TWI489280B - Memory controller, memory control device, memory device, memory information protection system, and method of controlling a memory control device - Google Patents

Memory controller, memory control device, memory device, memory information protection system, and method of controlling a memory control device Download PDF

Info

Publication number
TWI489280B
TWI489280B TW099111023A TW99111023A TWI489280B TW I489280 B TWI489280 B TW I489280B TW 099111023 A TW099111023 A TW 099111023A TW 99111023 A TW99111023 A TW 99111023A TW I489280 B TWI489280 B TW I489280B
Authority
TW
Taiwan
Prior art keywords
information
key
key information
memory
new
Prior art date
Application number
TW099111023A
Other languages
Chinese (zh)
Other versions
TW201040723A (en
Inventor
Takahiko Sugahara
Tetsuo Furuichi
Ikuo Yamaguchi
Takashi Oshikiri
Original Assignee
Mega Chips Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mega Chips Corp filed Critical Mega Chips Corp
Publication of TW201040723A publication Critical patent/TW201040723A/en
Application granted granted Critical
Publication of TWI489280B publication Critical patent/TWI489280B/en

Links

Landscapes

  • Storage Device Security (AREA)

Description

記憶體控制器,記憶體控制裝置,記憶體裝置,記憶體資訊保護系統及記憶體控制裝置之控制方法Memory controller, memory control device, memory device, memory information protection system, and control method of memory control device

本發明係關於一種確保資訊之機密性之技術。The present invention relates to a technique for ensuring the confidentiality of information.

眾所周知有如下一種技術:將半導體記憶體等裝卸自由之記憶體裝置安裝於資訊處理裝置,利用記憶於該記憶體裝置中之軟體程式或者資料等之資訊,於資訊處理裝置中實現既定之功能。There is a known technique in which a memory device such as a semiconductor memory or the like is mounted on an information processing device, and a predetermined function is realized in the information processing device by using information such as a software program or data stored in the memory device.

於此種記憶體裝置中,有搭載用於確保記憶於記憶體裝置中的資訊之機密性之安全功能者。例如,專利文獻1中表示有利用關鍵資料對自記憶部輸出之資料進行加密之方法。In such a memory device, there is a security function for ensuring confidentiality of information stored in the memory device. For example, Patent Document 1 discloses a method of encrypting data output from a memory unit using key data.

[先前技術文獻][Previous Technical Literature]

[專利文獻][Patent Literature]

專利文獻1:日本專利特開平7-219852號公報Patent Document 1: Japanese Patent Laid-Open No. Hei 7-219852

然而,於上述專利文獻1中,當藉由對經加密之輸出信號進行解析而取得密鑰(key)資訊時,會有記憶於記憶體裝置中的資訊之機密性喪失之虞。However, in Patent Document 1, when the key information is obtained by analyzing the encrypted output signal, the confidentiality of the information stored in the memory device is lost.

對此,本發明之目的在於提供一種可提高記憶於記憶體裝置中之資訊之機密性之技術。In view of the above, it is an object of the present invention to provide a technique for improving the confidentiality of information stored in a memory device.

本發明之第1側面係一種記憶體控制器,其包括:密鑰生成手段,於每既定時序,生成新的用於資訊之加密/解碼之密鑰資訊;及資料轉換手段,根據上述密鑰資訊對輸出至記憶有既定資訊之記憶體裝置之資訊進行加密,同時根據上述密鑰資訊對自上述記憶體裝置所輸入之經加密的上述既定資訊進行解碼;而於上述資料轉換手段中,每當上述密鑰生成手段生成新的密鑰資訊時,則進行將該新的密鑰資訊作為上述密鑰資訊的密鑰資訊更新。A first aspect of the present invention is a memory controller, comprising: a key generation means for generating a new key information for encrypting/decoding information at a predetermined timing; and a data conversion means according to the key The information encrypts information outputted to the memory device that memorizes the predetermined information, and decodes the encrypted predetermined information input from the memory device according to the key information; and in the data conversion means, When the key generation means generates new key information, the new key information is updated as the key information of the key information.

又,本發明之第2側面係一種記憶體裝置,其包括:指示手段,於每既定時序,指示生成用於資訊之加密/解碼之密鑰資訊;密鑰生成手段,根據上述生成指示生成新的上述密鑰資訊;記憶手段,記憶有既定資訊;及資料轉換手段,根據上述密鑰資訊對上述既定資訊中作為讀出對象之資訊進行加密,同時根據上述密鑰資訊對自外部裝置所輸入之經加密的資訊進行解碼;而於上述資料轉換手段中,每當上述密鑰生成手段生成新的密鑰資訊時,則進行將該新的密鑰資訊作為上述密鑰資訊的密鑰資訊更新。Further, a second aspect of the present invention is a memory device comprising: means for instructing generation of key information for encrypting/decoding information at a predetermined timing; and key generation means for generating a new one based on the generation instruction The key information; the memory means, the memory has the predetermined information; and the data conversion means encrypts the information as the read object in the predetermined information according to the key information, and inputs the information from the external device according to the key information. The encrypted information is decoded; and in the data conversion means, whenever the key generation means generates new key information, the new key information is updated as the key information of the key information. .

又,本發明之第3側面係一種記憶體資訊保護系統,其包括:記憶體裝置,記憶有既定資訊;及記憶體控制裝置,與上述記憶體裝置相對應;而上述記憶體控制裝置包括:第1密鑰生成手段,於每既定時序,生成新的用於資訊之加密/解碼之第1密鑰資訊;及第1資料轉換手段,根據上述第1密鑰資訊對輸出至上述記憶體裝置之資訊進行加密,同時根據上述第1密鑰資訊對自上述記憶體裝置所輸入之經加密的資訊進行解碼;於上述第1資料轉換手段中,每當上述第1密鑰生成手段生成新的第1密鑰資訊時,則進行將該新的第1密鑰資訊作為上述第1密鑰資訊的密鑰資訊更新,上述記憶體裝置包括:第2密鑰生成手段,與上述既定時序同步,生成與上述第1密鑰資訊相同之新的第2密鑰資訊;記憶手段,記憶有既定資訊;及第2資料轉換手段,根據上述第2密鑰資訊對上述既定資訊中作為讀出對象之資訊進行加密,同時根據上述第2密鑰資訊對自上述記憶體控制裝置所輸入之經加密的資訊進行解碼;於上述第2資料轉換手段中,每當上述第2密鑰生成手段生成新的第2密鑰資訊時,則進行將該新的第2密鑰資訊作為上述密鑰資訊的密鑰資訊更新。Further, a third aspect of the present invention is a memory information protection system including: a memory device that memorizes predetermined information; and a memory control device that corresponds to the memory device; and the memory control device includes: The first key generation means generates a new first key information for encrypting/decoding the information at each predetermined timing; and the first data conversion means outputs the first key information pair to the memory device based on the first key information pair Encrypting the information, and decoding the encrypted information input from the memory device based on the first key information; and in the first data conversion means, each of the first key generation means generates a new one In the case of the first key information, the new first key information is updated as the key information of the first key information, and the memory device includes a second key generation means that synchronizes with the predetermined timing. Generating a new second key information identical to the first key information; the memory means memorizing the predetermined information; and the second data conversion means, based on the second key information Encrypting the information to be read in the fixed information, and decoding the encrypted information input from the memory control device based on the second key information; in the second data conversion means, each of the above When the second key generation means generates new second key information, the key information is updated by using the new second key information as the key information.

根據本發明,可提高記憶於記憶體裝置中的資訊之機密性。According to the present invention, the confidentiality of information stored in the memory device can be improved.

以下,參照圖式對本發明之實施形態進行說明。Hereinafter, embodiments of the present invention will be described with reference to the drawings.

<1.第1實施形態><1. First embodiment>

[1-1.構成概要][1-1. Summary of composition]

圖1係表示記憶體資訊保護系統1A之外觀構成之圖。Fig. 1 is a view showing the appearance of the memory information protection system 1A.

如圖1所示,記憶體資訊保護系統1A係包括資訊處理裝置10A與記憶體裝置20。As shown in FIG. 1, the memory information protection system 1A includes an information processing device 10A and a memory device 20.

記憶體裝置20於通用罩幕式唯讀記憶體等記憶體核心內,記憶程式及/或資料等之資訊(亦稱為「記憶資訊」或「儲存資訊」)。該記憶資訊例如為由一種作為電腦裝置之資訊處理裝置10A所執行作為應用軟體之資料、及/或該應用軟體中所使用之資料等。該記憶體裝置20具有例如卡片或者卡匣之態樣,且可自由裝卸在資訊處理裝置10A。記憶體裝置20係於安裝於資訊處理裝置10A之狀態下使用。The memory device 20 stores information about programs and/or data (also referred to as "memory information" or "storage information") in a memory core such as a general-purpose mask-type read-only memory. The memory information is, for example, data to be executed by the information processing device 10A as a computer device, and/or data used in the application software. The memory device 20 has, for example, a card or a cassette, and can be detachably attached to the information processing device 10A. The memory device 20 is used in a state of being mounted on the information processing device 10A.

作為利用儲存於記憶體裝置20之記憶資訊的資訊處理裝置10A,例如可包含有個人電腦(Personal Computer)、PDA(Personal Digital Assistant,個人數位助理)之類的攜帶式資訊終端裝置、或者影像處理裝置。The information processing apparatus 10A that utilizes the memory information stored in the memory device 20 may include, for example, a portable information terminal device such as a personal computer, a personal digital assistant (PDA), or an image processing device. Device.

