JPH11282756A - Secret data management method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To enable an illegal action to software to be prevented by managing secret data of a computer and also to smoothly process its maintenance. SOLUTION: In a signal processing means such as a micro processor having a secret memory 5 so as to hold secret data, reading of the secret data written in this secret memory to outside is completely prohibited and it is decided whether these secret data match reference data to be compared with these secret data. And further, when the secret data is updated or erased, the data which is the same to the object data has to be provided. Also, by storing a password in accordance with the secrete data, this password becomes a substitute for an address of the secret data.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a data management method for a memory for enhancing the confidentiality of data to be recorded.
In particular, by managing the secret data of the computer,
The present invention relates to a management method capable of preventing software misconduct and smoothly processing the storage of such secret data.

[0002]

2. Description of the Related Art Conventionally, as this kind of secret data management method, there is a method of using a management system for bad sectors on a hard disk and storing this secret data in virtual bad sectors. there were.

[0003]

However, in such a data management method, it is possible for a person having specialized knowledge to falsify such secret data. It was necessary to build a highly secure system.

[0004]

In signal processing means such as a microprocessor having a secret memory for holding secret data, reading out of the secret data written in the secret memory is completely prohibited. Then, it is determined whether or not the secret data matches the reference data to be compared.

Further, when this secret data is updated or erased, it becomes possible only when the same data as the target secret data is prepared. Also, by storing an identification code such as a password in correspondence with secret data, the identification code can be stored.
Is a substitute for the address of the secret data.

[0006] Further, it holds an identification code such as a password set corresponding to the application software to be executed, and stores a secret value generated each time the execution of the application software ends. At the same time as writing to the relevant file of the application software and storing it in the external memory, it is also stored in the secret memory so as to be identifiable by the identification code. Collate.

[0007]

FIG. 1 is a block diagram showing an embodiment of the present invention. In FIG. 1, reference numeral 1 denotes a microprocessor (hereinafter referred to as CMP) having an encryption function, which is constituted by one chip. I have. Two of them are central processing units (hereinafter referred to as CPUs).
3) indicates a control unit. The control unit 3 receives a command signal s1 from the CPU 2 and
An operation command signal s2 for instructing the operation of the scramble code generator 6 to be turned on and off, and an operation command signal s3 for instructing the encryption / decryption function of the encryption processor 7 to execute and stop, respectively, are output.

[0008] This CMP1 has a unique secret key Ksmp. This is stored in a built-in storage register 10 and serves as a key for the decryption unit 9 to decrypt the permit code obtained by encrypting the work key Ksf with the public key Kpmp corresponding to the secret key as described later. This secret key Ksmp is known only by the manufacturer of the CMP, and is not allowed to appear outside the CMP and cannot be known by a third party such as a user. Conversely, the public key Kpmp is The information is notified to the user at the time of acquisition and can be known by all. The work key Ksf decrypted here is stored in the storage register 8.

An address bus 16 and a data bus 12 connected to the CMP 1 are connected via an I / O bus 20 to a main memory 21, a hard disk 22, a CD-ROM 23, a floppy disk 24, and a modem 25. Connected to input / output port.

On the other hand, inside the CMP 1, the address bus 16 is connected to the address port 18 of the CPU 2, the control unit 3, the offset register 4, and the scramble code generator 6, and the data bus 12 is connected to the encryption processor 7, It is connected to a data port 17 of the CPU 2 via a circuit 11.

The offset register 4 receives the fetched signal s4 output from the CPU 2, and outputs
The PU 2 fetches and stores head address data indicating the head position of data when reading and writing data from and to the main memory 21, and outputs the head address data to the scramble code generator 6. The scramble code generator 6 stores the start address data and the address bus 1 as described later.
The scramble code F (Re) generated on the basis of the address data inputted from 6 is output to the adder 11 via the signal path 13.

The adder 11 receives the scramble code F (R
e) and an exclusive OR operation of the data input from one of the data paths 14 and 15 is performed, and the result is output to the other data path. Perform data scramble and descramble.

Here, the contents of encryption, decryption, and de-task ramble performed on data in each section of FIG. 1 will be further described. The two encryption schemes used here, the common key scheme and the public key scheme, are general, and detailed descriptions thereof will be omitted, but their description methods used in the text will be described.

In the common key system, a secret key Kab is used when encrypting data D, and the data encrypted by this is used.
Are labeled Eab (D). In this case, if there is a secret key Kab, the encrypted data described as Eab (D) can be decrypted and the data D can be extracted again.

On the other hand, in the public key system, data D is encrypted using a public key Kpab,
The encrypted data thus encrypted is transmitted to Epab (D).
It is labeled. In this case, the decryption of the encrypted data can be performed only by the secret key Ksab corresponding to the public key Kpab.

That is, in the common key system, one secret key Kab
The data is encrypted and decrypted by the public key method. In the public key method, only the data can be encrypted with the public key Kpab which is made public, and the private key Ksab is used for the decryption. Do.

Next, the principle of the present embodiment showing an example of a de-task ramble performed by an address will be described. For simplicity, it is assumed that when data D is written to the storage means, it is performed in units of one byte, and processing is performed in correspondence with the address Ad for each unit. The data to be encrypted and scrambled is placed in a continuous area in the main memory 21, and a set of this series of continuous data is called a data group. One program or data
The data is usually composed of one or more data groups, but scrambling is processed for each data group.

