The following is a brief description of the question-response method.
另外,就以下所說明之使用詰問-回應方式之認證技術而言,例如,有專利文獻1所揭示之技術。In addition, as for the authentication technique using the question-response method described below, for example, there is a technique disclosed in Patent Document 1.
詰問-回應方式之動作以第14圖表示。The action of the question-response method is shown in Figure 14.
在假定主機器認證從屬機器之情況,以主機器和從屬機器預先互相共用秘密鍵為前提。In the case of assuming that the host machine authenticates the slave machine, it is premised that the master and the slave machine share the secret key with each other in advance.
另外,設成兩者具有相同之演算之HASH計算邏輯。In addition, it is assumed that both have the same calculation HASH calculation logic.
在許多之情況,該HASH計算邏輯使用SHA-1演算,但是只要是具有單向性之計算邏輯亦可以使用任意之演算。In many cases, the HASH calculation logic uses SHA-1 calculus, but any calculus can be used as long as it is unidirectional.
在此,當主機器和從屬機器具有互為相同之秘密鍵和HASH計算邏輯之情況時,以秘密鍵和任意值之2個資訊作為引數,當在兩者執行HASH計算邏輯時,應該可以獲得相同之HASH值。Here, when the master device and the slave machine have the same secret key and HASH calculation logic, the secret key and the arbitrary information are used as the arguments. When the HASH calculation logic is executed in both, it should be possible. Obtain the same HASH value.
這時之任意值作為詰問碼,使主機器發揮試著尋問從屬機器是否為共用相同之秘密鍵之對方的功能。Any value at this time is used as the query code, so that the host device tries to ask whether the slave device is the function of the other party sharing the same secret key.
其次說明第14圖之動作。Next, the action of Fig. 14 will be explained.
主機器為了要認證從屬機器,在主機器內產生亂數,將其交給從屬機器(=詰問)。In order to authenticate the slave machine, the host machine generates a random number in the host machine and hands it over to the slave machine (= 诘).
與其同時地,主機器將所產生之亂數和秘密鍵之2個資訊輸入到HASH計算邏輯,計算HASH值。At the same time, the host machine inputs the generated information of the random number and the secret key into the HASH calculation logic to calculate the HASH value.
在從屬機器側亦是使用接受自主機器之亂數進行同樣之計算,將HASH值傳送到主機器(=回應)。On the slave side, the same calculation is performed using the random number of the autonomous machine, and the HASH value is transmitted to the host (=response).
在從屬機器為正規之從屬機器之情況時,因為與主機器共用秘密鍵,所以在主機器和從屬機器應獲得相同之HASH值。In the case where the slave machine is a regular slave machine, since the secret key is shared with the master, the same HASH value should be obtained at the master and the slave.
在詰問-回應方式中,假定侵犯者在通信路上進行觀測。In the question-response method, it is assumed that the aggressor observes on the communication path.
由於在通信路上只授受亂數值和根據亂數值之HASH值,所以在所產生之亂數每次變化時,因為通信路上之值經常會不規則地變化,所以要特別界定秘密鍵會有困難。Since only the random value and the HASH value according to the random value are given on the communication path, it is difficult to specifically define the secret key because the value on the communication path often changes irregularly every time the generated random number changes.
因此由於第三者不知道秘密鍵,所以在利用從屬機器之前,假如先利用詰問-回應方式認證從屬機器,則可知道是否為正規品。Therefore, since the third party does not know the secret key, it is possible to know whether it is a regular product if the slave device is authenticated first by using the challenge-response method before using the slave machine.
由於主機器通常用來進行複雜之處理,所以具有CPU(Central Processing Unit)等之演算裝置。Since the main unit is usually used for complicated processing, it has a calculation device such as a CPU (Central Processing Unit).
但是,從屬機器並不一定具有演算裝置,舉一例而言,記憶機器通常在基板上只存在有記憶電路。However, the slave device does not necessarily have an arithmetic device. For example, the memory device usually has only a memory circuit on the substrate.
因此,近年來當在主機器和從屬機器之間進行詰問-回應方式之認證之情況時,主機器側利用演算裝置,從屬機器側利用安裝有認證用之認證IC(Integrated Circuit)之該IC,進行詰問-回應方式之一連貫之處理。Therefore, in the case where authentication of the challenge-response method is performed between the host device and the slave device in recent years, the host device side uses the calculation device, and the slave device side uses the IC to which the authentication IC (integrated circuit) for authentication is mounted. One of the interrogation-response methods is coherent.
近年來由於行動電話之普及,充斥著行動電話用之低劣非法電池,由於該等非法電池之起火等而發生了威脅到人之生命之狀況。In recent years, due to the popularity of mobile phones, the inferior illegal batteries used in mobile phones have been plagued by the fires of such illegal batteries, which have threatened the lives of human beings.
由於此種之社會背景,在行動電話電池規定必須設置可以確認是否為正規品之認證機構。Due to this social background, in the mobile phone battery regulations, it is necessary to set up a certification body that can confirm whether it is a formal product.
由於此種之社會要求,使從屬機器用之認證IC朝向低價格化和高功能化進步。Due to such social requirements, the certification ICs for slave machines are oriented toward low price and high functionality.
從屬機器用IC之一例被揭示在非專利文獻1。An example of a slave device IC is disclosed in Non-Patent Document 1.
從屬機器用IC一般具有HASH計算邏輯、和不能從外部觀測之秘密鍵之記憶區域、及可以從外部觀測之非揮發記憶區域,該種構造之IC在市場上非常廉價而且充分地流通。The slave device IC generally has a HASH calculation logic, a memory area of a secret key that cannot be observed from the outside, and a non-volatile memory area that can be observed from the outside, and the IC of such a structure is very inexpensive and sufficiently circulated in the market.
從屬機器用IC高度化之中,主機器用之認證IC卻一般在市場上不流通,在作成之情況時需要很高之成本,所以現實上不可行。Among the subordinate machine ICs, the authentication ICs used in the mainframes are generally not circulated in the market, and they require high costs in the case of creation, so it is not feasible in reality.
其理由可推測是通常之主機器具有演算裝置,在功能上不需要認證IC。The reason for this is presumably that the usual host device has a calculation device and does not require a certification IC in function.
另外,另一個理由可推測是與從屬機器用之IC比較時,主機器用之IC的出貨個數可預知很少,所以單價變高,IC供應商不會進行針對一般用途之開發或出貨。In addition, it is presumed that when compared with the IC for the slave device, the number of ICs for the host device can be predicted to be small, so the unit price becomes high, and the IC supplier does not develop or use for general use. goods.
專利文獻1:日本特開2009-086795號公報Patent Document 1: Japanese Laid-Open Patent Publication No. 2009-086795
非專利文獻1:MAXIM公司,「DS28CN01資料表」http://japan.maxim-ic.com/getds.cfm/pk/5369/In/jpNon-Patent Document 1: MAXIM Corporation, "DS28CN01 Data Sheet" http://japan.maxim-ic.com/getds.cfm/pk/5369/In/jp
在由一台之主機器2和與其連接之多台從屬機器構成之系統中,所謂進行防止倣造品之對策係指達成使倣造品從屬機器不能連接到正規品主機器,正規品從屬機器不能連接到倣造品主機器。In a system consisting of one main unit 2 and a plurality of slave devices connected thereto, the countermeasure for preventing counterfeit products means that the counterfeit subordinate machine cannot be connected to the regular product main machine, and the regular subordinate machine Cannot connect to the fake mainframe.
要達成此種目的時可以利用詰問-回應方式,在從屬機器側可以利用廉價之從屬機器用之認證IC。To achieve this purpose, you can use the challenge-response method, and you can use the authentication IC for inexpensive slave machines on the slave side.
另一方面,在先前技術之組裝中,主機器側以演算裝置之S/W(Software)組裝為主流。On the other hand, in the assembly of the prior art, the main unit side is dominated by the S/W (Software) assembly of the calculation device.
但是在先前技術之組裝中,在主機器側會有從除錯I/O(Input Output)被觀測到記憶資料而使秘密鍵之值洩漏之情況。However, in the assembly of the prior art, on the host side, there is a case where the memory data is observed from the debug output and the value of the secret key is leaked.
另外,如上所述,防止倣造品之對策不只是技術性之困難度,在成本方面之導入之容易度亦成為課題,所以最好是尋求能夠不導入主機器用之認證IC之對策。In addition, as described above, the countermeasure against the counterfeit product is not only technically difficult, but also the ease of introduction in terms of cost becomes a problem. Therefore, it is preferable to seek countermeasures for not being able to introduce the authentication IC for the host device.
本發明之主要目的是針對該等之問題點設計出機器構造和認證方式,以簡易之構造和防止鍵值洩漏之方式進行認證處理。The main object of the present invention is to design a machine construction and authentication method for such problems, and to perform authentication processing in a simple configuration and to prevent key value leakage.
本發明之資訊處理裝置,其特徵在於具有:通信部,用來從IC(Integrated Circuit,積體電路)接收每一個IC之固有之IC固有值、及進行比對用之比對值;秘密鍵記憶部,用來記憶秘密鍵;單向計算部,對被記憶在上述秘密鍵記憶部之上述秘密鍵和由上述通信部所接收到之上述IC固有值進行單向計算;和判定部,對由上述通信部所接收到之上述比對值和由上述單向計算部所算出之算出值進行比對,並判定上述比對值和上述算出值是否一致。The information processing device of the present invention includes a communication unit for receiving an IC inherent value unique to each IC from an IC (Integrated Circuit) and a comparison value for comparison; a secret key a memory unit for storing a secret key; the one-way calculation unit performs one-way calculation on the secret key stored in the secret key storage unit and the IC-specific value received by the communication unit; and a determination unit The comparison value received by the communication unit and the calculated value calculated by the one-way calculation unit are compared, and it is determined whether the comparison value and the calculated value match.