於此種記憶體資訊保護系統1A中,當將經加密之命令(加密命令)自資訊處理裝置10A供給至記憶體裝置20時,於記憶體裝置20中,對加密命令進行解碼,並執行由命令所指定之處理。In the memory information protection system 1A, when an encrypted command (encryption command) is supplied from the information processing device 10A to the memory device 20, the encryption device is decoded in the memory device 20, and executed by the memory device 20 The processing specified by the command.

[1-2.功能區塊][1-2. Function block]

進而,對記憶體資訊保護系統1A之功能進行詳細敍述。圖2係表示第1實施形態記憶體資訊保護系統1A之功能構成之方塊圖。Further, the function of the memory information protection system 1A will be described in detail. Fig. 2 is a block diagram showing the functional configuration of the memory information protection system 1A of the first embodiment.

如圖2所示,構成記憶體資訊保護系統1A之資訊處理裝置10A係包括全體控制部100A、記憶體控制部(記憶體控制器)110A及介面部120。As shown in FIG. 2, the information processing device 10A constituting the memory information protection system 1A includes a whole control unit 100A, a memory control unit (memory controller) 110A, and a face portion 120.

全體控制部100A為微電腦構成,主要包括CPU(Central Processing Unit,中央處理單元)、RAM(Random Access Memory,隨機存取記憶體)及ROM(Read Only Memory,唯讀記憶體)等。全體控制部100A讀出儲存於ROM內之程式,並由CPU執行該程式,藉此實現各種功能。The overall control unit 100A is a microcomputer, and mainly includes a CPU (Central Processing Unit), a RAM (Random Access Memory), and a ROM (Read Only Memory). The entire control unit 100A reads out the program stored in the ROM and executes the program by the CPU, thereby realizing various functions.

具體而言,全體控制部100A藉由上述程式之執行,功能性地實現命令生成部101、資料取得部102及命令發佈檢測部103。Specifically, the overall control unit 100A functionally realizes the command generation unit 101, the material acquisition unit 102, and the command distribution detection unit 103 by execution of the above-described program.

命令生成部101具有生成對記憶體裝置20之命令所相關之命令碼、或者含有該命令碼及位址之命令之功能。例如,當讀出儲存於記憶體裝置20中之資料時,包含讀出命令碼與成為讀出對象之資料之位址的命令(亦稱為「讀出命令」)藉由命令生成部101而生成。The command generation unit 101 has a function of generating a command code related to the command of the memory device 20 or a command including the command code and the address. For example, when the data stored in the memory device 20 is read, a command (also referred to as a "read command") including the read command code and the address of the data to be read is used by the command generating portion 101. generate.

資料取得部102使自記憶體裝置20讀出之資料依序記憶於全體控制部100A內之記憶部(RAM)中,並判斷作為讀出對象之資料的取得是否已結束(完成)。The data acquisition unit 102 sequentially stores the data read from the memory device 20 in the memory unit (RAM) in the entire control unit 100A, and determines whether or not the acquisition of the data to be read is completed (completed).

命令發佈檢測部103具有檢測來自命令生成部101之命令之輸出之功能,當檢測到命令之輸出時,對下述密鑰生成部112進行用於加密或解碼之密鑰資訊(密鑰資料)之生成指示。即,命令發佈檢測部103亦具有根據命令之輸出而對密鑰生成部112指示生成密鑰資訊之指示手段作用。The command issuance detecting unit 103 has a function of detecting an output of a command from the command generating unit 101, and when detecting the output of the command, performs key information (key data) for encrypting or decoding the key generating unit 112 described below. Generate instructions. In other words, the command issuance detecting unit 103 also has an instruction means for instructing the key generation unit 112 to generate key information based on the output of the command.

記憶體控制部110A包括硬體密鑰111、密鑰生成部(密鑰生成手段)112及資料轉換電路(資料轉換手段)113。The memory control unit 110A includes a hardware key 111, a key generation unit (key generation means) 112, and a material conversion circuit (data conversion means) 113.

硬體密鑰111為硬體晶片上所執行之固定資料。硬體密鑰111係例如使用與硬體密鑰111之位元長度相應之複數個反相器(NOT電路),將該反相器之輸入鉗位成電源電壓(Vcc)或者GND(接地電位)而得以實現。再者,因硬體密鑰111係以硬體所實現之固定資料,故而亦可表現為未被CPU干涉之密鑰資料。The hardware key 111 is a fixed material that is executed on the hard wafer. The hardware key 111 is, for example, a plurality of inverters (NOT circuits) corresponding to the bit length of the hardware key 111, and the input of the inverter is clamped to a power supply voltage (Vcc) or GND (ground potential). ) is achieved. Furthermore, since the hardware key 111 is a fixed data realized by hardware, it can also be expressed as key data that is not interfered by the CPU.

密鑰生成部112具有於每既定時序執行運算處理,新生成用於資訊之加密/解碼之密鑰資訊之功能。The key generation unit 112 has a function of performing arithmetic processing at a predetermined timing and newly generating key information for encryption/decoding of information.

具體而言,若接通資訊處理裝置10A之電源,則密鑰生成部112根據硬體密鑰111而生成初始密鑰資訊(密鑰生成部112之初始化)。又,密鑰生成部112係包括使構成密鑰資訊之位元串移位之移位手段而構成,根據命令發佈檢測部103之密鑰生成指示,使構成初始密鑰資訊之位元串依序移位,藉此生成新的密鑰資訊。Specifically, when the power of the information processing device 10A is turned on, the key generation unit 112 generates initial key information (initialization of the key generation unit 112) based on the hardware key 111. Further, the key generation unit 112 includes a shift means for shifting the bit string constituting the key information, and issues a key generation instruction based on the command distribution detecting unit 103 to cause the bit string constituting the initial key information to be Sequential shifting, thereby generating new key information.

作為移位手段,例如可採用移位暫存器。當採用移位暫存器作為移位手段時,亦可按照以下方式構成密鑰生成部112、即,每當接受密鑰生成指示時,即將時脈輸入至移位暫存器中,同時根據該時脈之輸入而將硬體密鑰111之位元串依序輸入至移位暫存器。As the shifting means, for example, a shift register can be employed. When the shift register is used as the shifting means, the key generating unit 112 may be configured as follows, that is, each time the key generation instruction is accepted, the clock is input to the shift register, and The bit string of the hardware key 111 is sequentially input to the shift register by the input of the clock.

再者,於初始密鑰資訊之生成時,例如可使用虛擬亂數生成電路。於密鑰生成部112設為包括虛擬亂數生成電路之構成時,係根據硬體密鑰111由虛擬亂數生成電路生成虛擬亂數,且所生成之虛擬亂數被用作初始密鑰資訊。Furthermore, at the time of generation of the initial key information, for example, a virtual random number generating circuit can be used. When the key generation unit 112 is configured to include the virtual random number generation circuit, the virtual random number generation circuit generates a virtual random number based on the hardware key 111, and the generated virtual random number is used as the initial key information. .

如此,資訊處理裝置10A中之密鑰資訊之生成係根據與命令發佈同步之來自命令發佈檢測部103的密鑰生成指示而執行,且於每當發佈新的命令時即生成新的密鑰資訊。Thus, the generation of the key information in the information processing apparatus 10A is performed based on the key generation instruction from the command issuance detecting section 103 synchronized with the command issuance, and a new key information is generated each time a new command is issued. .

資料轉換電路113具有下述之功能:對於自命令生成部101所輸出之命令,實施使用由密鑰生成部112所生成之密鑰資訊之既定的運算處理,藉此生成加密命令。藉由資料轉換電路113加密之加密命令經由介面部120而被供給至記憶體裝置20。再者,關於加密方式,可採用例如串流加密方式或者區塊加密方式。The data conversion circuit 113 has a function of generating an encryption command by using a predetermined arithmetic process using the key information generated by the key generation unit 112 for the command output from the command generation unit 101. The encryption command encrypted by the material conversion circuit 113 is supplied to the memory device 20 via the interface 120. Furthermore, regarding the encryption method, for example, a stream encryption method or a block encryption method can be employed.

又,資料轉換電路113亦具有下述功能:使用由密鑰生成部112所生成之密鑰資訊對自記憶體裝置20提供之加密資料進行解碼。經解碼之資料被供給至資料取得部102。Further, the data conversion circuit 113 also has a function of decoding the encrypted material supplied from the memory device 20 using the key information generated by the key generation unit 112. The decoded data is supplied to the material acquisition unit 102.

於進行資訊之加密/解碼之資料轉換電路113中,每當密鑰生成部112生成新的密鑰資訊時,即進行將該新的密鑰資訊作為用於加密/解碼之密鑰資訊的密鑰資訊更新。In the data conversion circuit 113 for performing encryption/decoding of information, each time the key generation unit 112 generates new key information, the new key information is made as the key information for encryption/decryption. Key information update.

包括此種記憶體控制部110A之裝置,係作為控制記憶體裝置20之動作之記憶體控制裝置而動作。於本實施形態中,例示記憶體控制部110A包含於資訊處理裝置10A中、且資訊處理裝置10A作為記憶體控制裝置而動作之情形。The device including the memory control unit 110A operates as a memory control device that controls the operation of the memory device 20. In the present embodiment, the memory control unit 110A is included in the information processing device 10A, and the information processing device 10A operates as a memory control device.

另一方面,構成記憶體資訊保護系統1A之記憶體裝置20包括記憶部(記憶手段)200、記憶體內控制部210及介面部220。On the other hand, the memory device 20 constituting the memory information protection system 1A includes a memory unit (memory means) 200, an internal memory control unit 210, and a dielectric surface portion 220.