Hereinafter, for the sake of simplicity, it is assumed that programs and data are composed of one data group. Therefore, the data group DX is denoted as a set of data strings of 1-byte data, D1, D2,.
dX is denoted as a set of addresses Ad1, Ad2,..., AdN assigned to these 1-byte data.

Therefore, each address Adi of the continuous data
(I = 1, 2,... N) can be expressed as Adi = To + Rei, where To is the start address (usually To = Ad1) and Rei is the relative address indicating the relative position from this start address. The offset register 4 in FIG. 1 stores the start address To.

On the other hand, the scramble code generator 6 calculates the relative address Rei from the sequentially input address Adi and the start address To, and corresponds to this value on a one-to-one basis. Scramble code F (R
ei). The set of scramble codes generated in this way is denoted as F (ReX). The adder 11 performs an exclusive logic operation on 1-byte data sequentially input from one of the data paths 14 and 15 and a scramble code F (Rei) input corresponding to the address of the data. The sum data is output to the other data path.

Therefore, for example, a process when the data D1 output from the CPU 2 is stored in the main memory 21 will be described. At this time, the data D1, for example, (1001000)
1) is output, and an address Ad1 specifying the address of this data is output. The adder 11 receives the data and the scramble code F (Re1) generated corresponding to the relative address Re1 calculated from the designated address at this time, for example, (11001100). The exclusive OR (01011101) is output to the cryptographic processor 7.

The data scrambled by the exclusive OR of the data Di and the scramble code F (Rei) is described in FIG. 1 as (Di (+) F (Rei)). . Therefore, as can be seen from this figure, the data path 14 is a path for scrambled data.

Next, as an example of releasing the scrambled data, consider a process when the CPU 2 reads the data D1. At this time, it is understood that the address Ad1 is output as data for reading out the data D1, and the scrambling code F (Re1) is output from the scrambling code generator 6 accordingly.

Accordingly, the adder 11 at this time outputs the data path 1
The data of the scrambled (D1 (+) F (Re1)) appearing in FIG.
Data sequence of data sequence (01011101) and scramble code F (Re1)
The exclusive OR (10010001) with (11001100), that is, the original data D1 before descrambling is output to the CPU 2.

As described above, the adder 11 takes the exclusive OR of the data D1 and the corresponding scramble code F (Re1) and scrambles the data (D1 (+) F (Re1)). )
To obtain the original data D1 before descrambling by taking the exclusive OR of this data (D1 (+) F (Re1)) and the scramble code F (Re1). It is understood to work.

Next, a description will be given mainly of a preparation process until the encrypted and scrambled application software is obtained in accordance with the execution preparation flow of FIG. I do. The application software at this time is represented by a data group DapX. As described above, the application software is scrambled by the scramble code F (ReX) generated corresponding to the data group DapX, and the work key Ksf2 of the common key system is used. The application software encrypted by is represented by Esf2 (DapX (+) F (ReX)).

The work key Ksf2 corresponds to the secret key of the above-mentioned common key system, but is hereinafter referred to as a work key to distinguish it from the secret key of the public key system. The work key Ksf2 set here is the same as the application key.
The application key is provided exclusively by the application software supplier, and the work key Ksf2 cannot be used to decrypt other application software.

As shown in FIG. 10, the encrypted application software Esf2 (DapX (+) F (ReX)) is an unencrypted start-up process for managing a permit code to be described later. It is supplied from the software supplier as distribution software paired with the program.

When an execution command for a desired application software is received by input means (not shown) (step 1),
First, the CPU 2 stops the output of the scramble code generator 6 and outputs a command signal s1 for stopping the decryption function of the encryption processor 7 (step 2). Then, in the next step 3, the distribution software is loaded into the main memory 21, and the startup processing program is read and executed by the CPU 2.

When the encrypted application software Esf2 (DapX (+) F (ReX)) is loaded into the main memory, the top address To specified in the main memory 21 depends on the management status. However, as described above, the subsequent addresses are continuously specified, and the relative address group indicating the relative position from the start address To at this time is the relative address group R used at the time of scrambling.
The data is the same as eX.

As means for supplying the distribution software, a method using a hard disk 22, a CD-ROM 23, a floppy disk 24, a modem 25 and the like can be considered, and the method used is a commonly used method. The detailed description is omitted here.

The following steps 4 to 10 are executed in accordance with the currently executed start-up processing program. In the next step 4, the work key Ksf2 dedicated to the encrypted application software is encrypted with the public key Kpmp. Check whether the mit code Epmp (Ksf2) is already stored in the hard disk 22. This public key Kpmp
Is the secret key Ksmp unique to the CMP1 shown in FIG.
And it is possible to decrypt only with this secret key Ksmp.

Therefore, in this case, the permit code Epm
p (Ksf2) is the work key encrypted with the public key, and the application software supplier supplies the CMP1
A public key Kpmp is obtained from the user and created. Step 4
If the permission code cannot be confirmed,
The user of P1 obtains this from the software supplier in some way (step 5), inputs the permit code into a dedicated file of the application software, and saves it on the hard disk 22. (Step 6). In this way, the input and storage of the permit code are normally performed by this activation processing program paired with the encrypted application software.