依照本發明時,只要是設在認證對象物之IC為正規之IC時,因為記憶與對IC固有值和秘密鍵進行單向計算所獲得之算出值一致之比對值,所以利用收信自IC之比對值和算出值之比較,可以判斷認證對象物之正當性。According to the present invention, when the IC to be authenticated is a regular IC, the memory is compared with the calculated value obtained by performing the one-way calculation of the IC unique value and the secret key. The comparison between the comparison value of the IC and the calculated value can determine the legitimacy of the object to be authenticated.
第1圖表示本實施形態之裝置構造例。Fig. 1 shows an example of the structure of the apparatus of the present embodiment.
認證IC是分別搭載在主機器2和從屬機器3之相同之IC。The authentication ICs are the same ICs that are mounted on the host device 2 and the slave devices 3, respectively.
主機器2具備有認證IC21和演算裝置22,演算裝置22具備有向內之通信路23和向外之通信路24。The host device 2 includes an authentication IC 21 and an arithmetic device 22, and the computing device 22 includes an inward communication path 23 and an outward communication path 24.
在向內之通信路23連接有主機器所使用之認證IC21。The authentication IC 21 used by the host device is connected to the inward communication path 23.
另外,向外之通信路24為用來與從屬機器3進行通信之通信路,在從屬機器3亦更連接有認證IC31。Further, the outgoing communication path 24 is a communication path for communicating with the slave device 3, and the slave device 3 is further connected with the authentication IC 31.
認證IC21和認證IC31在實體上為不同者,但是在機構上為相同者。The authentication IC 21 and the authentication IC 31 are physically different, but are the same in the organization.
認證IC之機構將於後述之第2圖中予以敘述。The organization that certifies the IC will be described in Figure 2, which will be described later.
另外,主機器2是資訊處理裝置之例,從屬機器3是認證對象物之例。Further, the host device 2 is an example of an information processing device, and the slave device 3 is an example of an authentication object.
另外,認證IC31為認證對象IC之例,認證IC21為補助IC之例。Further, the authentication IC 31 is an example of an authentication target IC, and the authentication IC 21 is an example of a supplementary IC.
從屬機器3不一定要為1台,只要可以連接到通信路24者亦可以存在有複數台。The slave device 3 does not have to be one, and as long as it can be connected to the communication path 24, there may be a plurality of stations.
在本說明書中雖說明之例是假定連接有1台之從屬機器3,但是在連接有複數台之情況時亦進行同樣之動作。In the description of the present specification, it is assumed that one slave device 3 is connected, but the same operation is performed when a plurality of slaves are connected.
認證IC31亦可以存在於通信路24上,或橫跨通信路的通路(gateway)去處,其位置條件是可以從主機器2內之演算裝置22控制的位置。The authentication IC 31 may also exist on the communication path 24 or at a gateway across the communication path, and its positional condition is a position that can be controlled from the calculation device 22 in the main unit 2.
認證IC21之位置亦不一定要為向內之通信路23,亦可以連接到主機器2上之向外之通信路24。位置條件係可以從演算裝置22控制的位置。The location of the authentication IC 21 does not have to be the inbound communication path 23, but can also be connected to the outward communication path 24 on the main unit 2. The positional condition is a position that can be controlled from the computing device 22.
第2圖表示關於本實施形態之認證IC之功能方塊圖。Fig. 2 is a functional block diagram showing the authentication IC of the present embodiment.
認證IC1在其內部具備有資料傳送接收部11、回應碼保持部12、IC固有號碼儲存部13、HASH計算邏輯部14、秘密鍵儲存區域15、和非揮發記憶區域16。The authentication IC 1 includes therein a data transmission/reception unit 11, a response code holding unit 12, an IC unique number storage unit 13, a HASH calculation logic unit 14, a secret key storage area 15, and a non-volatile memory area 16.
如第6圖所示,認證IC21和認證IC31之兩者,在機構上假定為第2圖之認證IC1。As shown in Fig. 6, both the authentication IC 21 and the authentication IC 31 are assumed to be the authentication IC 1 of Fig. 2.
另外,在認證IC21中,HASH計算邏輯部2114具有作為單向計算部之功能,和秘密鍵儲存區域2115具有作為秘密鍵記憶部之功能。Further, in the authentication IC 21, the HASH calculation logic unit 2114 has a function as a one-way calculation unit, and the secret key storage area 2115 has a function as a secret key storage unit.
以下說明第2圖之認證IC1之各個構成元件。Each constituent element of the authentication IC 1 of Fig. 2 will be described below.
資料傳送接收部11用來解譯8種之指令者,指令之發行者為主機器2上之演算裝置22。The data transfer receiving unit 11 is for interpreting eight types of instructors, and the issuer of the command is the arithmetic unit 22 on the main machine 2.
在本說明書中,以COM1至8表示指令(command)。In the present specification, commands (command) are represented by COM1 to 8.
COM1至8之內容如下所述。The contents of COM1 to 8 are as follows.
COM1是主機器2指定通信對象之指令。COM1 is an instruction for the host device 2 to specify a communication object.
在COM1指令係主機器2將通信對象之IC固有號碼輸出到通信路,保持有相同之IC固有號碼之認證IC,辨識到本身被指定。In the COM1 command system, the host device 2 outputs the IC-specific number of the communication target to the communication path, and holds the authentication IC having the same IC-specific number, and recognizes that it is specified.
被COM1指定到之認證IC,係等待下一個指令,當接收到該指令時進行依照接收到之指令之處理。The authentication IC assigned by COM1 waits for the next instruction, and when it receives the instruction, it performs processing according to the received instruction.
處理完成時認證IC解除本身被指定之辨識。When the processing is completed, the authentication IC releases itself to be identified.
主機器2在以指令指示別的處理之前,需要再度以COM1特別界定認證IC。The host device 2 needs to specifically define the authentication IC again with COM1 before instructing other processing by the instruction.
在認證IC之固有號碼不明之情況時,不能特別界定認證IC。When the unique number of the authentication IC is unknown, the authentication IC cannot be specifically defined.
因此準備有COM8指令,此係使存在於通信路上之全部認證IC將本身之固有號碼輸出到通信路上。Therefore, the COM8 command is prepared, and all the authentication ICs existing on the communication path output their own unique numbers to the communication path.
以電信號不會競爭之方式,通信路以CSMA(Carrier Sense Multiple Access)方式等之實體層面進行競爭控制。In a manner in which electrical signals do not compete, the communication path is subjected to contention control at a physical level such as a CSMA (Carrier Sense Multiple Access) method.
主機器2定期地輸出COM8指令,用來確認通信路上之認證IC之存在。The main unit 2 periodically outputs a COM8 command for confirming the existence of the authentication IC on the communication path.
COM2是接受來自主機器2之詰問碼(challenge code),執行HASH計算邏輯之指令。COM2 is a command that accepts the challenge code from the host device 2 and executes the HASH calculation logic.
計算得之HASH值被儲存在回應碼保持部12。The calculated HASH value is stored in the response code holding unit 12.
HASH計算邏輯之執行有2種,包含以鍵值和主機器側傳送之值(=詰問-回應之詰問碼)作為引數執行HASH計算邏輯之情況;和以鍵值、主機器側傳送之值及非揮發記憶區域16之值作為引數執行HASH計算邏輯之情況。There are two kinds of execution of HASH calculation logic, including the case where the key value and the value transmitted by the host side (= 诘 - 回应 回应 回应 ) ) ) 回应 回应 回应 回应 回应 回应 回应 回应 回应 回应 回应 ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; The value of the non-volatile memory region 16 is used as an argument to perform the HASH calculation logic.
其區別如下所述。The difference is as follows.
首先,主機器側在輸出COM2指令之後,將傳送到從屬機器側之值輸出到通信路24。First, the host side outputs the value transmitted to the slave machine side to the communication path 24 after outputting the COM2 command.
在立即進行HASH計算之情況時,將用以執行下一個HASH計算之預定之碼輸出到通信路24。In the case where the HASH calculation is performed immediately, the predetermined code for performing the next HASH calculation is output to the communication path 24.
或是包含有非揮發記憶區域16之值之情況時,繼COM2指令,在將傳送值輸出到從屬機器側之後,將促使利用非揮發記憶區域16的預定碼輸出到通信路24上,最後將執行HASH計算用之碼輸出到通信路24。Or if the value of the non-volatile memory area 16 is included, following the COM2 command, after the transmission value is output to the slave machine side, the predetermined code using the non-volatile memory area 16 is caused to be output to the communication path 24, and finally The code for performing the HASH calculation is output to the communication path 24.
COM3是主機器2讀出HASH計算結果用之指令。COM3 is an instruction used by the host device 2 to read the HASH calculation result.
當認證IC接收本指令時,將被儲存在回應碼保持部12之值輸出到通信路上。When the authentication IC receives this command, it outputs the value stored in the response code holding unit 12 to the communication path.
在計算未完成之情況時,輸出值0等表示預定之計算未完成之特別之值,用來對主機器2通知未完成之信息。When the calculation is not completed, the output value 0 or the like indicates a special value that the predetermined calculation is not completed, and is used to notify the host 2 of the uncompleted information.