記憶部200係罩幕式唯讀記憶體之類之非揮發性記憶體,其記憶有成為機密保護或防止不正當讀出之保護對象之程式及/或資料等。再者,該記憶部200並不受限為罩幕式唯讀記憶體,亦可為快閃記憶體、可抹除可程式唯讀記憶體(EP-ROM)或者硬碟(HD,Hard Disk)等。The memory unit 200 is a non-volatile memory such as a mask-type read-only memory, and stores programs and/or materials that are protected by confidentiality or protected from unauthorized reading. Furthermore, the memory unit 200 is not limited to a mask-type read-only memory, and may also be a flash memory, an erasable programmable read only memory (EP-ROM) or a hard disk (HD, Hard Disk). )Wait.

記憶體內控制部210包括硬體密鑰211、密鑰生成部212、資料轉換電路213及命令判別部214。The memory control unit 210 includes a hardware key 211, a key generation unit 212, a material conversion circuit 213, and a command determination unit 214.

硬體密鑰211係硬體晶片上所執行之固定資料,該硬體密鑰211具有與資訊處理裝置10A之硬體密鑰111相同之資料構成。The hardware key 211 is a fixed material executed on the hardware chip, and the hardware key 211 has the same data structure as the hardware key 111 of the information processing apparatus 10A.

密鑰生成部212具有下述功能:與資訊處理裝置10A之密鑰生成部112同樣地,於每既定時序執行運算處理,並生成用於加密/解碼之新密鑰資訊。具體而言,於資訊處理裝置10A之電源接通後,當對自資訊處理裝置10A發佈之初始化命令進行檢測時,密鑰生成部212根據硬體密鑰211而生成初始密鑰資訊(密鑰生成部212之初始化)。又,密鑰生成部212構成為包括使構成密鑰資訊之位元串移位之移位手段(例如移位暫存器),根據命令判別部214之密鑰生成指示,使初始密鑰資訊依序移位,藉此生成新的密鑰資訊。The key generation unit 212 has a function of performing arithmetic processing at a predetermined timing and generating new key information for encryption/decoding, similarly to the key generation unit 112 of the information processing device 10A. Specifically, when the initialization command issued from the information processing device 10A is detected after the power of the information processing device 10A is turned on, the key generation unit 212 generates initial key information (key) based on the hardware key 211. Initialization of the generating unit 212). Further, the key generation unit 212 is configured to include a shift means (for example, a shift register) for shifting the bit string constituting the key information, and to generate an initial key information based on a key generation instruction of the command determination unit 214. Shift sequentially to generate new key information.

資料轉換電路213係具有下述功能:對經由介面部220接收之加密命令,實施使用由密鑰生成部212所生成之密鑰資訊之既定之運算處理,藉此對加密命令進行解碼。藉由資料轉換電路213解碼之命令被供給至命令判別部214。The data conversion circuit 213 has a function of decoding the encryption command by performing a predetermined arithmetic process using the key information generated by the key generation unit 212 on the encryption command received via the interface unit 220. The command decoded by the material conversion circuit 213 is supplied to the command determination unit 214.

又,資料轉換電路213亦具有下述功能:利用由密鑰生成部212生成之密鑰資訊,對自記憶部200讀出之資料進行加密,而生成加密資料。由資料轉換電路213加密之加密資料將經由介面部220而被供給至資訊處理裝置10A。Further, the data conversion circuit 213 also has a function of encrypting the data read from the memory unit 200 by using the key information generated by the key generation unit 212 to generate encrypted data. The encrypted data encrypted by the material conversion circuit 213 is supplied to the information processing device 10A via the interface portion 220.

於進行資訊之加密/解碼之資料轉換電路213中,每當由密鑰生成部212生成新的密鑰資訊時,進行將該新的密鑰資訊作為用於加密/解碼之密鑰資訊的密鑰資訊之更新。In the data conversion circuit 213 for performing encryption/decoding of information, each time the new key information is generated by the key generation unit 212, the new key information is made as the key information for encryption/decryption. Update of key information.

命令判別部214判別經解碼之命令,並指示執行與該命令相應之既定動作。例如,於經資料轉換電路213解碼之來自資訊處理裝置10A的命令為來自記憶部200之資料的讀出命令之情形時,則自該讀出命令中抽取讀出命令碼與讀出位址資料,並將讀出信號與讀出位址資料提供給記憶部200。The command determining unit 214 discriminates the decoded command and instructs execution of a predetermined action corresponding to the command. For example, when the command from the information processing device 10A decoded by the data conversion circuit 213 is a read command from the data of the memory unit 200, the read command code and the read address data are extracted from the read command. And the read signal and the read address data are supplied to the memory unit 200.

又,命令判別部214亦具有根據命令之輸入而對密鑰生成部212指示生成密鑰資訊之指示手段作用。Further, the command determination unit 214 also has an instruction means for instructing the key generation unit 212 to generate key information based on the input of the command.

如此,記憶體裝置20中密鑰資訊之生成係根據與命令之接收同步之來自命令判別部214的密鑰生成指示而執行,每當記憶體裝置20接受新的命令時,密鑰資訊將會被更新。Thus, the generation of the key information in the memory device 20 is performed based on the key generation instruction from the command determination unit 214 in synchronization with the reception of the command, and each time the memory device 20 accepts a new command, the key information will be Updated.

如上述般,於包括資訊處理裝置10A與記憶體裝置20之記憶體資訊保護系統1A中,資訊處理裝置10A與記憶體裝置20之間所進行之命令或資料等之資訊(亦稱為「通訊資訊」)之通訊係經加密進行。而且,用於加密及/或解碼之密鑰資訊係於資訊處理裝置10A與記憶體裝置20之間,在以既定時序且同步之狀態下隨時更新。As described above, in the memory information protection system 1A including the information processing device 10A and the memory device 20, information such as commands or materials (also referred to as "communication" between the information processing device 10A and the memory device 20 The communication of the information" is encrypted. Further, the key information for encryption and/or decoding is between the information processing device 10A and the memory device 20, and is updated at any time with a predetermined timing and synchronization.

具體而言,以下舉例說明讀出儲存於記憶體裝置20中之資料之情形。圖3係表示資料讀出時之記憶體資訊保護系統1A之狀態變遷之圖。Specifically, the following describes an example of reading out the data stored in the memory device 20. Fig. 3 is a view showing the state transition of the memory information protection system 1A at the time of data reading.

如圖3所示,當自資訊處理裝置10A發佈根據密鑰資訊K1加密之讀出命令(狀態st1)後,資訊處理裝置10A及記憶體裝置20各自生成新的密鑰資訊K2(狀態st2)。As shown in FIG. 3, after the information processing apparatus 10A issues a read command (state st1) encrypted according to the key information K1, the information processing apparatus 10A and the memory apparatus 20 each generate a new key information K2 (state st2). .

當傳輸與讀出命令相對應之讀出資料D1時,於記憶體裝置20中,根據新的密鑰資訊K2對該讀出資料D1進行加密,經加密之讀出資料將被傳輸至資訊處理裝置10A(狀態st3)。於資訊處理裝置10A中,使用密鑰資訊K2對經加密之讀出資料進行解碼,並接收讀出資料。進行資料之讀出直至指定之資料長度之讀出資料結束為止,當已讀出指定長度之讀出資料D1時,則結束讀出(狀態st4)。When the read data D1 corresponding to the read command is transmitted, in the memory device 20, the read data D1 is encrypted according to the new key information K2, and the encrypted read data is transmitted to the information processing. Device 10A (state st3). In the information processing apparatus 10A, the encrypted read data is decoded using the key information K2, and the read data is received. When the reading of the data is performed until the reading of the specified data length is completed, when the reading data D1 of the specified length has been read, the reading is terminated (state st4).

於自記憶體裝置20中進一步進行資料之讀出之情形時,於資訊處理裝置10A中使用密鑰資訊K2對讀出命令進行加密,並再次發佈經加密之讀出命令(狀態st5)。當發佈讀出命令時,資訊處理裝置10A及記憶體裝置20分別生成新的密鑰資訊K3(狀態st6)。When the data is further read from the memory device 20, the information processing device 10A encrypts the read command using the key information K2, and issues the encrypted read command again (state st5). When the read command is issued, the information processing device 10A and the memory device 20 respectively generate new key information K3 (state st6).

而且,當傳輸與讀出命令相對應之讀出資料D2時,於記憶體裝置20中根據新的密鑰資訊K3對該讀出資料D2進行加密,經加密之讀出資料被傳輸至資訊處理裝置10A(狀態st7)。於資訊處理裝置10A中,使用密鑰資訊K3對經加密之讀出資料進行解碼,並接收讀出資料。Moreover, when the read data D2 corresponding to the read command is transmitted, the read data D2 is encrypted in the memory device 20 based on the new key information K3, and the encrypted read data is transmitted to the information processing. Device 10A (state st7). In the information processing apparatus 10A, the encrypted read data is decoded using the key information K3, and the read data is received.