Next, the permit code Epmp (Ksf2)
Is confirmed (step 7), and the work key Ksf2 obtained by decrypting this with the secret key Ksmp stored in the built-in storage register 10 is stored in the storage register 8 (step 9).

Next, the CPU 2 restarts the output of the scramble code generator 6, and outputs a command signal s1 for activating the encryption / decryption function of the encryption processor 7 (step 1).
0). Then, the process proceeds to step 11, where the encrypted application software Esf2 (DapX (+) F (ReX)) stored in the main memory 21 is read into the CPU 2 and executed as necessary.

Therefore, at this time, the encrypted application software Esf2 (DapX (+) F (ReX)) is decrypted by the encryption processor 7 with the work key Ksf2 (DapX
(+) F (ReX)). As described above, the scramble code generated from the address data at this time is F (Re
X), and the adder 11 performs an exclusive OR operation on the application software and the descrambled application software Dap
X is output to the data port 17 of the CPU 2.

As described above, the application software having the address scrambled and encrypted is read into the CPU 2. The following advantages can be obtained by combining the application software and the permit code encrypted in this manner.

Advantages 1. The software supplier can use the supplied software only by a predetermined CMP. CMP
Because the private key Ksmp of the third party does not appear outside thereof and cannot be checked by a third party including a user. 2. The encrypted application software can be put on the market on a copyable medium such as a CD-ROM. Because the same kind of application software is encrypted with the same work key. 3. Different kinds of application software must be encrypted with dedicated work keys, but work keys that differ only by the type of application software may be prepared.

Next, the process of encrypting the data created by the user and once stored in the main memory 21 and storing it again in the main memory 21 will be described with reference to the flowchart of FIG. explain. In this case, it is assumed that the data is not encrypted at the stage of creating the data.

When this program is started, the data group DsX created by the user as described above is stored in the main memory 21 without being encrypted (step 21). Next, the CPU 2 operates a work key for encrypting the data group DsX by a common key system based on an instruction from a user input from input means (not shown) such as a keyboard. Kusr is determined (step 22), and this is output to the storage register 8 and stored.

Next, the CPU 2 stores the data in the main memory 21.
In order to read the data group DsX, the output of the scramble code generator 6 is stopped, and the command signal s1 for temporarily stopping the function of the encryption processor 7 is output (step 2).
5). At this time, the data group DsX is read by the CPU 2 as it is, but is read by addressing one byte at a time (step 26). At this stage, the first byte of data Ds1 is read by the CPU 2. Note that the data group Ds
X is denoted as a set of 1-byte data Ds1, Ds2,... DsN.

Next, the CPU 2 restarts the output of the scramble code generator 6 and outputs a command signal s1 for activating the decryption function of the encryption processor 7 (step 27). In this state, the CPU 2 reads the data D for one byte.
s1 is written into the main memory 21 again.

In the writing process, first, the exclusive OR of the scramble code F (Re1) output from the scramble code generator 6 corresponding to the address designating the address of the data and the data Ds1 is obtained. (Ds1 (+) F (Re1)) is used for address scrambling,
(Step 28). Note that the scramble code F (R
e1) is a scramble code F (Re1), F (Re2),... generated corresponding to each one-byte data of the data group DsX.
... corresponds to the first of F (ReN), and these sets are referred to as F (ReX)
It is labeled.

Further, this data (Ds1 (+) F (Re1)) is encrypted by the encryption processor 7 with the working key Kusr (step 28), and the state of Eusr (Ds1 (+) F (Re1)) is obtained. Is written to the main memory 21. Next, returning to step 24, the same encryption processing is repeated one byte at a time until the data group DsX to be encrypted ends.

When there is no more data DsX to be processed, the process proceeds to step 30, where a command signal s1 for stopping the output of the scramble code generator 6 and stopping the encryption function of the encryption processor 7 is output. And this main memory 2
The encrypted data written in 1 is stored in an auxiliary storage device such as an HD or FD (step 31), and this program is terminated.

If the cache memory 26 is provided in the data port 17 of the CPU 2, data to be input and output can be stored, and the encryption processing efficiency can be improved.
That is, in step 26, data of a plurality of bytes, for example, 100 bytes, is continuously read.
By successively scrambling and encrypting the data of 00 bytes, the switching process of each function of step 25 and step 27 can be omitted correspondingly.

In the above example, the process of encrypting the data created by the user has been described. However, the same process is used when the application software provider creates the encryption program. Can be processed. When encrypting the application software, the created application software is temporarily stored in the main memory 21 as a data group DapX, and the work key Ksf2 is set as a secret key of the common key system. 3, the encrypted application software Esf2 (D
apX (+) F (ReX)) can be stored in the auxiliary storage device.

In the case of the above embodiment, the case where the data is once created in the main memory in step 2 and then the encryption process is performed has been described. However, the data is directly encrypted in the process of creating the data. Output to memory. In this case, when the created data is output to the main memory, the data may be scrambled and encrypted for each byte in the process and stored in the main memory.

In the above-described embodiment, the start address of the group of addresses is described as being stored in the offset register 4. However, the present invention is not limited to this. Any reference value may be used as long as the relative address Rei can be derived.

Next, the operation of the secret memory 5 provided in the CMP 1 will be described. For this reason, an example will be described in which application software whose operating time is managed by a software supplier is loaded from the CD-ROM 23 and executed according to, for example, the respective flowcharts of FIGS.