COM4是用來使主機器將秘密鍵儲存在認證IC之指令。COM4 is an instruction for the host to store the secret key in the authentication IC.
主機器2在COM4之指令碼之後,為了將秘密鍵輸出到通信路上,使認證IC接受其值。After the command code of COM4, the host device 2 causes the authentication IC to accept its value in order to output the secret key to the communication path.
另外,亦可以成為一度設定秘密鍵後,以後不能再二度設定之機構。In addition, it can also be a mechanism that can be set twice after the secret key is set once.
或是亦可以成為下述方式之機構。Or it can be the organization of the following methods.
在出貨前利用COM4在認證IC一度地設定秘密鍵,這時無條件地採用秘密鍵之值作為秘密鍵。The secret key is once set in the authentication IC by COM4 before shipment, and the value of the secret key is unconditionally used as the secret key.
然後,在認證IC已保持有秘密鍵之情況時,主機器2在COM4之指令碼之後,將秘密鍵輸出到通信路,然後,將現在之秘密鍵之HASH值輸出到通信路。Then, when the authentication IC has kept the secret key, the host 2 outputs the secret key to the communication path after the instruction code of COM4, and then outputs the HASH value of the current secret key to the communication path.
COM5是用來使主機器2從IC固有號碼儲存部13讀出IC固有號碼之指令。The COM 5 is a command for causing the host device 2 to read the IC unique number from the IC unique number storage unit 13.
當認證IC接受到該指令時,將IC固有號碼輸出到通信路。When the authentication IC receives the instruction, the IC unique number is output to the communication path.
COM8通常由主機器發行,而COM5係使用在立即確認IC固有號碼之情況,在不能獲得COM5之回應之情況表示具有該認證IC之機器之連接被解除。COM8 is usually issued by the host device, and COM5 is used to immediately confirm the IC unique number. When the COM5 response is not obtained, the connection of the device having the authentication IC is released.
COM6是用來使主機器2傳送被儲存在非揮發記憶區域16之值時之指令。COM6 is an instruction for causing the host device 2 to transfer the value stored in the non-volatile memory area 16.
主機器在將指令碼輸出到通信路上之後,後續地輸出儲存對象位址和儲存之值,然後,輸出以儲存之值和秘密鍵作為引數的HASH計算結果之值。After outputting the instruction code to the communication path, the host device subsequently outputs the storage object address and the stored value, and then outputs the value of the HASH calculation result using the stored value and the secret key as an argument.
另外,儲存之值係設為1Byte等,預先決定之1次之傳送量。In addition, the stored value is set to 1 Byte or the like, and the transfer amount is determined in advance.
當認證IC接受到指令時,將其後之值暫時儲存,與秘密鍵一起進行HASH計算。When the authentication IC receives the instruction, the subsequent value is temporarily stored, and the HASH calculation is performed together with the secret key.
只有在HASH計算結果和主機器2所輸出之HASH值一致之情況時,才將接收到之值儲存在被指定之位址。The received value is stored in the specified address only when the HASH calculation result is consistent with the HASH value output by the host device 2.
COM7是用來使主機器2讀出被儲存在非揮發記憶區域16之值之指令。COM7 is an instruction for causing the main unit 2 to read the value stored in the non-volatile memory area 16.
主機器2在該指令之後將讀出對象之位址輸出到通信路上,接受該位址後,認證IC將被儲存在非揮發記憶區域16內之指定之位址之值輸出到通信路上。The host device 2 outputs the address of the read object to the communication path after the instruction. After accepting the address, the authentication IC outputs the value of the specified address stored in the non-volatile memory area 16 to the communication path.
與COM6同樣地讀出資料長係設為1Byte等,預先決定之1次之傳送量。In the same manner as COM6, the data length is set to 1 Byte, etc., and the amount of transmission is determined in advance.
以上為指令之說明。The above is the description of the instructions.
回應碼保持部12是至主機器2讀出回應碼為止,用來將HASH計算結果暫時儲存在認證IC內之區域。The response code holding unit 12 is an area for temporarily storing the HASH calculation result in the authentication IC until the host device 2 reads the response code.
當從主機器2經由資料傳送接收部11讀取一度之值時,清除該值成為零。When the value of one degree is read from the host device 2 via the material transfer receiving unit 11, the value is cleared to become zero.
其理由是為了做成使主機器2以外之第三者在任意之時序試圖進行值之讀出時,亦不能讀出。The reason is that the third party other than the host device 2 cannot read the value when attempting to read the value at an arbitrary timing.
IC固有號碼儲存部13用來儲存IC固有號碼。The IC unique number storage unit 13 is used to store the IC unique number.
IC固有號碼是該IC之製造時分配給該IC之序號,該IC之製造者保證該號碼是世上惟一之號碼。The IC unique number is the serial number assigned to the IC at the time of manufacture of the IC, and the manufacturer of the IC guarantees that the number is the only number in the world.
HASH計算邏輯部14是用以進行詰問-回應等之HASH計算之機構。The HASH calculation logic unit 14 is a mechanism for performing HASH calculation such as challenge-response.
在進行認證者彼此間只要組裝相同之函數,則被組裝之HASH函數可以為任意之函數。The assembled HASH function can be any function as long as the certifiers assemble the same function with each other.
亦即,第1圖之認證IC21和認證IC31在機構上為認證IC1,具備有相同之HASH計算邏輯部。That is, the authentication IC 21 and the authentication IC 31 in Fig. 1 are the authentication IC 1 and have the same HASH calculation logic unit.
秘密鍵儲存區域15為用來儲存秘密鍵之區域。The secret key storage area 15 is an area for storing secret keys.
需要成為不能從外部讀出被儲存之值,因此不回應來自外部之讀出要求。It is necessary to be able to read out the stored value from the outside, and therefore does not respond to the read request from the outside.
秘密鍵之儲存依照指令COM4所述之動作進行。The storage of the secret key is performed in accordance with the action described in the instruction COM4.
非揮發記憶區域16是用來儲存附隨在從屬機器3之資訊之區域,最好可以儲存任意之值。The non-volatile memory area 16 is an area for storing information accompanying the slave machine 3, and it is preferable to store any value.
以下說明非揮發記憶區域16之一利用例。An example of utilization of the nonvolatile memory region 16 will be described below.
在將該IC1使用在印表機碳粉(toner)之防止倣造品之對策之情況時,印表機為主機器,碳粉為從屬機器。When the IC1 is used in the countermeasure against counterfeit products of the printer toner, the printer is the main machine, and the toner is the slave.
在利用此種方式之情況時,一般是將碳粉之使用次數等儲存在非揮發記憶區域16。In the case of using such a method, the number of times of use of the toner or the like is generally stored in the non-volatile memory region 16.
其次以第3圖表示主機器2之演算裝置22之內部構造例。Next, an internal configuration example of the arithmetic unit 22 of the main unit 2 will be described with reference to FIG.
控制部221進行演算裝置22全體之控制。The control unit 221 performs overall control of the calculation device 22.
通信部222從從屬機器3之認證IC31接收被預先儲存在認證IC31之IC固有號碼(認證對象IC固有值)、和被預先儲存在認證IC31之比對用之HASH值(認證對象IC比對值)。The communication unit 222 receives, from the authentication IC 31 of the slave device 3, the IC unique number (the authentication target IC unique value) stored in advance in the authentication IC 31 and the HASH value (the authentication target IC comparison value) for comparison with the authentication IC 31. ).
另外,由通信部222發行上述之COM1至COM8。Further, the COM1 to COM8 described above are issued by the communication unit 222.
判定部223係對由通信部222所接收到之HASH值和由認證IC21之HASH計算邏輯部2114所算出之HASH值(算出值)進行比對,用來判定兩者是否一致。The determination unit 223 compares the HASH value received by the communication unit 222 with the HASH value (calculated value) calculated by the HASH calculation logic unit 2114 of the authentication IC 21, and determines whether or not the two match.
亦即,認證IC21之HASH計算邏輯部2114對被儲存在秘密鍵儲存區域2115之秘密鍵、和由通信部222所接收到之認證IC31之IC固有號碼進行HASH計算(單向計算),用來算出HASH值,判定部223對接收自認證IC31之HASH值和由認證IC21之HASH計算邏輯部2114所算出之HASH值進行比對。That is, the HASH calculation logic unit 2114 of the authentication IC 21 performs HASH calculation (one-way calculation) on the secret key stored in the secret key storage area 2115 and the IC-specific number of the authentication IC 31 received by the communication unit 222, and is used for The HASH value is calculated, and the determination unit 223 compares the HASH value received from the authentication IC 31 with the HASH value calculated by the HASH calculation logic unit 2114 of the authentication IC 21.
res1(224)是用來儲存由認證IC21之HASH計算邏輯部2114所算出之HASH值之暫存器。Res1 (224) is a register for storing the HASH value calculated by the HASH calculation logic unit 2114 of the authentication IC 21.
res1(225)是用來儲存接收自認證IC31之HASH值之暫存器。Res1 (225) is a register for storing the HASH value received from the authentication IC 31.
第4圖和第5圖表示主機器2認證從屬機器3之動作。4 and 5 show the operation of the host device 2 to authenticate the slave device 3.
在本實施形態中,將主機器2對從屬機器3之認證分成2個階段。In the present embodiment, the authentication of the slave device 2 by the host device 2 is divided into two stages.