如此,資訊處理裝置10A與記憶體裝置20係分別包括共通之密鑰生成部112、212及共通之硬體密鑰111、211,於每既定時序在同步之狀態下分別生成彼此共通之新密鑰資訊。而且,資訊處理裝置10A與記憶體裝置20係於彼此共通之資料轉換電路113、213中,使用新生成之密鑰資訊,進行將用於對通訊資訊進行加密/解碼之密鑰資訊予以更新之更新動作。As described above, the information processing device 10A and the memory device 20 include the common key generation units 112 and 212 and the common hardware keys 111 and 211, respectively, and generate new secrets common to each other in a synchronized state every predetermined time. Key information. Further, the information processing device 10A and the memory device 20 are linked to each other in the data conversion circuits 113, 213, and the key information for encrypting/decoding the communication information is updated using the newly generated key information. Update the action.

藉此,於資訊處理裝置10A與記憶體裝置20之間,可於每既定時序使用更新之共通密鑰資訊,進行加密/解碼,因此可提高記憶於記憶體裝置20中的記憶資訊之機密性。例如,即便可解讀某一週期之密鑰資訊,而取得記憶資訊所包含內容之一部分,亦可降低取得資訊之全部內容之可能性。Thereby, the updated common key information can be used for encryption and decoding between the information processing device 10A and the memory device 20 at a predetermined timing, thereby improving the confidentiality of the memory information stored in the memory device 20. . For example, even if the key information of a certain period can be interpreted and a part of the content included in the memory information is obtained, the possibility of obtaining the entire content of the information can be reduced.

又,於記憶體資訊保護系統1A中,密鑰資訊係於資訊處理裝置10A及記憶體裝置20各個中獨自生成,而在資訊處理裝置10A與記憶體裝置20之間並未進行密鑰資訊之交換,因而可更進一步確保密鑰資訊之機密性。Further, in the memory information protection system 1A, key information is generated by each of the information processing device 10A and the memory device 20, and no key information is performed between the information processing device 10A and the memory device 20. Exchange, thus further ensuring the confidentiality of key information.

又,於記憶體資訊保護系統1A中,使用由硬體構成之密鑰生成部112、212與硬體密鑰111、211而生成密鑰資訊,CPU不參與密鑰資訊之生成。藉此,無法藉由解析CPU所執行之程式而特定密鑰資訊,因而可進一步確保密鑰資訊之機密性。Further, in the memory information protection system 1A, key information is generated using the hardware key generation units 112 and 212 and the hardware keys 111 and 211, and the CPU does not participate in the generation of the key information. Thereby, the key information cannot be specified by analyzing the program executed by the CPU, so that the confidentiality of the key information can be further ensured.

再者,上述雖已例示密鑰生成部112、212包括移位手段、且使用該移位手段使密鑰資訊移位而生成新的密鑰資訊之情形,但並不受限於此。具體而言,密鑰生成部112、212亦可構成為包括加密電路,且以串流加密方式或者區塊加密方式進行加密,並根據硬體密鑰111、211生成新的密鑰資訊。Further, although the above-described key generation units 112 and 212 have been described as including the shift means and the key information is shifted by the shift means to generate new key information, the present invention is not limited thereto. Specifically, the key generation units 112 and 212 may be configured to include an encryption circuit and perform encryption by a stream encryption method or a block encryption method, and generate new key information based on the hardware keys 111 and 211.

於採用上述構成之情形時,於由密鑰生成部112、212及資料轉換電路113、213執行一系列處理中,亦可表現為:密鑰生成部112、212對硬體密鑰111、211進行第1階段加密處理而生成密鑰資訊,資料轉換電路113、213使用密鑰資訊進行將命令加密之第2階段加密處理。In the case where the above configuration is employed, in the series of processes performed by the key generation units 112 and 212 and the data conversion circuits 113 and 213, the key generation units 112 and 212 may be expressed as the hardware keys 111 and 211. The first stage encryption process is performed to generate key information, and the data conversion circuits 113 and 213 perform the second stage encryption process of encrypting the command using the key information.

[1-3.記憶體資訊保護系統1A之動作][1-3. Action of Memory Information Protection System 1A]

以下,對記憶體資訊保護系統1A之動作進行說明。圖4及圖5係表示記憶體資訊保護系統1A之動作之流程圖。於圖4及圖5中,左側係表示資訊處理裝置10A之動作之流程圖,右側係表示記憶體裝置20之動作之流程圖。再者,記憶體裝置20非為包含如CPU之處理手段者,而係以硬體電路進行動作,此處,方便起見以與資訊處理裝置10A之動作流程相對應之流程來表示。Hereinafter, the operation of the memory information protection system 1A will be described. 4 and 5 are flowcharts showing the operation of the memory information protection system 1A. In FIGS. 4 and 5, the left side shows a flowchart of the operation of the information processing apparatus 10A, and the right side shows a flowchart of the operation of the memory apparatus 20. Further, the memory device 20 is not a processing means such as a CPU, but is operated by a hardware circuit. Here, for convenience, it is represented by a flow corresponding to the operation flow of the information processing device 10A.

於記憶體資訊保護系統1A之動作開始前,記憶體裝置20係安裝於資訊處理裝置10A,各個介面部120、220保持電性連接。而且,隨資訊處理裝置10A之電源接通,啟動資訊處理裝置10A,同時對記憶體裝置20供電,開始系統之動作。Before the operation of the memory information protection system 1A is started, the memory device 20 is mounted on the information processing device 10A, and the respective dielectric surfaces 120 and 220 are electrically connected. Further, when the power of the information processing device 10A is turned on, the information processing device 10A is activated, and the memory device 20 is supplied with power to start the operation of the system.

如圖4所示,於資訊處理裝置10A中,當電源接通時,於步驟SP101中進行密鑰生成部112之初始化。在密鑰生成部112之初始化中,根據硬體密鑰111生成初始密鑰資訊。As shown in FIG. 4, in the information processing apparatus 10A, when the power is turned on, the initialization of the key generation unit 112 is performed in step SP101. In the initialization of the key generation unit 112, initial key information is generated based on the hardware key 111.

於步驟SP102中,使用初始密鑰資訊進行資料轉換電路113之初始化。In step SP102, initialization of the material conversion circuit 113 is performed using the initial key information.

於步驟SP103中,藉由命令生成部101生成初始化命令,對記憶體裝置20發佈初始化命令。而且,當初始化命令發佈後,於資料轉換電路113中,加密/解碼功能有效接通(ON)。藉此,於資料轉換電路113中,可進行使用初始密鑰資訊之資料加密/解碼。In step SP103, the command generating unit 101 generates an initialization command to issue an initialization command to the memory device 20. Moreover, after the initialization command is issued, in the material conversion circuit 113, the encryption/decoding function is effectively turned "ON". Thereby, in the material conversion circuit 113, data encryption/decoding using the initial key information can be performed.

另一方面,於記憶體裝置20中,當電源供給開始後,則於步驟SP201中,藉由命令判別部214判定有無初始化命令之輸入。命令判別部214在檢測到初始化命令之輸入後,則對密鑰生成部212指示進行初始化。On the other hand, in the memory device 20, after the power supply is started, the command determination unit 214 determines whether or not the initialization command is input in step SP201. Upon detecting the input of the initialization command, the command determination unit 214 instructs the key generation unit 212 to perform initialization.

於步驟SP202中,根據命令判別部214之初始化指示而對密鑰生成部212進行初始化,且根據硬體密鑰211生成初始密鑰資訊。In step SP202, the key generation unit 212 is initialized based on the initialization instruction of the command determination unit 214, and the initial key information is generated based on the hardware key 211.

於步驟SP203中,使用初始密鑰資訊對資料轉換電路213進行初始化。藉此,於資料轉換電路213中,可使用初始密鑰資訊進行資料之加密/解碼。In step SP203, the material conversion circuit 213 is initialized using the initial key information. Thereby, in the data conversion circuit 213, the encryption/decoding of the data can be performed using the initial key information.

其次,於資訊處理裝置10A中,於步驟SP104中,判定資訊處理裝置10A之電源是否關閉,於資訊處理裝置10A之電源關閉之情形時,則結束資訊處理裝置10A之動作。於資訊處理裝置10A之電源接通之情形時,動作步驟過渡至步驟SP105。Next, in the information processing device 10A, in step SP104, it is determined whether or not the power of the information processing device 10A is turned off. When the power of the information processing device 10A is turned off, the operation of the information processing device 10A is terminated. When the power of the information processing apparatus 10A is turned on, the operation procedure transits to step SP105.

於步驟SP105(參照圖5)中,藉由命令生成部101生成對記憶體裝置20之命令。In step SP105 (refer to FIG. 5), the command generation unit 101 generates a command to the memory device 20.

於步驟SP106中,由命令生成部101生成之命令被輸入至資料轉換電路113,於資料轉換電路113中,使用初始密鑰資訊進行命令之加密。再者,當經重複處理而再次執行步驟SP106時,則使用新的密鑰資訊對命令進行加密。In step SP106, the command generated by the command generation unit 101 is input to the material conversion circuit 113, and the data conversion circuit 113 performs encryption of the command using the initial key information. Furthermore, when step SP106 is executed again by repeated processing, the command is encrypted using the new key information.

於步驟SP107中,將經資料轉換電路113加密之加密命令經由介面部120而向記憶體裝置20發佈。In step SP107, the encryption command encrypted by the material conversion circuit 113 is distributed to the memory device 20 via the interface 120.

又,若命令發佈檢測部103檢測到命令生成部101之命令輸出後,則命令發佈檢測部103對密鑰生成部112指示生成密鑰資訊。藉此,於步驟SP108中,藉由密鑰生成部112生成新的密鑰資訊,於資料轉換電路113中進行密鑰資訊之更新。When the command issuance detecting unit 103 detects the command output of the command generating unit 101, the command issuance detecting unit 103 instructs the key generating unit 112 to generate the key information. Thereby, in step SP108, the key generation unit 112 generates new key information, and updates the key information in the material conversion circuit 113.