Before describing these flowcharts, the essential points of the operation of the secret memory 5 will be described first to facilitate understanding. FIG. 9 shows the contents of the data stored in the secret memory 5, where the password Pw corresponding to the n kinds of application software executed by the CMP 1 on a one-to-one basis is stored. .

The password Pw may be any value as long as it is the only value in the secret memory 5, and will be described later with reference to FIG.
In the step 75 of the installation flow, an example is shown in which it is determined by the generated random numbers. The password Pw determined in this manner is stored in the secret memory 5 and also in the environment setting file of the application software during the installation, and the execution flow of FIG. Is used when the secret value Nra is collated in step 47 of FIG.

The secret value Nra is also updated by a random number or the like arbitrarily generated each time the execution of the application software is completed in step 57 of the execution flow of FIG. Time data file Ddat (Dd
at = Tre + Nra ') is stored in the hard disk 22 (step 59). Further, the secret value Nra 'updated here is converted into the secret value Nra identified in the memory by the password Pw corresponding to the running application software secured in the secret memory 5 in step 60. Will be overwritten. In the execution flows shown in FIGS.
In order to distinguish before and after the update of the secret value, the secret value before the update is indicated by Nra, and the secret value after the update is indicated by Nra '.

When the secret value is updated in step 60, the secret value Nra before the update of the secret memory 5 is collated in order to enhance security, as will be described later. Therefore, (Pw, Nra, Nra ') is prepared at the time of updating, and a new secret value Nra' is obtained only when Nra in the secret memory 5 identified by the password Pw matches Nra prepared for collation. Is rewritten. In this way, a simple change of Nra by a third party such as a user is prevented.

As described above, the secret value Nra is stored in the secret memory 5 and also stored in the hard disk 22 as the time data file Ddat, and these are collated each time the application software is executed. By doing,
Time data file D stored on the hard disk 22
You can check if dat has been tampered with by a third party.

For example, the user copies the time data file Ddat and reserves it separately in advance when the remaining time Tre is sufficient, and executes this application software to execute the remaining time. It is assumed that the time data file Ddat stored in the hard disk 22 is replaced at the stage when the number becomes small. However, in this case, by comparing the secret value of the replaced time data file with the secret value stored in the secret memory 5, it is determined that the data is not legitimate data. This is because the secret values Nra of both cases in this case are naturally different values because the generated timings are different.

As understood from the above description, it is preferable that the data in the secret memory 5 cannot be operated by a third party including the user. Therefore, CMP
1 must be configured so that the data in the secret memory 5 is not output to the outside.

Each of the flowcharts shown in FIGS. 4 to 7 shows the entirety of the secret data management method implemented using the secret memory 5 in order to prevent unauthorized data tampering. The procedure will be described below.

First, the flow from obtaining desired application software to installing it on the hard disk 22 and further initializing necessary environments is shown in FIG.
This will be described in accordance with the flow chart. Various methods of obtaining desired application software are conceivable, but a CD-ROM containing this software is obtained at a predetermined route (step 7).
1) An example of installation will be described. Note that this installation flow is executed based on a setup program file attached to the application software.

In this case, the CD-ROM 23 is
When it is set in the ROM drive and an installation instruction is received by input means (not shown), the application software is installed on the hard disk 22 (step 72). As another installation example, application software may be downloaded via the modem 25 and installed on the hard disk 22.

However, the application software DexeX installed at this time is subjected to address scrambling by the scrambling code F (ReX) and encryption by the work key Ksf3 by the above-described method, and Esf3 (DexeX (+) F).
(ReX)) is stored on the hard disk.

In the next step 73, the work key Ksf
3 is secured and stored in the storage register 8. Therefore, in this step, as described in steps 5 to 9 of the flow of FIG. 2, the permit code Epmp (Ksf3) obtained from the software supplier in a predetermined procedure is hard-coded.
In this case, the data is stored in the hard disk 22 and decrypted by the decryption unit 9.

At the next step 74, the output of the scramble code generator 6 is started, and the command signal s1 for activating the encryption / decryption function of the encryption processor 7 is output. As a result, all data input and output between the CMP 1 and an external storage device such as the main memory 21 are encrypted until both functions are turned off in step 82 described later.

In the next step 75, as described above, the password corresponding to this application software on a one-to-one basis.
A random number is generated to generate the password Pw3, and it is confirmed and confirmed that the numerical value does not yet exist in the secret memory 5, and is secured in the same memory. Then, an environment setting file Acfg3 of the installed application software DexeX is created, and the password Pw3 generated therein is created.
Is written and stored in the hard disk 22 (step 76).

Next, the operable remaining time Tre of the application software is set to zero (step 77), and a random number is generated to generate a secret value Nra (step 78). Then, a time data file Ddat (Ddat = Tre + Nra) including the remaining time Tre and the secret value Nra is created and stored in the hard disk 22 (steps 79 and 80).
The time data file Ddat created at this time is
If necessary, the data is temporarily stored in the main memory 21. The data at this time is, of course, encrypted and stored as scrambled data.

The secret value Nra generated at this time is
The password P secured in the secret memory 5 as shown in FIG.
This password is stored in correspondence with w3 (step 81), and the password Pw3 enables operations such as collation. Then, in step 82, the scramble code generator 6
And stops the encryption / decryption function of the encryption processor 7 and terminates this flow.