首先,依照第4圖確認認證IC31為確實之正規品出貨時之IC,然後,依照第5圖進行詰問-回應認證。First, in accordance with FIG. 4, it is confirmed that the authentication IC 31 is an IC at the time of shipment of a genuine product, and then the challenge-response authentication is performed in accordance with FIG.
第4圖和第5圖之動作是在主機器2於通信路24上檢測到有新的從屬機器3時,進行1次。The operations of Figs. 4 and 5 are performed once when the host device 2 detects that a new slave device 3 is present on the communication path 24.
在第4圖首先係設成在正規品之主機器2和從屬機器3儲存出貨時點之秘密鍵,和在存在於從屬機器3之認證IC31之內部之非揮發記憶區域3116儲存以該IC之固有號碼之值和秘密鍵作為引數之HASH值。In the fourth drawing, first, the secret keys of the main unit 2 and the slave machine 3 of the regular product are stored, and the non-volatile memory area 3116 existing inside the authentication IC 31 of the slave machine 3 is stored in the IC. The value of the unique number and the secret key are used as the HASH value of the argument.
為著說明之方便,將第4圖之動作稱為認證第1階段,將第5圖之動作稱為認證第2階段。For the convenience of explanation, the operation of FIG. 4 is referred to as the first stage of authentication, and the operation of FIG. 5 is referred to as the second stage of authentication.
認證第1階段是與詰問-回應認證無關之處理,認證第2階段是詰問-回應認證其本身。The first phase of certification is a process that is not related to the challenge-response certification. The second phase of the certification is the challenge-response to the certification itself.
需要認證第1階段之理由如後面所述。The reasons for the need to authenticate Phase 1 are described later.
下面說明第4圖之認證第1階段之動作。The operation of the first stage of the authentication in Fig. 4 will be described below.
另外,第4圖和第5圖之動作之主體均為主機器上之演算裝置22,依照由演算裝置22之通信部222所發出之各種指令,驅動認證IC21和認證IC31。Further, the main operations of the operations of Figs. 4 and 5 are the arithmetic unit 22 on the main unit, and the authentication IC 21 and the authentication IC 31 are driven in accordance with various commands issued by the communication unit 222 of the arithmetic unit 22.
在檢測到新的從屬機器之主機器2,通信部222讀出存在於檢測到之從屬機器3上之認證IC31之IC固有號碼,以該值作為詰問碼,將其傳送到主機器2內之認證IC21。Upon detecting the host device 2 of the new slave device, the communication unit 222 reads the IC unique number of the authentication IC 31 existing on the detected slave device 3, and transmits the value to the host device 2 using the value as the challenge code. Certification IC21.
在認證IC21,以詰問碼之認證IC31之IC固有號碼之值和秘密鍵作為引數,在HASH計算邏輯部2114執行詰問-回應處理,用來獲得HASH計算結果。In the authentication IC 21, the value of the IC unique number of the authentication IC 31 and the secret key are used as arguments, and the HASH calculation logic unit 2114 performs an inquiry-response process for obtaining the HASH calculation result.
在演算裝置22,通信部222接受來自認證IC21之回應碼(HASH計算值)。In the calculation device 22, the communication unit 222 receives the response code (HASH calculation value) from the authentication IC 21.
其次,通信部222讀出被預先儲存在認證IC31內之非揮發記憶區域3116之HASH值。Next, the communication unit 222 reads the HASH value of the non-volatile memory area 3116 which is stored in advance in the authentication IC 31.
認證IC31內之非揮發記憶區域3116內之HASH值是出貨時被預先儲存之值,在判定部223對先前由認證IC21獲得之回應碼(HASH計算值)和接收自認證IC31之HASH值進行比較。The HASH value in the non-volatile memory area 3116 in the authentication IC 31 is a value stored in advance at the time of shipment, and the determination unit 223 performs the response code (HASH calculation value) previously obtained by the authentication IC 21 and the HASH value received from the authentication IC 31. Comparison.
在兩者為一致之情況時,使認證第1階段之處理結束,進行認證第2階段之處理。When the two are identical, the processing of the first stage of the authentication is completed, and the processing of the second stage of the authentication is performed.
另外一方面,在兩者為不一致之情況時,成為檢測到倣造品,不利用該從屬機器。On the other hand, when the two are inconsistent, the counterfeit product is detected, and the slave device is not used.
下面說明第5圖之認證第2階段之動作。Next, the action of the second stage of the authentication in Fig. 5 will be described.
如先前所述,認證第2階段實施所謂之詰問-回應認證。As mentioned earlier, Phase 2 of the certification implements the so-called challenge-response certification.
在演算裝置22,判定部223產生作為詰問碼之亂數值,通信部222將詰問碼傳送到主機器2上之認證IC21和從屬機器3上之認證IC31之雙方。In the calculation device 22, the determination unit 223 generates a random number as a challenge code, and the communication unit 222 transmits the challenge code to both the authentication IC 21 on the host device 2 and the authentication IC 31 on the slave device 3.
在認證IC21和認證IC31互相為了計算回應碼,取得兩者之回應碼並進行比對,假如為相等之值時可以判斷新連接之從屬機器3為正規品。In order to calculate the response code, the authentication IC 21 and the authentication IC 31 obtain the response codes of the two and compare them. If they are equal values, it can be judged that the newly connected slave devices 3 are regular products.
在認證第2階段,在二者之回應碼不同之情況時,若在通信路23或通信路24沒有資料破壞,則只有一種情況為秘密鍵不一致。In the second stage of authentication, if there is no data corruption in the communication path 23 or the communication path 24 when the response codes of the two are different, there is only one case where the secret key is inconsistent.
在認證第1階段,確認秘密鍵之值之正確度,和認證IC本身是否為正規品出貨時之正規品。In the first stage of certification, the correctness of the value of the secret key is confirmed, and whether the authentication IC itself is a regular product at the time of shipment of the regular product.
其理由是為著進行物理式或邏輯式之機器認證。The reason is for physical or logical machine certification.
詰問-回應認證是以互相具有共用有之秘密鍵的正確度來認證對象之方式,但是侷限在邏輯式計算,與物理資訊無相關性。Question-response authentication is a method of authenticating objects with the correctness of each other's secret keys, but is limited to logical calculations and has no correlation with physical information.
因此,假如侵犯者具有正規品之主機器和倣造品之從屬機器,將正規品主機器上之認證IC替換為保持初始狀態之市售品認證IC,和在倣造品之從屬機器亦同樣地,安裝初始狀態之市售品認證IC。Therefore, if the infringer has a slave machine of a regular product and a counterfeit product, the authentication IC on the regular product main unit is replaced with the commercial product authentication IC that maintains the initial state, and the slave device of the counterfeit product is also the same. Ground, install the commercial certification IC in the initial state.
亦即,在第1圖之構造中,設成認證IC21和認證IC31為市售品購入時之初始狀態。That is, in the configuration of Fig. 1, it is assumed that the authentication IC 21 and the authentication IC 31 are in an initial state at the time of purchase of a commercial product.
當只以此條件實施詰問-回應認證時,認證侷限在邏輯資訊,在主機器側和從屬機器側均是秘密鍵在初始值之狀態為一致,使認證成立。When the challenge-response authentication is performed only by this condition, the authentication is limited to the logical information, and the secret key is consistent in the initial value on both the host side and the slave side, so that the authentication is established.
因此,為了使認證與物理資訊具有相關性,以防止在認證IC之交換造成可以利用倣造品,需要實施認證第1階段。Therefore, in order to make the authentication and physical information relevant, in order to prevent the use of counterfeit goods in the exchange of authentication ICs, it is necessary to implement the first stage of certification.
如上所述,當主機器2檢測到有新的從屬機器3之連接時,演算裝置22依照第4圖和第5圖進行從屬機器之認證處理。As described above, when the host device 2 detects the connection of the new slave device 3, the arithmetic device 22 performs the authentication process of the slave device in accordance with FIGS. 4 and 5.
在一連串之動作中,主機器2上之認證IC21係在進行秘密鍵之保持和HASH演算之執行之意義上具有重要之任務。In a series of actions, the authentication IC 21 on the main unit 2 has an important task in the sense of performing the maintenance of the secret key and the execution of the HASH calculation.
因此,主機器2在電源投入時,確認自己所具有之認證IC21之正當性,在取得確認之階段成為正常運用狀態,在每次檢測到有新的從屬機器3之連接時,需要進行依照第4圖和第5圖之認證處理之動作。Therefore, when the power source is turned on, the host device 2 confirms the legitimacy of the authentication IC 21 that it has, and becomes a normal operation state at the stage of obtaining the confirmation. Whenever a connection of the new slave device 3 is detected, it is necessary to perform the following. The actions of the authentication process in Figure 4 and Figure 5.
其次說明在主機器2上確認自己所具有之認證IC21之正當性之動作。Next, the operation of confirming the legitimacy of the authentication IC 21 possessed by the host device 2 will be described.
第7圖用來說明主機器2上之認證IC21之認證動作。Fig. 7 is a diagram for explaining the authentication operation of the authentication IC 21 on the main unit 2.
先前所述之第4圖和第5圖,亦即主機器2進行從屬機器3之認證之動作是以主機器2上之認證IC21為正確之正規品作為前提,進行從屬機器3上之認證IC31之認證動作。4 and 5 of the foregoing, that is, the authentication operation of the slave device 3 by the host device 2 is based on the premise that the authentication IC 21 on the host device 2 is the correct regular product, and the authentication IC 31 on the slave device 3 is performed. The certification action.