另一方面,於記憶體裝置20中,若於步驟SP204中輸入加密命令,則動作步驟過渡至步驟SP205。On the other hand, in the memory device 20, if an encryption command is input in step SP204, the operation proceeds to step SP205.

於步驟SP205中,使用初始密鑰資訊對加密命令進行解碼。In step SP205, the encryption command is decoded using the initial key information.

若經解碼之命令輸入至命令判別部214,則命令判別部214對密鑰生成部212指示生成密鑰資訊。藉此,於步驟SP206中,藉由密鑰生成部212生成新的密鑰資訊,並於資料轉換電路213中進行密鑰資訊之更新。When the decoded command is input to the command determination unit 214, the command determination unit 214 instructs the key generation unit 212 to generate key information. Thereby, in step SP206, the key generation unit 212 generates new key information, and updates the key information in the material conversion circuit 213.

又,於步驟SP207中,藉由命令判別部214判定資訊處理裝置10A之命令是否為讀出命令。於自資訊處理裝置10A輸入之命令不為讀出命令之情形時,動作步驟過渡至步驟SP208,執行基於所輸入命令之讀出處理以外的其他處理。Further, in step SP207, the command determining unit 214 determines whether or not the command of the information processing device 10A is a read command. When the command input from the information processing device 10A is not the read command, the operation proceeds to step SP208, and other processing than the read processing based on the input command is executed.

於自資訊處理裝置10A輸入之命令為讀出命令之情形時,則過渡至步驟SP209,並執行資料之讀出處理(步驟SP209~步驟SP211)。When the command input from the information processing device 10A is the read command, the process proceeds to step SP209, and the data read processing is executed (step SP209 to step SP211).

具體而言,於步驟SP209中,將讀出信號與讀出位址資料提供給記憶部200,且自記憶部200讀出記憶於所指定讀出位址之資料。而且,於步驟SP210中,資料轉換電路213使用新的密鑰資訊對讀出之資料進行加密。於步驟SP211中,將經加密之讀出資料經由介面部220而輸出至資訊處理裝置10A。Specifically, in step SP209, the read signal and the read address data are supplied to the memory unit 200, and the data stored in the designated read address is read from the memory unit 200. Further, in step SP210, the material conversion circuit 213 encrypts the read data using the new key information. In step SP211, the encrypted read data is output to the information processing apparatus 10A via the interface 220.

於資訊處理裝置10A中,當在步驟SP108中進行密鑰資訊之更新後,動作步驟過渡至步驟SP109。In the information processing apparatus 10A, after the key information is updated in step SP108, the operation step transits to step SP109.

於步驟SP109中,判定是否已在步驟SP105中生成讀出命令,於未生成讀出命令之情形時,動作步驟過渡至步驟SP104,並再次執行命令生成處理等。另一方面,於已生成讀出命令之情形時,動作步驟過渡至步驟SP110,並進行自記憶體裝置20接收讀出資料之處理。In step SP109, it is determined whether or not the read command has been generated in step SP105. When the read command is not generated, the operation step transits to step SP104, and the command generation processing or the like is executed again. On the other hand, when the read command has been generated, the operation proceeds to step SP110, and the process of receiving the read data from the memory device 20 is performed.

具體而言,於步驟SP110中,若自記憶體裝置20輸入讀出資料後,則資料轉換電路113使用已於步驟SP108中生成之新密鑰資訊而對讀出資料進行解碼。Specifically, in step SP110, if the read data is input from the memory device 20, the material conversion circuit 113 decodes the read data using the new key information generated in step SP108.

於步驟SP111中,藉由資料取得部102而將讀出資料記憶於RAM中。In step SP111, the data acquisition unit 102 stores the read data in the RAM.

於步驟SP112中,藉由資料取得部102,判定所指定資料長度之資料取得是否已結束。於讀出資料之取得尚未結束之情形時,重複執行步驟SP110~步驟SP112之處理,直至指定資料長度之資料取得結束為止。於指定資料長度之資料取得已結束之情形時,則過渡至步驟SP104,視需要生成新的命令,並執行與該新的命令相對應之動作。In step SP112, the data acquisition unit 102 determines whether or not the data acquisition of the specified data length has been completed. When the acquisition of the read data has not been completed, the processing of steps SP110 to SP112 is repeatedly executed until the data of the specified data length is obtained. When the data of the specified data length has been obtained, the process proceeds to step SP104, a new command is generated as needed, and an action corresponding to the new command is executed.

如以上般,記憶體資訊保護系統1A包括記憶有既定資訊之記憶體裝置20、及與記憶體裝置20相對應之記憶體控制裝置10A。而且,記憶體控制裝置10A包括:密鑰生成部112,於每既定時序生成用於資訊之加密/解碼之新第1密鑰資訊;及資料轉換電路113,根據第1密鑰資訊對輸出至記憶體裝置20之資訊進行加密,同時根據第1密鑰資訊對自記憶體裝置20輸入之加密資訊進行解碼;而於資料轉換電路113中,每當密鑰生成部112生成新的第1密鑰資訊時,則進行將該新的第1資訊作為密鑰資訊的密鑰資訊之更新。另一方面,記憶體裝置20包括:密鑰生成部212,與上述既定時序同步地,生成與第1資訊相同之新第2密鑰資訊;記憶部200,記憶有既定資訊;及資料轉換電路213,根據第2密鑰資訊對既定資訊中作為讀出對象之資訊進行加密,同時根據第2資訊對自記憶體控制裝置10A所輸入之經加密的資訊進行解碼;而於資料轉換電路213中,每當藉由密鑰生成部212生成新的第2密鑰資訊時,則進行將該新的第2密鑰資訊作為密鑰資訊的密鑰資訊之更新。As described above, the memory information protection system 1A includes the memory device 20 in which the predetermined information is stored, and the memory control device 10A corresponding to the memory device 20. Further, the memory control device 10A includes a key generation unit 112 that generates new first key information for encryption/decoding of information at a predetermined timing, and a data conversion circuit 113 that outputs the information based on the first key information. The information of the memory device 20 is encrypted, and the encrypted information input from the memory device 20 is decoded based on the first key information. In the data conversion circuit 113, the key generation unit 112 generates a new first secret each time. In the case of the key information, the update of the key information using the new first information as the key information is performed. On the other hand, the memory device 20 includes a key generation unit 212 that generates new second key information identical to the first information in synchronization with the predetermined timing; the memory unit 200 stores the predetermined information; and the data conversion circuit 213. Encrypt the information to be read in the predetermined information according to the second key information, and decode the encrypted information input from the memory control device 10A according to the second information; and in the data conversion circuit 213. When the new second key information is generated by the key generation unit 212, the update of the key information using the new second key information as the key information is performed.

藉由上述記憶體資訊保護系統1A,於記憶體控制裝置10A及記憶體裝置20中,可使用於每既定時序更新之共通之密鑰資訊進行加密/解碼,因此可提高記憶於記憶體裝置20中之既定資訊之機密性。According to the above-described memory information protection system 1A, in the memory control device 10A and the memory device 20, the common key information for each predetermined timing update can be encrypted/decoded, so that the memory device 20 can be improved in memory. The confidentiality of the established information.

<2.第2實施形態><2. Second embodiment>

其次,對本發明第2實施形態進行說明。關於上述第2實施形態之記憶體資訊保護系統1B,除包括亂數生成部之部分外,其餘具有與記憶體資訊保護系統1A幾乎相同之構造及功能,對於共通之部分附加相同之元件符號並省略說明。圖6係表示第2實施形態記憶體資訊保護系統1B之功能構成之方塊圖。Next, a second embodiment of the present invention will be described. The memory information protection system 1B of the second embodiment has almost the same structure and function as the memory information protection system 1A except for the portion including the random number generating unit, and the same component symbol is added to the common portion. The description is omitted. Fig. 6 is a block diagram showing the functional configuration of the memory information protection system 1B of the second embodiment.

如圖6所示,記憶體資訊保護系統1B之資訊處理裝置10B包括全體控制部100B、與第1實施形態相同之記憶體控制部110B及與第1實施形態相同之介面部120。As shown in FIG. 6, the information processing device 10B of the memory information protection system 1B includes the entire control unit 100B, the memory control unit 110B similar to that of the first embodiment, and the dielectric surface portion 120 similar to that of the first embodiment.

全體控制部100B主要包括CPU、RAM及ROM等,除命令生成部101、資料取得部102及命令發佈檢測部103以外,其進一步功能性地實現亂數生成部104與控制暫存器部105。The overall control unit 100B mainly includes a CPU, a RAM, a ROM, and the like. The command generation unit 101, the data acquisition unit 102, and the command distribution detection unit 103 further functionally realize the random number generation unit 104 and the control register unit 105.

亂數生成部104,具有當資訊處理裝置10B之啟動時根據虛擬亂數生成演算法而生成亂數值之功能。The random number generating unit 104 has a function of generating a random number based on a virtual random number generating algorithm when the information processing apparatus 10B is activated.

亂數生成部104中所生成之亂數值被發送至命令生成部101。取得亂數值之命令生成部101亦生成包含亂數值之命令(亦稱為「亂數儲存命令」)。又,亂數生成部104中所生成之亂數值經由控制暫存器部105發送至密鑰生成部112。The random number generated by the random number generating unit 104 is sent to the command generating unit 101. The command generation unit 101 that obtains the random number also generates a command including a random number (also referred to as a "random storage command"). Further, the random number generated by the random number generating unit 104 is transmitted to the key generating unit 112 via the control register unit 105.