By the above steps, a desired application
The optional software DexeX is installed on the hard disk 22 in an encrypted state, and necessary various environments are initialized.

Next, the procedure for executing the desired application software will be described with reference to the execution flowcharts of FIGS. For ease of explanation,
The application software executed here is DexeX installed in the above description.

When the application software is executed in step 41, the software is read (step 42). The step 42 corresponds to the steps 2 to 10 of the flowchart shown in FIG. 2, and the application software Esf3 encrypted and scrambled as described above.
(DexeX (+) F (ReX)) is loaded into the main memory 21, the permit code Epmp (Ksf3) is decrypted, and the work key Ksf3 is stored in the storage register 8.

Further, the output of the scramble code generator 6 is started, and a command signal s1 for activating the encryption / decryption function of the encryption processor 7 is output. As a result, all data input and output between the CMP 1 and an external storage device such as the main memory 21 are encrypted until both functions are turned off in step 49 described later.

As described with reference to FIG. 2, the encrypted and scrambled application software Esf3 (Dex
eX (+) F (ReX)) is assumed to have the above-described activation processing program attached thereto. Also, in this case, since the permit code is stored at the time of installation based on the flow of FIG. 4, the steps from step 4 to step 6 by the activation processing program in FIG. 2 can be omitted as a result.

Then, the environment setting file A of this software
The cfg3 is read, and it is confirmed whether or not the password Pw is present therein (step 43). In this case, the process proceeds to step 44 because the password Pw3 exists, but if it does not exist, it means that an error has occurred during the installation of this software and no password was generated. This is displayed on display means (not shown), and a re-installation command is issued (steps 45 and 46). In step 49, the output of the scramble code generator 6 and the function of the encryption processor 7 are stopped. And return to the standby state.

Next, at step 44, the time data file Ddat (Ddat = Tre + Nr) of the application software
a) is read. At this time, of course, decryption using the work key Ksf3 and descrambling using the address are performed.
The encrypted time data file Ddat read at this time is stored in the main memory 21 as it is, if necessary.

Next, the secret value Nra in the secret memory 5 is compared with the secret value in the time data file Ddat (step 47). Now, since the secret value of the application software DexeX installed in the description of the installation flow of FIG. 4 is collated, these two secret data are not altered unless this time data file Ddat is falsified by any method. It will be appreciated that the values match and go to step 50.

If the time data file Ddat has been replaced as described above, the process goes to step 48 because these two secret values are different, and the process described later is performed.

Steps 50 to 53 execute a process of executing the application software DexeX and monitor the remaining time at the same time. That is, step 5
At 0, the execution time is measured and the remaining time is successively updated. At step 51, it is monitored whether the remaining time has become zero. At step 53, it is monitored whether a stop command of this execution has been input.

In this step 52, the application software Esf3 (DexeX (+) F (ReX)) sequentially loaded into the main memory 21 is read into the CPU 2 as required. The above-described decoding and descrambling are sequentially performed.

If the remaining time becomes zero during this execution, this is determined in step 51, and once the software processing is terminated (step 54), the display means (not shown) displays, for example, "no remaining time". A display is made (step 55), and a program for applying for addition of the remaining time to the software supplier is entered as described later (step 56). At this time, since the description is made on the assumption that the application software DexeX has just been installed, the remaining time is zero, and this route is naturally followed.

The remaining time addition application program in step 56 is performed according to a procedure shown in a flowchart shown in FIG. That is, the user sends the encrypted time data file Ddat to the software supplier by any method (step 91). Although various methods are conceivable, the method may be performed by a personal computer communication such as the Internet performed through the modem 25, for example.

On the other hand, the software supplier decrypts the file and descrambles the data to restore the data, and additionally supplements the remaining time Tre of Ddat (Ddat = Tre + Nra) (step 92). The amount of replenishment is
Is determined in response to the request, but the payment of the replenishment fee for the compensation is separately performed, and the description thereof is omitted here.

After the supplement of the remaining time Tre, the software supplier re-encrypts the address with the secret value sent together with the address scramble and the work key Ksf3 and returns it to the user. (Step 93). This method may be performed via personal computer communication, or may be stored in a floppy disk and mailed.

The user inputs the time data supplemented during this time.
The data file is obtained again and stored in the hard disk 22 so as to replace the previous data file (step 94), and the flow of the remaining time addition application is completed. Accordingly, in Ddat (Ddat = Tre + Nra) at this time,
Although the remaining time Tre is replenished by a predetermined amount, the secret value N
It is understood that ra remains the same as the secret value stored in the secret memory 5.

If the user wants to continue to execute the application software DexeX, the user must return to step 41 of the execution flow of FIG. 5 again. However, in this case, since the remaining time has been replenished by a predetermined amount, when execution is instructed in step 41, the flow of steps 50 to 53 is repeated, and the execution state of the application software DexeX is continued. Will be.

Then, before the remaining time Tre becomes zero,
When the user receives an instruction to end the software processing, the process proceeds to the next step 57. In this step 57, a random number is generated to update the secret value Nra '. Thereafter, the updated secret value Nra' is paired with the remaining time Tre from which the execution time of the software at this time has been subtracted to form a new time. Data file Dda
t (Ddat = Tre + Nra ') is created (step 5)
8). The data Ddat created at this time is temporarily stored in the main memory 21 as necessary, but the data at this time is naturally encrypted and stored as scrambled data.