與該動作比較時,在主機器2上之認證IC21之認證是在該時點不存在有可以擔保為正規品(亦即,主機器-從屬機器間認證之認證IC21)之情形。When compared with this action, the authentication of the authentication IC 21 on the host device 2 does not exist at this point in time when there is no authentication IC 21 that can be guaranteed to be a regular product (that is, the master-sub-machine-to-machine authentication).
因此,與第4圖亦即與認證第1階段同樣地,在認證IC21之非揮發記憶區域2116,也於出貨時預先儲存HASH值。Therefore, similarly to the fourth stage, that is, in the non-volatile memory area 2116 of the authentication IC 21, the HASH value is stored in advance at the time of shipment.
該HASH值仍然與認證第1階段同樣地,以將秘密鍵和認證IC21之IC固有號碼之值作為引數而得的HASH值,並在裝置出貨時予以儲存。The HASH value is stored in the same manner as the first stage of the authentication, and the HASH value obtained by taking the value of the secret key and the IC-specific number of the authentication IC 21 as an argument is stored at the time of shipment of the device.
認證IC21之認證動作大致上與第4圖所述之認證第1階段相同,其不同之點是主機器2之認證對象為主機器2上之認證IC21。The authentication operation of the authentication IC 21 is substantially the same as the first phase of the authentication described in FIG. 4, and the difference is that the authentication target of the host device 2 is the authentication IC 21 on the master device 2.
演算裝置22之通信部222首先從認證IC21接受IC固有號碼之值(補助IC固有值),將該值作為詰問碼輸入到認證IC21,用來獲得回應碼(補助IC算出值)。The communication unit 222 of the calculation device 22 first receives the value of the IC-specific number (subsidized IC-specific value) from the authentication IC 21, and inputs the value as an inquiry code to the authentication IC 21 to obtain a response code (subsidized IC calculation value).
另一方面,在認證IC21之非揮發記憶區域2116預先儲存有HASH值(補助IC比對值),演算裝置22之通信部222讀出該HASH值,判定部223使其與先前獲得之回應碼進行比對。On the other hand, in the non-volatile memory area 2116 of the authentication IC 21, the HASH value (subsidized IC comparison value) is stored in advance, and the communication unit 222 of the calculation device 22 reads the HASH value, and the determination unit 223 makes the response code obtained previously. Compare.
若為出貨時之認證IC21,則因為IC固有號碼之值不變,所以應可獲得相同之HASH值。In the case of the certification IC 21 at the time of shipment, since the value of the IC unique number does not change, the same HASH value should be obtained.
因此若該值一致時就轉移到正常運用狀態,在不是一致之情況變成檢測到認證IC之更換,不進行認證IC21之認證。Therefore, if the values match, the operation is shifted to the normal operation state, and when the values are not identical, the replacement of the authentication IC is detected, and the authentication of the authentication IC 21 is not performed.
假如侵犯者以市售品IC更換認證IC21之情況時,因為可以讀出原來之認證IC之非揮發記憶區域之值,所以可以將讀出之值儲存在更換後之認證IC。If the infringer replaces the authentication IC 21 with the commercial IC, since the value of the non-volatile memory area of the original authentication IC can be read, the read value can be stored in the replaced authentication IC.
但是因為IC固有號碼不相同,所以HASH計算結果與被儲存在非揮發記憶區域2116之值不同。However, since the IC unique numbers are not the same, the HASH calculation result is different from the value stored in the non-volatile memory area 2116.
在第7圖所述之認證IC21之正當性之認證動作,使用被儲存在認證IC21本身之HASH值、和該認證IC21本身所計算而輸出之值。The authentication operation of the authentication IC 21 described in FIG. 7 uses the HASH value stored in the authentication IC 21 itself and the value calculated by the authentication IC 21 itself.
製造倣造品之侵犯者只要在使用第2圖所述之市售品之認證IC時,可以在第7圖確認正當性,但是在該IC之更換,若安裝某種使相同之值送回COM3和COM7之雙方的裝置,即會使第7圖之認證成立。The infringer who manufactures the counterfeit product can confirm the legitimacy in Figure 7 when using the certification IC of the commercial product described in Figure 2, but in the replacement of the IC, if the installation is performed, the same value is returned. The device of both COM3 and COM7 will make the authentication of Figure 7 establish.
但是在此種情況,這時在與從屬機器3之間進行認證之時點就不會進行正確之動作。However, in this case, at this time, the correct operation is not performed at the time of authentication with the slave device 3.
亦即,因為正規之從屬機器不能連接到倣造之主機器,所以結果是在此種情況亦可以使防止倣造品之對策成立。That is, since the normal slave machine cannot be connected to the counterfeit main machine, the result is that the countermeasure against the counterfeit product can be established in this case.
如此,依照本實施形態,在認證IC只使用從屬機器用IC的廉價之構造,即可以在從外部能夠觀測之場所不放置秘密鍵就能實現防止倣造品之對策。As described above, according to the present embodiment, the authentication IC uses only the inexpensive structure of the slave device IC, that is, the countermeasure against the counterfeit product can be realized without placing the secret key in a place that can be observed from the outside.
另外,依照本實施形態時,即使主機器和從屬機器之雙方之認證IC被更換亦可以實現防止倣造品之對策,因此可以防止利用零件之更換規避認證機構。Further, according to the present embodiment, even if the authentication ICs of both the host device and the slave device are replaced, countermeasures against the counterfeit product can be realized. Therefore, it is possible to prevent the use of the replacement of the parts to avoid the certification mechanism.
另外,主機器上之認證IC是被確實正規安裝者、且為出貨時安裝之認證IC,亦即認證IC之正當性具有重要之意義,而依照本實施形態時,更可以認證主機器上之認證IC之正當性。In addition, the authentication IC on the host device is a certified IC that is installed by a regular installer and is installed at the time of shipment, that is, the legitimacy of the authentication IC is of great significance, and according to the embodiment, it is possible to authenticate the host device. The legitimacy of the certification IC.
以上說明之機構是在本實施形態中,只使用未具有特別功能之比較廉價之認證IC,來實現秘密鍵不會洩漏之防止倣造品之對策。In the above-described embodiment, in the present embodiment, only a relatively inexpensive authentication IC that does not have a special function is used, and countermeasures against the counterfeit product in which the secret key does not leak are realized.
更具體說明時,在主機器和從屬機器之雙方,在主機器上從管理整體系統之演算裝置可進行控制之位置,具備有認證IC,該認證IC是具備有資料傳送接收部、回應碼保持部、IC固有號碼、HASH計算邏輯、秘密鍵儲存區域、和非揮發記憶區域之機構。More specifically, both the host device and the slave device are provided with a certification IC from the host computer that controls the overall system calculation device, and the authentication IC has a data transmission/reception unit and a response code hold. Department, IC unique number, HASH calculation logic, secret key storage area, and non-volatile memory area.
另外,所說明之防止倣造品之對策之方式是在認證IC之非揮發記憶區域,於出貨時預先儲存以秘密鍵和IC固有號碼作為引數之HASH計算結果,在運用時當主機器每次檢測到新的從屬機器時,利用從屬機器之IC固有號碼和秘密鍵,在主機器之認證IC再度進行該HASH計算,並從從屬機器之認證IC之內部所具備之非揮發記憶區域讀出出貨時儲存之HASH值,且以再計算之HASH值和讀出之HASH值是否一致,來認證從屬機器是否為正規品。In addition, the method for preventing the counterfeit product is described in the non-volatile memory area of the authentication IC, and the HASH calculation result using the secret key and the IC unique number as an argument is stored in advance at the time of shipment, and the host device is used at the time of operation. Each time a new slave device is detected, the HICA calculation is performed again by the authentication IC of the slave device using the IC-specific number and the secret key of the slave device, and is read from the non-volatile memory area of the authentication IC of the slave device. The HASH value stored at the time of shipment, and whether the recalculated HASH value and the read HASH value are consistent, to verify whether the slave machine is a regular product.
另外,在所說明之上述防止倣造品之對策之方式更包含之方式是可認證主機器上之認證IC為的確是正規安裝者、且為出貨時安裝之認證IC,亦即可以認證該認證IC之正當性。Further, the method for preventing the counterfeit product described above further includes means for authenticating the authentication IC on the host device to be a regular installer and installing the authentication IC at the time of shipment, that is, the authentication can be performed. The legitimacy of the certification IC.
另外,所說明者是透過上述防止倣造品之對策,即使是主機器和從屬機器之雙方之認證IC係經更換,亦可以成為防止倣造品之對策,因此可以防止利用零件之更換來規避認證機構。In addition, the above-described countermeasures for preventing counterfeit products can prevent the counterfeit products from being replaced even if the authentication ICs of both the main unit and the slave devices are replaced. Therefore, it is possible to prevent the replacement of the parts by means of the parts. Certification body.
當在主機器2上存在有認證IC21之IC固有號碼以外之固有號碼之情況時、且在認證IC21內之非揮發記憶區域2116可儲存有2種之HASH值之情況時,可以強化認證第7圖所述之主機器上之認證IC21之步驟。When there is a unique number other than the IC-specific number of the authentication IC 21 on the host device 2, and the non-volatile memory area 2116 in the authentication IC 21 can store two kinds of HASH values, the authentication can be enhanced. The steps of the authentication IC 21 on the host device shown in the figure.
該處理以第8圖和第9圖表示。This processing is shown in Figs. 8 and 9.