記憶體控制部110B之密鑰生成部112具有自較記憶體控制部110B更靠近外部之全體控制部100B取得亂數值之功能,且於初始化時根據硬體密鑰111與亂數值生成初始密鑰資訊。The key generation unit 112 of the memory control unit 110B has a function of acquiring a random number from the entire control unit 100B that is closer to the outside than the memory control unit 110B, and generates an initial key based on the hardware key 111 and the random number at the time of initialization. News.

此處,對記憶體資訊保護系統1B之動作進行說明。圖7係表示記憶體資訊保護系統1B啟動後之初始動作之流程圖。圖7中,左側係表示資訊處理裝置10B之動作之流程圖,右側係表示記憶體裝置20之動作之流程圖。Here, the operation of the memory information protection system 1B will be described. Fig. 7 is a flow chart showing the initial operation of the memory information protection system 1B after activation. In FIG. 7, the left side shows a flowchart of the operation of the information processing apparatus 10B, and the right side shows a flowchart of the operation of the memory apparatus 20.

記憶體裝置20安裝於資訊處理裝置10B,當對資訊處理裝置10B接通電源後,開始系統之動作。The memory device 20 is mounted on the information processing device 10B, and when the information processing device 10B is powered on, the operation of the system is started.

具體而言,如圖7所示,於資訊處理裝置10B中,於步驟SP51中,藉由亂數生成部104生成亂數值。Specifically, as shown in FIG. 7, in the information processing device 10B, in step SP51, the random number generating unit 104 generates a random number.

於下一步驟SP52中,藉由命令生成部101,生成包含亂數值之亂數儲存命令,並對記憶體裝置20發佈亂數儲存命令。In the next step SP52, the command generation unit 101 generates a random number storage command including a random number, and issues a random number storage command to the memory device 20.

而且,於步驟SP101中,進行密鑰生成部112之初始化,並根據硬體密鑰111與亂數值生成初始密鑰資訊。Further, in step SP101, initialization of the key generation unit 112 is performed, and initial key information is generated based on the hardware key 111 and the hash value.

於步驟SP102中,使用初始密鑰資訊進行資料轉換電路113之初始化。In step SP102, initialization of the material conversion circuit 113 is performed using the initial key information.

於步驟SP103中,藉由命令生成部101生成初始化命令,對記憶體裝置20發佈初始化命令。而且,於初始化命令發佈後,於資料轉換電路113中使加密/解碼功能有效接通(ON)。藉此,於資料轉換電路113中,可使用初始密鑰資訊而進行資料之加密/解碼。In step SP103, the command generating unit 101 generates an initialization command to issue an initialization command to the memory device 20. Further, after the initialization command is issued, the encryption/decoding function is effectively turned "ON" in the material conversion circuit 113. Thereby, in the data conversion circuit 113, the encryption/decoding of the data can be performed using the initial key information.

另一方面,於記憶體裝置20中,當電源供給開始後,於步驟SP61中,藉由命令判別部214判定亂數儲存命令之輸入有無。當命令判別部214判定已輸入有亂數儲存命令時,動作步驟過渡至步驟SP62。On the other hand, in the memory device 20, after the power supply is started, in step SP61, the command determining unit 214 determines the presence or absence of the input of the random number storage command. When the command determination unit 214 determines that the random number storage command has been input, the operation procedure transits to step SP62.

於步驟SP62中,命令判別部214自亂數儲存命令中抽取亂數值,並將該亂數值發送至密鑰生成部212。In step SP62, the command determination unit 214 extracts the hash value from the random number storage command, and transmits the random number to the key generation unit 212.

於下一步驟SP201中,藉由命令判別部214判定初始化命令之輸入有無。若命令判別部214判定為已輸入有初始化命令,則動作步驟過渡至步驟SP202。In the next step SP201, the command determining unit 214 determines whether or not the input of the initialization command is present. When the command determination unit 214 determines that the initialization command has been input, the operation proceeds to step SP202.

於步驟SP202中,進行密鑰生成部212之初始化,並根據硬體密鑰211及亂數值生成初始密鑰資訊。In step SP202, initialization of the key generation unit 212 is performed, and initial key information is generated based on the hardware key 211 and the hash value.

於步驟SP203中,使用初始密鑰資訊進行資料轉換電路213之初始化。藉此,於資料轉換電路213中,可使用初始密鑰資訊進行資料之加密或解碼。In step SP203, initialization of the material conversion circuit 213 is performed using the initial key information. Thereby, in the data conversion circuit 213, the initial key information can be used to encrypt or decode the data.

於資訊處理裝置10B及記憶體裝置20中,當上述初始動作結束後,執行與第1實施形態之資訊處理裝置10A及記憶體裝置20各自之動作(參照圖5)相同之動作。In the information processing device 10B and the memory device 20, after the initial operation is completed, the same operations as those of the information processing device 10A and the memory device 20 of the first embodiment (see FIG. 5) are performed.

如以上,於記憶體資訊保護系統1B中,分別於資訊處理裝置10B及記憶體裝置20中,根據相同之亂數值生成最初之初始密鑰資訊。藉此,可避免每當啟動時生成相同之初始密鑰資訊,因此可使第三者對硬體密鑰111、211之特定變得更困難。As described above, in the memory information protection system 1B, the first initial key information is generated based on the same hash value in the information processing device 10B and the memory device 20, respectively. Thereby, it is possible to avoid generating the same initial key information every time it is started, so that the third party can make the specificity of the hardware keys 111, 211 more difficult.

再者,密鑰生成部112、212具有加密電路,使用串流加密方式或者區塊加密方式進行加密,於生成密鑰資訊之構成之情形時,密鑰生成部112、212透過該加密而根據硬體密鑰111及亂數值生成新的密鑰資訊。Further, the key generation units 112 and 212 have an encryption circuit and perform encryption using a stream encryption method or a block encryption method. When the key information is configured, the key generation units 112 and 212 transmit the encryption according to the encryption. The hardware key 111 and the hash value generate new key information.

<3.變形例><3. Modifications>

以上,已對本發明之實施形態進行說明,但本發明並不受限於上述說明之內容。Although the embodiments of the present invention have been described above, the present invention is not limited to the above description.

例如,於上述各實施形態中,已例示資訊處理裝置10A、10B與記憶體裝置20中用於密鑰生成之硬體構成為共通之情形,但並不受限於此。具體而言,只要可生成共通之密鑰資訊,則資訊處理裝置10A、10B與記憶體裝置20中用於密鑰生成之硬體構成亦可不同。For example, in each of the above-described embodiments, the information processing apparatuses 10A and 10B and the hardware for the key generation in the memory device 20 are configured to be common, but are not limited thereto. Specifically, as long as the common key information can be generated, the information processing apparatuses 10A and 10B and the hardware configuration for the key generation in the memory device 20 may be different.

又,於上述各實施形態中,已例示資訊處理裝置10A、10B及記憶體裝置20分別各包括一個硬體密鑰111、211之情形,但並不受限於此。具體而言,亦可包括複數個硬體密鑰。圖8係表示變形例記憶體資訊保護系統1H之功能構成之方塊圖。Further, in each of the above embodiments, the case where the information processing apparatuses 10A, 10B and the memory device 20 each include one hardware key 111, 211 has been exemplified, but the present invention is not limited thereto. Specifically, a plurality of hardware keys may also be included. Fig. 8 is a block diagram showing the functional configuration of a memory information protection system 1H according to a modification.

例如,如圖8所示,記憶體資訊保護系統1H之記憶體控制部110H包括第1硬體密鑰151、第2硬體密鑰152、密鑰生成部112H及資料轉換電路113H。For example, as shown in FIG. 8, the memory control unit 110H of the memory information protection system 1H includes a first hardware key 151, a second hardware key 152, a key generation unit 112H, and a material conversion circuit 113H.

於密鑰生成部112H中,初始化時根據第2硬體密鑰152生成初始密鑰資訊。又,於初始密鑰資訊生成後,根據密鑰生成指示而使初始密鑰資訊依序移位,藉此生成新的密鑰資訊。The key generation unit 112H generates initial key information based on the second hardware key 152 at the time of initialization. Further, after the initial key information is generated, the initial key information is sequentially shifted according to the key generation instruction, thereby generating new key information.

於資料轉換電路113H中,根據第1硬體密鑰151及由密鑰生成部112所生成之密鑰資訊進行資料轉換電路113H之初始化,並進行用於加密/解碼的密鑰資訊之更新。The data conversion circuit 113H initializes the data conversion circuit 113H based on the first hardware key 151 and the key information generated by the key generation unit 112, and updates the key information for encryption/decoding.

又,記憶體資訊保護系統1H之記憶體內控制部210H亦包括第1硬體密鑰153、第2硬體密鑰154、密鑰生成部212H及資料轉換電路213H。The memory control unit 210H of the memory information protection system 1H also includes a first hardware key 153, a second hardware key 154, a key generation unit 212H, and a data conversion circuit 213H.

於密鑰生成部212H中,初始化時根據第2硬體密鑰154生成初始密鑰資訊。又,於初始密鑰資訊生成後,根據密鑰生成指示使初始密鑰資訊依序移位,藉此生成新的密鑰資訊。The key generation unit 212H generates initial key information based on the second hardware key 154 at the time of initialization. Moreover, after the initial key information is generated, the initial key information is sequentially shifted according to the key generation instruction, thereby generating new key information.