This is stored in place of the pre-update time data file stored in the hard disk 22 (step 59), and the updated secret value Nra 'is
The secret value is stored in the secret memory 5 in place of the pre-updated secret value that can be identified by the password Pw3 secured in the secret memory 5 (step 60).

At this time, the above-mentioned collation of the secret value Nra before the update is performed. The flowchart shown in FIG. 11 shows the flow of this collation operation performed in step 60. In step 60-1, the secret value Nra in the secret memory 5 is set.
And whether Nra separately prepared for collation matches. If these match, step 60-2
If the data is updated as described above and the data does not match, the process proceeds to step 60-3, in which a display means (not shown) displays "Illegal." It may be configured to return.

Then, again, the application software D
When exe3 is executed, the process proceeds to step 47 via the above-described steps, where the secret value is collated. At this time,
Secret value read from secret memory and hard disk 22
Should be the same as the secret value read from, but if the data has been tampered with by the user, they will not match. At this time, the process proceeds to step 48 to display a message such as "illegal act" and returns to the standby state via step 49 to stop the execution.

On the other hand, this application software Dexe
When the use of X is stopped and the software is uninstalled, it is necessary to erase the password Pw3 and the secret value Nra set in the software from the secret memory 5. If this is not done, unnecessary secret values will be stored in the same memory. This erasing operation needs to be performed only at the time of uninstallation and at the stage where the password is present on the hard disk 22, so that the erasing operation is performed, for example, according to the flow shown in FIG.

That is, when an uninstallation instruction is received by an input means (not shown), the process proceeds to step 101, and
First, the password and the secret value are deleted. Also at this time, collation with the secret value Nra as described above is performed to enhance security. For this purpose, (Pw3, Nra) is prepared, and only when Nra in the secret memory 5 identified by the password Pw3 matches Nra prepared for collation, it corresponds to this application software DexeX. The password Pw3 and the secret value Nra are deleted at the same time. After the erasure is completed, the application software DexeX itself is uninstalled (step 102).

Next, another embodiment of the present invention will be described. FIG. 14 shows a case in which the secret memory unit 51 exists outside the CMP 50 and exists independently. The other components having the same functions as those in FIG. I do. 14 is different from FIG. 1 in that the secret memory inside the CMP 1 is provided independently in the secret memory unit 51 outside the CMP 1 together with the matching means 52, and the overall function is exactly the same. is there.

On the other hand, the partial function of FIG. 14 differs from that of FIG. 1 in that the internal data of the secret memory 5 is not output to the outside of the CMP 1 in the configuration of FIG. 14 is that the internal data of the secret memory unit 51 is not output to the outside.

Accordingly, the operation of the secret memory provided in the CMP 1 having the configuration of FIG. 1 will be described with reference to the flow charts of FIGS.
The description has been given with reference to the chart.
The same operation can be performed for the secret memory unit 51 provided outside the area according to these flowcharts. However, step 47 in FIG. 5 and step 6 in FIG.
1-1 and the collation work performed in each step of step 101 in FIG.
2, and only the result of YES or NO is output.

Next, another embodiment of the present invention will be described. FIG. 12 is a configuration diagram showing another embodiment of the present invention. Components having the same functions as those in FIG. 1 described above are denoted by the same reference numerals, and the description thereof will be omitted. The different parts will be emphasized.

In this embodiment, when the encrypted and address-scrambled data D is marked according to the above-mentioned marking method, it becomes Escri (D) (i = 1, 2, 3,... N). However, the secret key Kscri is Kscri = Ksf (+) F (Rei). That is, the work key Ksf prepared for the data D
The data D is encrypted by an exclusive OR code of the data D and the scramble code F (Rei) generated sequentially.

The process of decrypting the application software thus encrypted by the CMP shown in FIG. 12 will be described. Now, a set of 1-byte data groups D1, D2... DN of the application software is described as DX, and a scramble code group F generated corresponding to this is described.
(Re1), F (Re2)... A set of F (ReN) is described as F (ReX), and this encrypted application software is referred to as Esc.
Described as r (DX). However, Kscr = Ksf (+) F (ReX)
It is.

Therefore, the first one byte of data D1
At this time, the encrypted data Escr1 (D1) appears on the data bus 12 and the scramble code generator 6 outputs F (Re1). Accordingly, at this time, the encryption processor 7 decrypts the data Escr1 (D1) with the exclusive OR code Ksf (+) F (Re1) of the work key Ksf and the scramble code F (Re1). The data D1 obtained by decrypting the data with the same key as when the data is decrypted can be output to the CPU 2. Similarly, all the encrypted data groups are sequentially decrypted and sent to the CPU 2 in the same manner.

First, the CMP 1 having the configuration shown in FIG.
FIG. 2 is a flow chart showing the process of obtaining application software and reading it into the CPU 2 when executing the application software.
Although described with reference to the chart, FIG.
P30 can perform the same operation according to this flowchart. However, the difference is that the decoding method of step 11 is executed based on the above description.

The data created by the user and once stored in the main memory 21 is stored in the CM having the configuration shown in FIG.
The process of encrypting with P and saving it again in the main memory has been described with reference to the flowchart of FIG. 3, but the CMP 30 having the configuration of FIG. 12 can perform the same operation according to this flowchart. However, the encryption method in step 28 is different, and the data group DX is sequentially encrypted by an exclusive OR code (Kusr (+) F (ReX)).