在本實施形態中,由於認證主機器2上之認證IC21之正當性之處理為以2個階段構成,所以將第8圖稱為認證第1階段,將第9圖稱為認證第2階段。In the present embodiment, since the process of authenticating the authentication IC 21 on the authentication host device 2 is configured in two stages, the eighth picture is referred to as the first stage of authentication, and the ninth picture is referred to as the second stage of authentication.
另外,在第4圖和第5圖亦使用有認證第1階段、認證第2階段之術語,但是上述第4圖、第5圖是主機器2和從屬機器3間之認證,第8圖和第9圖是主機器2上之認證IC21之認證,因此意義不同。In addition, in the fourth and fifth figures, the terms of the first stage of certification and the second stage of certification are also used, but the fourth and fifth figures above are the authentication between the main unit 2 and the slave machine 3, Fig. 8 and Fig. 9 is the authentication of the authentication IC 21 on the main unit 2, and therefore has different meanings.
另外,第8圖是與第7圖相同之處理,在其後進行第9圖。In addition, Fig. 8 is the same processing as Fig. 7, and Fig. 9 is performed thereafter.
另外,亦可以先進行第9圖之認證第2階段,再進行第8圖之認證第1階段。In addition, the second stage of the certification of Fig. 9 may be performed first, and the first stage of the certification of Fig. 8 may be performed.
在認證第1階段和認證第2階段之雙方必需認證為正當,即使在一方之階段被認證,而在另外一方之階段未被認證時,該認證IC21即為不正當。In both the first phase of the certification and the second phase of the certification, it is necessary to be authenticated. Even if it is authenticated at one stage and not certified at the other stage, the certification IC 21 is improper.
另外,本實施形態所假定之裝置構造以第10圖表示,認證IC之構造以第11圖表示。In addition, the structure of the device assumed in the present embodiment is shown in Fig. 10, and the structure of the authentication IC is shown in Fig. 11.
另外,演算裝置22之構造,與第3圖相同。The structure of the calculation device 22 is the same as that of Fig. 3.
第10圖所述之ASIC 25不一定要為ASIC(Application Specific Integrated Circuit),只要具有固有號碼251亦可以使用認證IC21以外之機構。The ASIC 25 described in FIG. 10 does not have to be an ASIC (Application Specific Integrated Circuit), and a mechanism other than the authentication IC 21 can be used as long as it has the unique number 251.
另外,ASIC 25之位置不一定要在通信路24上,只要演算裝置22可以取得固有號碼251之值即可。Further, the position of the ASIC 25 does not have to be on the communication path 24, and the calculation device 22 can acquire the value of the unique number 251.
固有號碼251是備份固有值之例,ASIC 25是備份固有值記憶部之例。The unique number 251 is an example of a backup unique value, and the ASIC 25 is an example of a backup unique value memory unit.
第11圖是與第2圖同樣之認證IC21,可以利用作為非揮發記憶區域2116之2個區域#1和#2,演算裝置22係藉由指定對非揮發記憶區域2116之存取對象位址,可以用來區別對#1或#2之存取。11 is an authentication IC 21 similar to FIG. 2, which can be used as two areas #1 and #2 of the non-volatile memory area 2116, and the arithmetic unit 22 specifies the access object address of the non-volatile memory area 2116. Can be used to distinguish access to #1 or #2.
在第11圖之非揮發記憶區域#1(21161)和非揮發記憶區域#2(21162)儲存在出貨時預先設定之HASH值。兩者為不同之HASH值。The non-volatile memory area #1 (21161) and the non-volatile memory area #2 (21162) in Fig. 11 store the HASH value preset at the time of shipment. Both are different HASH values.
首先,在非揮發記憶區域#1(21161),與第7圖同樣地,儲存以認證IC21之IC固有號碼和秘密鍵作為引數的HASH計算之結果。First, in the non-volatile memory area #1 (21161), as in the seventh figure, the result of the HASH calculation using the IC-specific number and the secret key of the authentication IC 21 as an argument is stored.
其次,在非揮發記憶區域#2(21162),儲存以ASIC之固有號碼251和秘密鍵作為引數的HASH計算之結果(備份比對值)。Next, in the non-volatile memory area #2 (21162), the result of the HASH calculation using the unique number 251 of the ASIC and the secret key as an argument (backup comparison value) is stored.
下面進行第8圖之說明。The description of Fig. 8 will be made below.
認證第1階段與第7圖幾乎相同,只有利用COM7讀出非揮發記憶區域#1(21161)之部分不同。The first stage of the authentication is almost the same as the seventh drawing, and only the portion of the non-volatile memory area #1 (21161) is read by COM7.
但是儲存之值係與儲存在第7圖之非揮發記憶區域之值相同。However, the stored value is the same as the value stored in the non-volatile memory area of Figure 7.
在第8圖之認證第1階段若HASH值一致時,就轉移到第2圖之認證第2階段。In the first stage of the authentication in Fig. 8, if the HASH values match, the process proceeds to the second stage of the authentication in Fig. 2.
下面進行第9圖之說明。The description of Fig. 9 is made below.
在第8圖之認證第1階段,認證IC21若為第2圖所述之認證IC,就成為可以充分認證屬於出貨時之IC,但是因為是自己認證,所以也許是與第2圖所述之IC不同之機構。In the first stage of the authentication in Fig. 8, if the authentication IC 21 is the authentication IC described in Fig. 2, it is possible to sufficiently authenticate the IC at the time of shipment. However, since it is self-certified, it may be as described in Fig. 2. Different ICs.
因此,對認證IC21本身利用與自己無關之ASIC25之固有號碼251計算HASH值。Therefore, the authentication IC 21 itself calculates the HASH value using the unique number 251 of the ASIC 25 which is not related to itself.
在演算裝置22,通信部222將ASIC25之固有號碼251作為詰問碼輸入到認證IC21,接收對於固有號碼251和秘密鍵之HASH值(備份算出值)作為回應,將接收信到之回應保持在演算裝置22之暫存器。In the calculation device 22, the communication unit 222 inputs the unique number 251 of the ASIC 25 as the challenge code to the authentication IC 21, receives the HASH value (backup calculation value) for the unique number 251 and the secret key, and keeps the response of the received message in the calculation. A register of device 22.
然後,通信部222讀出預先儲存在非揮發記憶區域#2(21162)之HASH值(備份比對值),判定部223對先前之回應(備份算出值)和來自非揮發記憶區域#2(21162)之HASH值(備份比對值)進行比較。Then, the communication unit 222 reads out the HASH value (backup comparison value) stored in advance in the non-volatile memory area #2 (21162), and the determination unit 223 responds to the previous (backup calculated value) and from the non-volatile memory area #2 ( 21162) The HASH value (backup comparison value) is compared.
兩者若一致時,判定部223就判斷認證IC21為正當。When the two match, the determination unit 223 determines that the authentication IC 21 is legitimate.
在單純地使COM3和COM7之回應成為相同之機構,侵犯者不能應付二階段之認證,而且使用主機器上之認證IC21以外之資訊(固有號碼251),所以不可能從別的主機器將認證IC拆下,利用不正當之修理進行流用。In the case of simply making the responses of COM3 and COM7 the same, the aggressor cannot cope with the second-stage authentication, and uses information other than the authentication IC21 on the host device (inherent number 251), so it is impossible to authenticate from another host device. The IC is removed and used for improper repair.
如此,依照本實施形態時,在主機器上之認證IC以外之機構具有某種之固有號碼之情況時,透過使用其可以強化認證主機器上之認證IC之正當性之方式。As described above, according to the present embodiment, when the mechanism other than the authentication IC on the host device has a certain unique number, the method of authenticating the authentication IC on the authentication host can be enhanced by using it.
以上已說明本實施形態中之認證主裝置之認證IC之正當性之方式。The manner in which the authentication IC of the authentication master device is justified in the present embodiment has been described above.
更具體而言,所說明之方式是當在主機器上存在有認證IC之IC固有號碼以外之固有號碼、且在認證IC內之非揮發記憶區域可以儲存2種之HASH值之情況時,可以強化認證之強度。More specifically, the method described above may be such that when there is a unique number other than the IC-specific number of the authentication IC on the host device, and the non-volatile memory area in the authentication IC can store two kinds of HASH values, Strengthen the strength of certification.
另外,該方式是利用依照認證IC之IC固有號碼之認證、和依照主機器上之固有號碼之認證之2個階段,用來認證主機器上之認證IC之正當性。In addition, this method is used to authenticate the authenticity of the authentication IC on the host computer by using two stages of authentication according to the IC-specific number of the authentication IC and authentication according to the unique number on the host device.
在以上之實施形態1和實施形態2中是說明使用認證IC21之例,但是在本實施形態中是說明不使用認證IC21進行從屬機器之認證之構造。In the first embodiment and the second embodiment, the example in which the authentication IC 21 is used is described. However, in the present embodiment, the configuration in which the authentication IC 21 is not used to authenticate the slave device will be described.
第12圖表示本實施形態之主機器2之構造例。Fig. 12 is a view showing an example of the structure of the main unit 2 of the embodiment.
另外,從屬機器3之構造如第1圖所示,和認證IC31之構造如第2圖和第6圖所示。Further, the configuration of the slave device 3 is as shown in Fig. 1, and the configuration of the authentication IC 31 is as shown in Figs. 2 and 6.
在第12圖中,其控制部221、通信部222、判定部223、res1(224)、res2(225)與第3圖所示者相同,所以將其說明省略。In Fig. 12, the control unit 221, the communication unit 222, the determination unit 223, the res1 (224), and the res2 (225) are the same as those shown in Fig. 3, and therefore their description will be omitted.