於資料轉換電路213H中,根據第1硬體密鑰153及由密鑰生成部212H生成之密鑰資訊進行資料轉換電路213H之初始化,並進行用於加密/解碼的密鑰資訊之更新。The data conversion circuit 213H initializes the data conversion circuit 213H based on the first hardware key 153 and the key information generated by the key generation unit 212H, and updates the key information for encryption/decoding.

如此,記憶體資訊保護系統1H中之資訊處理裝置10H及記憶體裝置20H係分別使用兩個硬體密鑰而生成用於加密/解碼之密鑰資訊。藉此,可使第三者對於硬體密鑰之特定變得更困難。As described above, the information processing device 10H and the memory device 20H in the memory information protection system 1H generate key information for encryption/decoding using two hardware keys, respectively. Thereby, it is possible to make the third party more difficult to specify the hardware key.

又,於上述第2實施形態之亂數生成部104中,係以計算機演算法所產生之虛擬亂數作為亂數值而使用,但不受限於此,亦可將根據物理現象等產生之真亂數作為亂數值使用。Further, in the random number generating unit 104 of the second embodiment, the virtual random number generated by the computer algorithm is used as the random number. However, the present invention is not limited thereto, and may be generated based on physical phenomena or the like. The random number is used as a random number.

1A、1B、1H...記憶體資訊保護系統1A, 1B, 1H. . . Memory information protection system

10A、10B、10H...資訊處理裝置10A, 10B, 10H. . . Information processing device

20、20H...記憶體裝置20, 20H. . . Memory device

100A、100B...全體控制部100A, 100B. . . All control department

101...命令生成部101. . . Command generation unit

102...資料取得部102. . . Data acquisition department

103...命令發佈檢測部103. . . Command release detection department

104...亂數生成部104. . . Random number generation department

105...控制暫存器部105. . . Control register

110A、110B、110H...記憶體控制部110A, 110B, 110H. . . Memory control unit

111、211...硬體密鑰111, 211. . . Hardware key

112、212、112H、212H...密鑰生成部112, 212, 112H, 212H. . . Key generation unit

113、213、113H、213H...資料轉換電路113, 213, 113H, 213H. . . Data conversion circuit

151、153...第一硬體密鑰151, 153. . . First hardware key

152、154...第二硬體密鑰152, 154. . . Second hardware key

120、220...介面部120, 220. . . Face

200...記憶部200. . . Memory department

210、210H...記憶體內控制部210, 210H. . . Memory control unit

214...命令判別部214. . . Command discriminating unit

D1、D2...讀出資料D1, D2. . . Read data

K1、K2、K3...密鑰資訊K1, K2, K3. . . Key information

st1~st8...狀態St1~st8. . . status

Y...是Y. . . Yes

N...否N. . . no

圖1係表示記憶體資訊保護系統之外觀構成之圖。Fig. 1 is a view showing the appearance of a memory information protection system.

圖2係表示第1實施形態記憶體資訊保護系統之功能構成之方塊圖。Fig. 2 is a block diagram showing the functional configuration of the memory information protection system of the first embodiment.

圖3係表示資料讀出時記憶體資訊保護系統之狀態轉變之圖。Figure 3 is a diagram showing the state transition of the memory information protection system at the time of data reading.

圖4係表示第1實施形態記憶體資訊保護系統之動作之流程圖。Fig. 4 is a flow chart showing the operation of the memory information protection system of the first embodiment.

圖5係表示第1實施形態記憶體資訊保護系統之動作之流程圖。Fig. 5 is a flow chart showing the operation of the memory information protection system of the first embodiment.

圖6係表示第2實施形態記憶體資訊保護系統之功能構成之方塊圖。Fig. 6 is a block diagram showing the functional configuration of the memory information protection system of the second embodiment.

圖7係表示第2實施形態記憶體資訊保護系統啟動後之初始動作之流程圖。Fig. 7 is a flow chart showing the initial operation of the memory information protection system after the activation of the second embodiment.

圖8係表示變形例記憶體資訊保護系統之功能構成之方塊圖。Fig. 8 is a block diagram showing the functional configuration of a memory information protection system according to a modification.

1A...記憶體資訊保護系統1A. . . Memory information protection system

10A...資訊處理裝置10A. . . Information processing device

20...記憶體裝置20. . . Memory device

100A...全體控制部100A. . . All control department

101...命令生成部101. . . Command generation unit

102...資料取得部102. . . Data acquisition department

103...命令發佈檢測部103. . . Command release detection department

110A...記憶體控制部110A. . . Memory control unit

111、211...硬體密鑰111, 211. . . Hardware key

112、212...密鑰生成部112, 212. . . Key generation unit

113、213...資料轉換電路113, 213. . . Data conversion circuit

120、220...介面部120, 220. . . Face

200...記憶部200. . . Memory department

210...記憶體內控制部210. . . Memory control unit

214...命令判別部214. . . Command discriminating unit

Claims (8)

一種記憶體控制器,其包括:密鑰(key)生成手段,於每既定時序,生成新的用於資訊之加密/解碼之密鑰資訊;資料轉換手段,根據上述密鑰資訊對輸出至記憶有既定資訊之記憶體裝置之資訊進行加密,同時根據上述密鑰資訊對自上述記憶體裝置所輸入之經加密的上述既定資訊進行解碼;由硬體所實現之固定硬體密鑰;及取得外部所生成亂數值之亂數取得手段,其中,於上述資料轉換手段中,每當上述密鑰生成手段生成新的密鑰資訊時,則進行將該新的密鑰資訊作為上述密鑰資訊的密鑰資訊更新,上述密鑰生成手段係包括於每上述既定時序使構成上述密鑰資訊之位元串移位而生成上述新的密鑰資訊之移位手段,上述密鑰生成手段係於上述記憶體控制裝置之啟動時,使用上述硬體密鑰與上述亂數值而生成初始密鑰資訊,及上述新的密鑰資訊係經由於每上述既定時序使構成上述初始密鑰資訊之位元串依序移位而取得。 A memory controller includes: a key generation means for generating a new key information for encrypting/decoding information at a predetermined timing; and a data conversion means for outputting to the memory according to the key information pair The information of the memory device having the predetermined information is encrypted, and the encrypted predetermined information input from the memory device is decoded according to the key information; the fixed hardware key implemented by the hardware; The random number acquisition means for generating the random number generated by the external data, wherein in the data conversion means, each time the key generation means generates new key information, the new key information is used as the key information. The key information update means includes means for shifting a bit string constituting the key information to generate the new key information every predetermined time sequence, wherein the key generation means is When the memory control device is activated, the initial key information is generated using the hardware key and the random number, and the new key information is passed through each Said predetermined timing so that said initial key bit sequence constituting the information acquired sequentially shifted. 如申請專利範圍第1項之記憶體控制器,其中,上述移位手段係包含移位暫存器。 The memory controller of claim 1, wherein the shifting means comprises a shift register. 一種記憶體控制裝置,其係包括申請專利範圍第1或2項之記憶體控制器。 A memory control device comprising the memory controller of claim 1 or 2. 一種記憶體裝置,其包括:指示手段,於每既定時序,指示生成用於資訊之加密/解碼之密鑰資訊;密鑰生成手段,根據上述生成指示生成新的上述密鑰資訊;記憶手段,記憶有既定資訊;及資料轉換手段,根據上述密鑰資訊對上述既定資訊中作為讀出對象之資訊進行加密,同時根據上述密鑰資訊對自外部裝置所輸入之經加密的資訊進行解碼,其中,於上述資料轉換手段中,每當上述密鑰生成手段生成新的密鑰資訊時,則進行將該新的密鑰資訊作為上述密鑰資訊的密鑰資訊更新,上述指示手段係根據自上述外部裝置之初始化命令輸入,進行上述密鑰生成手段之初始化指示,上述密鑰生成手段係包括於每上述既定時序使構成上述密鑰資訊之位元串移位而生成上述新的密鑰資訊之移位手段,上述記憶體裝置取得由上述外部裝置所生成之亂數值,上述密鑰生成手段係根據上述初始化指示,使用上述硬體密鑰與上述亂數值而生成初始密鑰資訊,及 上述新的密鑰資訊係經由根據上述生成指示使構成上述初始密鑰資訊之位元串依序移位而取得。 A memory device includes: an indication means for generating key information for encrypting/decoding information at each predetermined time; a key generation means for generating a new key information according to the generation instruction; a memory means, The memory has predetermined information; and the data conversion means encrypts the information as the read object in the predetermined information according to the key information, and decodes the encrypted information input from the external device according to the key information, wherein In the above data conversion means, each time the key generation means generates new key information, the new key information is updated as the key information of the key information, and the indication means is based on the above The initialization command input of the external device performs an initialization instruction of the key generation means, and the key generation means includes shifting a bit string constituting the key information to generate the new key information every predetermined time sequence. a shifting means, wherein the memory device acquires a random number generated by the external device, the key Generating means generating initial key information by using the hardware key and the random value according to the initialization instruction, and The new key information is obtained by sequentially shifting the bit strings constituting the initial key information in accordance with the generation instruction. 如申請專利範圍第4項之記憶體裝置,其中,上述移位手段係包含移位暫存器。 The memory device of claim 4, wherein the shifting means comprises a shift register. 如申請專利範圍第4或5項之記憶體裝置,其中,上述指示手段係根據自上述外部裝置之命令輸入,進行上述生成指示。 The memory device of claim 4, wherein the instruction means inputs the generation instruction based on a command input from the external device. 一種記憶體資訊保護系統,其包括記憶體裝置,記憶有既定資訊;及記憶體控制裝置,與上述記憶體裝置相對應;而上述記憶體控制裝置包括:第1密鑰生成手段,於每既定時序,生成新的用於資訊之加密/解碼之第1密鑰資訊;及第1資料轉換手段,根據上述第1密鑰資訊對輸出至上述記憶體裝置之資訊進行加密,同時根據上述第1密鑰資訊對自上述記憶體裝置所輸入之經加密的資訊進行解碼;於上述第1資料轉換手段中,每當上述第1密鑰生成手段生成新的第1密鑰資訊時,則進行將該新的第1密鑰資訊作為上述第1密鑰資訊的密鑰資訊更新,上述記憶體裝置包括:第2密鑰生成手段,與上述既定時序同步,生成與上述第1密鑰資訊相同之新的第2密鑰資訊; 記憶手段,記憶有既定資訊;及第2資料轉換手段,根據上述第2密鑰資訊對上述既定資訊中作為讀出對象之資訊進行加密,同時根據上述第2密鑰資訊對自上述記憶體控制裝置所輸入之經加密的資訊進行解碼;於上述第2資料轉換手段中,每當上述第2密鑰生成手段生成新的第2密鑰資訊時,則進行將該新的第2密鑰資訊作為上述密鑰資訊的密鑰資訊更新。 A memory information protection system includes a memory device that memorizes predetermined information; and a memory control device that corresponds to the memory device; and the memory control device includes: a first key generation means, each predetermined Timing, generating a new first key information for encrypting/decoding information; and first data conversion means for encrypting information output to the memory device based on the first key information, and according to the first The key information decodes the encrypted information input from the memory device; and in the first data conversion means, each time the first key generation means generates a new first key information, The new first key information is updated as key information of the first key information, and the memory device includes second key generation means that generates the same as the first key information in synchronization with the predetermined timing. New second key information; The memory means, the memory has the predetermined information; and the second data conversion means encrypts the information to be read in the predetermined information based on the second key information, and controls the memory from the memory according to the second key information Decoding the encrypted information input by the device; and in the second data conversion means, each time the second key generation means generates new second key information, the new second key information is performed The key information update as the above key information. 一種記憶體控制裝置之控制方法,其包括:a)於每既定時序,生成新的用於資訊之加密/解碼之密鑰資訊之步驟;b)根據上述密鑰資訊對輸出至記憶有既定資訊之記憶體裝置之資訊進行加密,同時根據上述密鑰資訊對自上述記憶體裝置所輸入之經加密的資訊進行解碼之步驟;c)取得由硬體所實現之固定硬體密鑰之步驟;及d)取得外部所生成亂數值之步驟;其中,於上述b)步驟中,每當在上述a)步驟生成新的密鑰資訊時,則進行將該新的密鑰資訊作為上述密鑰資訊的密鑰資訊更新,上述a)步驟係包括於每上述既定時序使構成上述密鑰資訊之位元串移位而生成上述新的密鑰資訊,上述a)步驟之生成密鑰資訊係包括於上述記憶體控制裝 置之啟動時,使用上述硬體密鑰與上述亂數值而生成初始密鑰資訊,及上述新的密鑰資訊係經由於每上述既定時序使構成上述初始密鑰資訊之位元串依序移位而取得。A method for controlling a memory control device, comprising: a) generating a new key information for encrypting/decoding information at each predetermined timing; b) generating a predetermined information according to the key information pair output to the memory The information of the memory device is encrypted, and the encrypted information input from the memory device is decoded according to the key information; c) the step of obtaining a fixed hardware key implemented by the hardware; And d) obtaining the externally generated hash value; wherein, in the step b) above, each time the new key information is generated in the step a), the new key information is used as the key information. The key information update, the a) step includes: shifting the bit string constituting the key information to generate the new key information at each of the predetermined timings, and the generating key information of the step a) is included in The above memory control device When the device is started, the initial key information is generated by using the hardware key and the random number, and the new key information is sequentially shifted by the bit string constituting the initial key information by each of the predetermined timings. Obtained by bit.
TW099111023A 2009-04-14 2010-04-09 Memory controller, memory control device, memory device, memory information protection system, and method of controlling a memory control device TWI489280B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
JP2009097829A JP5564194B2 (en) 2009-04-14 2009-04-14 Memory controller, memory control device, and memory device