Further, the operation of the secret memory provided in the CMP 1 having the configuration shown in FIG. 1 has been described with reference to the flowcharts shown in FIGS.
The same operation can be performed for the secret memory 5 provided therein according to these flowcharts. However, the method of encrypting or decrypting data executed in the flow is different from the method of CMP1 in FIG. 1, and the exclusive OR code (Kusr (+) F (ReX)) is used as the working key as described above. Done.

Next, another embodiment of the present invention will be described. FIG. 13 is a configuration diagram showing another embodiment of the present invention. Components having the same functions as those in FIG. 1 described above are denoted by the same reference numerals, and the description thereof will be omitted. The different parts will be emphasized.

In the case of this embodiment, when the encrypted and address-scrambled data D is described according to the above-mentioned notation method, it becomes Esss (D (+) F (Re)). However, this work key Ksss is Ksss = Essp (Kusr).
That is, the encryption unit 41 inputs the work key Kusr set by the user from the CPU 2 and encrypts the work key Ksss obtained by encrypting it with the secret key Kssp unique to the CMP 40 stored in the storage register 10. And outputs it to the storage register 8.

The encryption processing section 7 encrypts the data (D (+) F (Re)) scrambled with the work key Ksss stored in the storage register 8, and encrypts the encrypted data.
The data Esss (D (+) F (Re)) is output via the data bus 12 to an external memory such as the main memory 21.

The data thus encrypted is shown in FIG.
3 will be described. Now
A set of data groups D1, D2... DN in units of 1 byte of data is described as DX, and scramble code groups F (Re1), F (Re2). ReN) is a set of F
(ReX) and the scrambled encrypted data
Is described as Esss (DX (+) F (ReX)). However, Kss
s = Essp (Kusr).

Therefore, the first one byte of data D1
At this time, the encrypted data Esss (D1 (+) F (Re1)) appears on the data bus 12 and the scramble code generator 6 outputs F (Re1). Is output. Therefore, the encryption processor 7 decrypts the data Esss (D1 (+) F (Re1)) with the work key Ksss at this time (D1 (+) F (R)
e1)) is output to the adder 11, and the adder 11 can output data D1 obtained by descrambling F (Re1) to the CPU 2. Similarly, all the encrypted data groups are sequentially decrypted and sent to the CPU 2 in the same manner.

The data created by the user and once stored in the main memory 21 is stored in the CM having the configuration shown in FIG.
The process of encrypting with P and saving it again in the main memory has been described with reference to the flowchart of FIG. 3, but the CMP of FIG. 13 can perform the same operation according to this flowchart. However, in step 23, the work key Kss
It is necessary to store s = Essp (Kusr) in the storage register 8, and therefore, the encryption of the working key Kusr by the encryption unit 41 is performed.

Therefore, the CMP4 shown in FIG.
0, the data encrypted with this encrypted CM
It is understood that decoding is performed only by P. Furthermore,
Since the work key Ksss has a double key configuration, the work key can be changed for each data group to be encrypted, so that the key itself is difficult to be decrypted, which prevents data flooding and protects confidentiality. Can be increased.

Next, another embodiment of the present invention will be described. FIG. 15 is a configuration diagram showing another embodiment of the present invention. Components having the same functions as those in FIG. 1 described above are denoted by the same reference numerals, and description thereof will be omitted. The different parts will be emphasized.

In the case of this embodiment, a storage register unit 61 having a plurality of P work key storage registers 8 is provided, and a different work key Ksfi (i = 1, 2,... P) is stored in each of these storage registers. Each can be stored. This storage register section 61
The configuration is such that the selection of the register for storing the work key output from the decryption unit 9 and the selection of the work key output to the encryption processing unit 7 can be executed by the key selection signal s5 output from the control unit 3. .

The offset register 62 stores a plurality of Ps for storing the head address of the data group.
Offset registers 4 have different start addresses Toi
(i = 1, 2,... P) are provided so as to be able to be stored, respectively, and the start address selection signal s6 output from the control unit 3 makes it possible to select a register for storing and reading the start address Toi. It is configured.

Next, the operation of the CMP 60 having such a configuration will be described. Now, the execution preparation flow of FIG. 2 is executed, and the software loaded into the main memory 21 in the step 3 is composed of M programs as shown in FIG. Key Ksfj (j =
1, 2,..., M, M ≦ P).

As described above, each program is composed of a data group which is a set of data in a predetermined unit, and the start address of each data group is set to Toj (j = 1, 2,...). M)
It is written. In this case, each work key Ksfj is supplied by the software supplier managing each program as the above-mentioned permit code.
Steps 9 to 9 are different from the CMP1 of FIG.

That is, in steps 4 to 6,
The steps of confirming, obtaining, and storing the existence of the permit code are performed. However, since M pieces of this permit code are required now, each step is configured to be repeated M times. Further, in the steps from step 7 to step 9, the permit code is read, decrypted, and the generated work key is stored in the register. Again, this process is repeated M times. .

The work key Ksfj generated at this time is
It is stored in each of the storage registers 8 from 1 to M selected by the key selection signal s5 output from the control unit 3 based on the command signal s1 output from the PU.