秘密鍵記憶部226具有與認證IC21之秘密鍵儲存區域2115同樣之功能。The secret key storage unit 226 has the same function as the secret key storage area 2115 of the authentication IC 21.
亦即,秘密鍵記憶部226記憶有與從屬機器3之認證IC31秘密共用之秘密鍵。That is, the secret key storage unit 226 stores a secret key that is secretly shared with the authentication IC 31 of the slave device 3.
另外,HASH計算邏輯部227具有與認證IC21之HASH計算邏輯部2114同樣之功能。Further, the HASH calculation logic unit 227 has the same function as the HASH calculation logic unit 2114 of the authentication IC 21.
亦即,HASH計算邏輯部227使用與認證IC31之HASH計算邏輯部3114相同之HASH函數進行HASH計算。That is, the HASH calculation logic unit 227 performs the HASH calculation using the same HASH function as the HASH calculation logic unit 3114 of the authentication IC 31.
另外,HASH計算邏輯部227為單向計算部之例。Further, the HASH calculation logic unit 227 is an example of a one-way calculation unit.
本實施形態之演算裝置22之動作是在演算裝置22內進行實施形態1之認證IC21之動作,除了此點之外與實施形態1相同。The operation of the calculation device 22 of the present embodiment is the same as that of the first embodiment except that the operation of the authentication IC 21 of the first embodiment is performed in the calculation device 22.
亦即,在認證第1階段,通信部222從從屬機器3之認證IC31讀出認證IC31之IC固有號碼,將該值作為詰問碼傳送到HASH計算邏輯部227,在HASH計算邏輯部227,以認證IC31之IC固有號碼之值和秘密鍵記憶部226之秘密鍵作為引數,進行HASH計算,用來獲得HASH計算值。In other words, in the first stage of the authentication, the communication unit 222 reads the IC-specific number of the authentication IC 31 from the authentication IC 31 of the slave device 3, and transmits the value as the challenge code to the HASH calculation logic unit 227, and the HASH calculation logic unit 227 The value of the IC unique number of the authentication IC 31 and the secret key of the secret key storage unit 226 are used as arguments to perform HASH calculation for obtaining the HASH calculation value.
其次,通信部222讀出預先被儲存在認證IC31內之非揮發記憶區域3116之HASH值。Next, the communication unit 222 reads out the HASH value of the non-volatile memory area 3116 stored in advance in the authentication IC 31.
然後,在判定部223對利用HASH計算邏輯部227獲得之回應碼(HASH計算值)、和從認證IC31接收到之HASH值進行比較。Then, the determination unit 223 compares the response code (HASH calculation value) obtained by the HASH calculation logic unit 227 with the HASH value received from the authentication IC 31.
在該兩者一致之情況時,使認證第1階段之處理結束,進行認證第2階段之處理。When the two are the same, the processing of the first stage of the authentication is completed, and the processing of the second stage of the authentication is performed.
另一方面,在兩者不一致之情況時,變成檢測到倣造品,不利用該從屬機器。On the other hand, when the two do not match, the counterfeit product is detected and the slave device is not used.
在認證第2階段,判定部223產生作為詰問碼之亂數值,通信部222將詰問碼傳送給HASH計算邏輯部227和從屬機器3上之認證IC31之雙方。In the second stage of authentication, the determination unit 223 generates a random number as the challenge code, and the communication unit 222 transmits the challenge code to both the HASH calculation logic unit 227 and the authentication IC 31 on the slave device 3.
在HASH計算邏輯部227和認證IC31分別計算回應碼,因此取得兩者之回應碼並進行比對,若為相等之值,則可以判斷新連接之從屬機器3為正規品。The HASH calculation logic unit 227 and the authentication IC 31 respectively calculate the response code, and thus obtain the response codes of the two and perform comparison. If they are equal values, it can be determined that the newly connected slave device 3 is a regular product.
在實施形態3中,不使用如實施形態1和2之方式之認證IC21,利用演算裝置之S/W組裝判斷從屬機器之正當性。In the third embodiment, the authentication IC 21 of the first embodiment and the second embodiment is not used, and the authenticity of the slave device is determined by the S/W assembly of the arithmetic device.
如上述之方式,在S/W組裝之情況時,在主機器側雖有從除錯I/O被觀測記憶資料而洩漏秘密鍵之值的可能性,假如設有用以防止此種秘密鍵之洩漏之機構時,如本實施形態之方式,即使不利用認證IC21亦可以判斷從屬機器之正當性。As described above, in the case of S/W assembly, there is a possibility that the value of the secret key is leaked from the memory of the debug I/O on the host side, provided that the secret key is provided. In the case of the leaking mechanism, as in the embodiment, the legitimacy of the slave device can be determined without using the authentication IC 21.
以上已說明本實施形態中之未使用認證IC21之判斷從屬機器3之正當性之構造。The structure for judging the legitimacy of the slave device 3 in the unused authentication IC 21 in the present embodiment has been described above.
最後說明實施形態1至3所示之主機器2之硬體構造例。Finally, an example of the hardware configuration of the main unit 2 shown in the first to third embodiments will be described.
主機器2如第1圖等所示,只要是包含演算裝置22之裝置即可,除了上述之印表機外亦可以設想為個人電腦等電腦、影印機、行動電話機、汽車導行裝置、各種組入有軟硬體的機器等之資訊機器。As shown in FIG. 1 and the like, the main unit 2 may be a device including the calculation device 22, and may be a computer such as a personal computer, a photocopying machine, a mobile phone, a car guide, or the like in addition to the above-described printer. An information machine such as a machine with software and hardware is incorporated.
第13圖表示實施形態1至3所示之主機器2之硬體資源之一例。Fig. 13 is a view showing an example of the hardware resources of the main unit 2 shown in the first to third embodiments.
另外,第13圖之構造只是表示主機器2之硬體構造之一例,主機器2之硬體構造並不只限於第13圖所記載之構造,亦可以為其他之構造。The structure of Fig. 13 is merely an example of the hardware structure of the main unit 2. The hardware structure of the main unit 2 is not limited to the structure described in Fig. 13, and may be other configurations.
在第13圖中,主機器2具備有用以執行程式之CPU911(亦稱為Central Processing Unit、中央處理裝置、處理裝置、微處理器、微電腦、處理器)。In Fig. 13, the main unit 2 is provided with a CPU 911 (also referred to as a Central Processing Unit, a central processing unit, a processing unit, a microprocessor, a microcomputer, and a processor) that is useful for executing programs.
CPU911相當於演算裝置22。The CPU 911 corresponds to the calculation device 22.
CPU911經由匯流排912連接到認證IC906。認證IC906相當於第1圖等之認證IC21。The CPU 911 is connected to the authentication IC 906 via the bus bar 912. The authentication IC 906 corresponds to the authentication IC 21 of FIG. 1 and the like.
另外,只要主機器2是資訊機器,則例如與ROM(Read Only Memory)913、RAM(Random Access Memory)914、通信埠915、顯示裝置901、鍵盤902、滑鼠903、FDD904(Flexible Disk Drive)、光碟裝置905(CDD)、磁碟裝置920等連接,即對該等之硬體裝置進行控制。Further, as long as the host device 2 is an information device, for example, a ROM (Read Only Memory) 913, a RAM (Random Access Memory) 914, a communication port 915, a display device 901, a keyboard 902, a mouse 903, and an FDD 904 (Flexible Disk Drive) are provided. The optical disk device 905 (CDD), the magnetic disk device 920, and the like are connected, that is, the hardware devices are controlled.
通信埠915亦可以與有線通信、無線通信之任一方對應,例如,亦可以連接到LAN(區域網路)、網際網路、WAN(寬域網路)、SAN(儲存區域網路)等。The communication port 915 may also correspond to either wired communication or wireless communication, for example, may be connected to a LAN (Regional Network), an Internet, a WAN (Wide Area Network), a SAN (Storage Area Network), or the like.
在磁碟裝置920亦可以記憶有作業系統921(OS)、視窗系統922、程式群923、檔案群924。The operating system 921 (OS), the window system 922, the program group 923, and the file group 924 can also be stored in the disk device 920.
程式群923之程式群由CPU911執行。The program group of the program group 923 is executed by the CPU 911.
在程式群923記憶有程式用來執行在實施形態1至3之說明中作為「~部」(認證IC中所包含者除外)進行說明之功能。程式利用CPU911讀出和執行。In the program group 923, a program is stored to perform the function of the "~ part" (excluding those included in the authentication IC) in the description of the first to third embodiments. The program is read and executed by the CPU 911.
另外,在實施形態1至3之說明中作為「~部」進行說明者可以為「~電路」、「~裝置」、「~機器」,或「~步驟」、「~程序」、「~處理」。In addition, in the description of the first to third embodiments, the description may be "~circuit", "~device", "~machine", or "~step", "~program", "~ processing". "."
亦即,利用在實施形態1至3說明之流程圖所示之步驟、程序、處理,可以實現本發明之資訊處理方法。That is, the information processing method of the present invention can be realized by the steps, procedures, and processes shown in the flowcharts of the first to third embodiments.