Publications (2)

Publication Number Publication Date
TW201040723A TW201040723A (en) 2010-11-16
TWI489280B true TWI489280B (en) 2015-06-21

Family

ID=43312743

Family Applications (1)

Application Number Title Priority Date Filing Date
TW099111023A TWI489280B (en) 2009-04-14 2010-04-09 Memory controller, memory control device, memory device, memory information protection system, and method of controlling a memory control device

Country Status (2)

Country Link
JP (1) JP5564194B2 (en)
TW (1) TWI489280B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6162556B2 (en) * 2013-09-18 2017-07-12 株式会社メガチップス Storage device and information processing system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6307940B1 (en) * 1997-06-25 2001-10-23 Canon Kabushiki Kaisha Communication network for encrypting/deciphering communication text while updating encryption key, a communication terminal thereof, and a communication method thereof
TW200629068A (en) * 2004-09-10 2006-08-16 Ibm An integrated circuit chip for encryption and decryption having a secure mechanism for programming ON-chip hardware
US20060282898A1 (en) * 2003-08-05 2006-12-14 Matsushita Electric Industrial Co., Ltd. Copyright protection system
US20070136407A1 (en) * 2005-12-08 2007-06-14 Intel Corporation Scheme for securing locally generated data with authenticated write operations
US20080260159A1 (en) * 2007-04-18 2008-10-23 Hitachi, Ltd. Computer system, storage system, and data management method for updating encryption key
TW200845689A (en) * 2007-03-28 2008-11-16 Intel Corp Flexible architecture and instruction for advanced encryption standard (AES)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3358953B2 (en) * 1996-09-17 2002-12-24 アイオニクス沖縄株式会社 Pseudo-random bit string generator and cryptographic communication method using the same
JP2002300151A (en) * 2001-03-29 2002-10-11 Fujitsu Fip Corp Encryption key management method, encryption key management program, and recording medium
JP2003249929A (en) * 2001-12-20 2003-09-05 Nti:Kk Communication equipment
JP4314986B2 (en) * 2003-12-08 2009-08-19 ソニー株式会社 Recording / reproducing apparatus and recording / reproducing method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6307940B1 (en) * 1997-06-25 2001-10-23 Canon Kabushiki Kaisha Communication network for encrypting/deciphering communication text while updating encryption key, a communication terminal thereof, and a communication method thereof
US20060282898A1 (en) * 2003-08-05 2006-12-14 Matsushita Electric Industrial Co., Ltd. Copyright protection system
TW200629068A (en) * 2004-09-10 2006-08-16 Ibm An integrated circuit chip for encryption and decryption having a secure mechanism for programming ON-chip hardware
US20070136407A1 (en) * 2005-12-08 2007-06-14 Intel Corporation Scheme for securing locally generated data with authenticated write operations
TW200845689A (en) * 2007-03-28 2008-11-16 Intel Corp Flexible architecture and instruction for advanced encryption standard (AES)
US20080260159A1 (en) * 2007-04-18 2008-10-23 Hitachi, Ltd. Computer system, storage system, and data management method for updating encryption key

Also Published As

Publication number Publication date
TW201040723A (en) 2010-11-16
JP5564194B2 (en) 2014-07-30
JP2010250472A (en) 2010-11-04

Similar Documents

Publication Publication Date Title
KR101397637B1 (en) Method and apparatus including architecture for protecting multi-user sensitive code and data
TWI489848B (en) Method of processing content in a client computing device, computing device, and non-transitory machine-readable storage media
WO2010119784A1 (en) Memory controller, memory control device, memory device, memory information protection system, control method for memory control device, and control method for memory device
TW480397B (en) Secure memory
EP1273996B1 (en) Secure bootloader for securing digital devices
TW200921389A (en) Method and apparatus of providing the security and error ocrrection capability for memory storage devices
TW200913627A (en) Method and system for electronically securing an electronic device using physically unclonable functions
TW200949677A (en) Microprocessor having secure non-volatile storage access
JP2008530663A (en) Microprocessor data security method and system
JP2003256282A (en) Memory card
JP5736994B2 (en) Information processing apparatus, validity verification method, and program
TWI570590B (en) Dynamic encryption keys for use with xts encryption systems employing reduced-round ciphers
EP2005356A1 (en) Authentication of a request to alter at least one of a bios and a setting associated with the bios
JP2007304847A (en) Memory device
TWI489280B (en) Memory controller, memory control device, memory device, memory information protection system, and method of controlling a memory control device
US20160182225A1 (en) Secure Method for Processing Content Stored Within a Component, and Corresponding Component
WO2006051639A1 (en) Semiconductor memory device
CN113343215A (en) Embedded software authorization and authentication method and electronic equipment
TWI484336B (en) Memory device and method of controlling a memory device
WO2007059701A1 (en) A system encrypting method adopting a multiple use supplementary single-chip microcomputer
JP2014135774A (en) Memory controller, memory control device, memory device, memory information protection system and control method of memory control device
JP2005354602A (en) Data memory device and encryption device
JP6521499B2 (en) Cryptographic processing apparatus, semiconductor memory and memory system
JP2011053909A (en) Information processor incorporating control function for security management of password
TW200928849A (en) A method for keyloggers resistant keyboard