Further, in step 11, when each program stored in the main memory 21 is read and executed by the CPU 2 as necessary, a register for storing the work key Ksfj of each program is selected and read. And
It is supplied to the encryption processor 7. At the same time, the head address corresponding to the program to be read is selected by the address selection signal s6 output from the control unit 3 based on the command signal s1 output from the CPU. Then, the selected start address Toj is output to the scramble code generator 6, and the above-described address scramble is executed for each program. By managing i and j in a corresponding manner, the correspondence relationship between each program, each work key read at the time of executing the program, and each head address is maintained.

Next, another embodiment of the present invention will be described. FIG. 16 is a configuration diagram showing another embodiment of the present invention. Components having the same functions as those in FIG. 1 described above are denoted by the same reference numerals, and the description thereof will be omitted. The different parts will be emphasized.

In the case of this embodiment, a multiple key generation unit 71 including a decryption unit 72 and a storage register 73 is additionally provided. The storage register 73 stores the secret key Ksmpp unique to the CMP 70, and the decryption unit 72 encrypts the secret key Ksmp corresponding to the public key Kpmp with the public key Kpmpp corresponding to the secret key Ksmpp. Ksmp) is obtained and decrypted with the secret key Ksmpp, and the generated secret key Ksmp is output to the storage register 10.

With this configuration, the CMP7
0, a pair of public key Kpmp and secret key Ksmp are not already registered unique ones, and for example, these keys can be separately obtained and set from a CMP 70 supply source. It will be possible.

[0118]

According to the present invention, it is possible to determine whether reference data prepared separately is the same as predetermined secret data without outputting secret data from the signal processing means. Since the update or deletion of the data cannot be executed by a person who does not know the secret data, confidential information such as the remaining time of the application software whose execution time is managed is stored together with the secret data. When stored in an external memory, it can be checked with high reliability whether this confidential information has been tampered with.

By storing an identification code such as a password in a secret memory in correspondence with the secret data,
Since this identification code does not substitute for the address of the secret data, it is easy and illegal for a third party such as a user.
Data can be prevented from being changed.

[Brief description of the drawings]

FIG. 1 is a configuration diagram showing one embodiment of the present invention.

FIG. 2 is a flowchart for explaining the operation of the present invention;

FIG. 3 is a flowchart for explaining the operation of the present invention;

FIG. 4 is a flowchart for explaining the operation of the present invention;

FIG. 5 is a flowchart for explaining the operation of the present invention;

FIG. 6 is a flowchart for explaining the operation of the present invention;

FIG. 7 is a flowchart for explaining the operation of the present invention;

FIG. 8 is a flowchart for explaining the operation of the present invention;

FIG. 9 is an explanatory diagram of a secret memory used for explaining the operation of the present invention.

FIG. 10 is a configuration diagram of application software for explaining the operation of the present invention.

FIG. 11 is a flowchart for explaining the operation of the present invention;

FIG. 12 is a configuration diagram showing another embodiment of the present invention.

FIG. 13 is a configuration diagram showing another embodiment of the present invention.

FIG. 14 is a configuration diagram showing another embodiment of the present invention.

FIG. 15 is a configuration diagram showing another embodiment of the present invention.

FIG. 16 is a configuration diagram showing another embodiment of the present invention.

FIG. 17 is an explanatory diagram of a main memory used for describing the operation of the present invention;

[Explanation of symbols]

 Reference Signs List 1 CMP 2 CPU 3 Control unit 4 Offset register 5 Secret memory 6 Scramble code generator 7 Cryptographic processor 8 Storage register 9 Decoding unit 10 Storage register 11 Adder 21 Main memory 22 Hard disk 23 CD-ROM 24 Floppy disk 25 Modem 26 cache memory 30 CMP 40 CMP 41 encryption unit 50 CMP 51 secret memory unit 52 verification unit 60 CMP 61 storage register unit 70 CMP 71 multiple key generation unit

Claims (5)

[Claims] In a signal processing means having a secret memory for storing secret data, reading of the secret data written in the secret memory out of the signal processing means is prohibited, and reference data is stored. A secret data management method comprising: obtaining data and determining whether the reference data matches the secret data. 2. A signal processing means having a secret memory for storing secret data, wherein reading of the secret data written in the secret memory out of the signal processing means is prohibited, and the recorded data is stored in the signal processing means. When rewriting desired data in an area, reference data and update data corresponding to the desired data are separately obtained, and the desired data and the reference data are obtained. Rewriting between the desired data and the update data when the secret data matches the secret data.
Data management method. 3. A signal processing means having a secret memory for storing secret data, wherein reading of the secret data written in the secret memory out of the signal processing means is prohibited, and the signal is recorded. When erasing desired data in an area, reference data corresponding to the desired data is separately obtained,
When the desired data and the reference data match,
A method of managing secret data, wherein the desired data is erased. 4. A secret memory in a microprocessor, wherein an identification code set corresponding to application software to be executed is stored in the secret memory, and the execution of the application software is completed. The secret value generated each time is written to a file related to the application software and stored in an external memory, and also stored in the secret memory so that it can be identified by the identification code, and the application software is executed again. A secret data management method for comparing the stored secret values. 5. A secret memory for storing secret data, wherein said secret memory stores an identification code corresponding to said secret data and records or reproduces said secret data. And (c) selecting the secret data based on the identification code stored in the memory.