1...認證IC1. . . Certification IC
2...主機器2. . . Host machine
3...從屬機器3. . . Slave machine
11...資料傳送接收部11. . . Data transmission and reception department
12...回應碼保持部12. . . Response code holding unit
13...IC固有號碼儲存部13. . . IC unique number storage unit
14...HASH計算邏輯部14. . . HASH calculation logic
15...秘密鍵儲存區域15. . . Secret key storage area
16...非揮發記憶區域16. . . Non-volatile memory area
21...認證ICtwenty one. . . Certification IC
22...演算裝置twenty two. . . Arithmetic device
23...通信路twenty three. . . Communication road
24...通信路twenty four. . . Communication road
25...ASIC25. . . ASIC
31...認證IC31. . . Certification IC
221...控制部221. . . Control department
222...通信部222. . . Communication department
223...判定部223. . . Judgment department
224...res1224. . . Res1
225...res2225. . . Res2
251...固有號碼251. . . Inherent number
2111...資料傳送接收部2111. . . Data transmission and reception department
2112...回應碼保持部2112. . . Response code holding unit
2113...IC固有號碼儲存部2113. . . IC unique number storage unit
2114...HASH計算邏輯部2114. . . HASH calculation logic
2115...秘密鍵儲存區域2115. . . Secret key storage area
2116...非揮發記憶區域2116. . . Non-volatile memory area
3111...資料傳送接收部3111. . . Data transmission and reception department
3112...回應碼保持部3112. . . Response code holding unit
3113...IC固有號碼儲存部3113. . . IC unique number storage unit
3114...HASH計算邏輯部3114. . . HASH calculation logic
3115...秘密鍵儲存區域3115. . . Secret key storage area
3116...非揮發記憶區域3116. . . Non-volatile memory area
第1圖表示實施形態1之裝置構造例。Fig. 1 shows an example of the structure of the apparatus of the first embodiment.
第2圖表示實施形態1之認證IC之內部構造例。Fig. 2 is a diagram showing an example of the internal structure of the authentication IC of the first embodiment.
第3圖表示實施形態1之演算裝置之內部構造例。Fig. 3 is a view showing an example of the internal structure of the arithmetic unit of the first embodiment.
第4圖表示實施形態1之認證從屬機器之動作中之與認證第1階段相當之動作。Fig. 4 is a view showing an operation corresponding to the first stage of authentication in the operation of the authentication slave device of the first embodiment.
第5圖表示實施形態1之認證從屬機器之動作中之與認證第2階段相當之動作。Fig. 5 is a view showing an operation corresponding to the second stage of authentication in the operation of the authentication slave device of the first embodiment.
第6圖表示實施形態1之認證IC之內部構造例。Fig. 6 is a view showing an example of the internal structure of the authentication IC of the first embodiment.
第7圖表示實施形態1之認證主機器上之認證IC之正當性之動作。Fig. 7 is a view showing the operation of the authenticity of the authentication IC on the authentication host device of the first embodiment.
第8圖表示實施形態2之認證主機器上之認證IC之正當性之動作中之與認證第1階段相當之動作。Fig. 8 is a view showing an operation corresponding to the first stage of authentication in the operation of authenticating the authentication IC on the authentication host device in the second embodiment.
第9圖表示實施形態2之認證主機器上之認證IC之正當性之動作中之與認證第2階段相當之動作。Fig. 9 is a view showing an operation corresponding to the second stage of authentication in the operation of authenticating the authentication IC on the authentication host device in the second embodiment.
第10圖表示實施形態2之裝置構造例。Fig. 10 is a view showing an example of the structure of the apparatus of the second embodiment.
第11圖表示實施形態2之認證IC之內部構造例。Fig. 11 is a view showing an example of the internal structure of the authentication IC of the second embodiment.
第12圖表示實施形態3之主機器之構造例。Fig. 12 is a view showing an example of the configuration of the main unit of the third embodiment.
第13圖表示實施形態1至3之主機器之硬體構造例。Fig. 13 is a view showing an example of the hardware configuration of the main body of the first to third embodiments.
第14圖表示詰問-回應方式。Figure 14 shows the question-response method.
21...認證ICtwenty one. . . Certification IC
31...認證IC31. . . Certification IC
2111...資料傳送接收部2111. . . Data transmission and reception department
2112...回應碼保持部2112. . . Response code holding unit
2113...IC固有號碼儲存部2113. . . IC unique number storage unit
2114...HASH計算邏輯部2114. . . HASH calculation logic
2115...秘密鍵儲存區域2115. . . Secret key storage area
2116...非揮發記憶區域2116. . . Non-volatile memory area
3111...資料傳送接收部3111. . . Data transmission and reception department
3112...回應碼保持部3112. . . Response code holding unit
3113...IC固有號碼儲存部3113. . . IC unique number storage unit
3114...HASH計算邏輯部3114. . . HASH calculation logic
3115...秘密鍵儲存區域3115. . . Secret key storage area
3116...非揮發記憶區域3116. . . Non-volatile memory area
Claims (10)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/JP2009/069776 WO2011064833A1 (en) | 2009-11-24 | 2009-11-24 | Information processing apparatus, information processing method, and program |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW201118640A TW201118640A (en) | 2011-06-01 |
| TWI464616B true TWI464616B (en) | 2014-12-11 |
Family
ID=44065957
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW099108855A TWI464616B (en) | 2009-11-24 | 2010-03-25 | Apparatus for processing information, and computor program |
Country Status (3)
| Country | Link |
|---|---|
| JP (1) | JP5398845B2 (en) |
| TW (1) | TWI464616B (en) |
| WO (1) | WO2011064833A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220058295A1 (en) * | 2020-08-20 | 2022-02-24 | Micron Technology, Inc. | Safety and security for memory |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW393631B (en) * | 1997-07-24 | 2000-06-11 | Checkpoint Systems Inc | Inventory system using articles with RFID tags |
| JP2007048297A (en) * | 2006-08-17 | 2007-02-22 | Sony Corp | Information processor, information processing method and computer program |
| US20080094183A1 (en) * | 2006-08-29 | 2008-04-24 | Shinichiro Fukushima | Ic memory, as well as, accessing apparatus and validity testing method for use of ic memory |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8254568B2 (en) * | 2007-01-07 | 2012-08-28 | Apple Inc. | Secure booting a computing device |
| JP4618259B2 (en) * | 2007-02-16 | 2011-01-26 | ソニー株式会社 | Data storage device and data storage method |
| JP4814993B2 (en) * | 2007-03-27 | 2011-11-16 | 富士通株式会社 | Device to be debugged, authentication program, and debug authentication method |
-
2009
- 2009-11-24 WO PCT/JP2009/069776 patent/WO2011064833A1/en active Application Filing
- 2009-11-24 JP JP2011543000A patent/JP5398845B2/en active Active
-
2010
- 2010-03-25 TW TW099108855A patent/TWI464616B/en active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW393631B (en) * | 1997-07-24 | 2000-06-11 | Checkpoint Systems Inc | Inventory system using articles with RFID tags |
| JP2007048297A (en) * | 2006-08-17 | 2007-02-22 | Sony Corp | Information processor, information processing method and computer program |
| US20080094183A1 (en) * | 2006-08-29 | 2008-04-24 | Shinichiro Fukushima | Ic memory, as well as, accessing apparatus and validity testing method for use of ic memory |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220058295A1 (en) * | 2020-08-20 | 2022-02-24 | Micron Technology, Inc. | Safety and security for memory |
Also Published As
| Publication number | Publication date |
|---|---|
| TW201118640A (en) | 2011-06-01 |
| JPWO2011064833A1 (en) | 2013-04-11 |
| JP5398845B2 (en) | 2014-01-29 |
| WO2011064833A1 (en) | 2011-06-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11843705B2 (en) | Dynamic certificate management as part of a distributed authentication system | |
| KR20170095163A (en) | Hardware device and authenticating method thereof | |
| US9521125B2 (en) | Pseudonymous remote attestation utilizing a chain-of-trust | |
| US20210012008A1 (en) | Method of initializing device and method of updating firmware of device having enhanced security function | |
| JP2019036251A (en) | Update controller, software update system, and update control method | |
| TW201732669A (en) | Controlled secure code authentication | |
| CN107797822A (en) | Equipment and associated method for authenticated firmware | |
| US10361864B2 (en) | Enabling a secure OEM platform feature in a computing environment | |
| CN205540702U (en) | Electronic equipment | |
| US10291412B2 (en) | Information processing system, wireless communication chip, peripheral device, server, computer-readable non-transitory storage medium having application program stored therein, and information processing method | |
| CN108541324A (en) | A kind of unlocking method of electronic lock device, client and its electronic lock device | |
| CN105263141A (en) | Household electrical appliance and control method thereof | |
| JP6387908B2 (en) | Authentication system | |
| JP2018081349A (en) | Falsification detection system, verification ecu, ecu to be verified, program | |
| WO2006075355A1 (en) | Programmable logic controller peripheral device | |
| EP3154287B1 (en) | Method, apparatus and system for authorizing, by a remote server, short-range wireless communication between a peripheral device and a terminal | |
| US20160277182A1 (en) | Communication system and master apparatus | |
| TWI464616B (en) | Apparatus for processing information, and computor program | |
| US9177123B1 (en) | Detecting illegitimate code generators | |
| EP3154286B1 (en) | Peripheral device, wireless communication chip,computer-readable non-transitory storage medium having application program stored therein, information processing system, and information processing method | |
| JP6354438B2 (en) | Information processing apparatus, information processing system, and processing program | |
| EP2884786B1 (en) | Restricting software to authorized wireless environments | |
| JP2017187963A (en) | Electronic apparatus and system | |
| JP6676065B2 (en) | Authentication chain with connected devices | |
| JP6898643B2 (en) | Electronic control device for vehicles |