摘要:
An LSI includes a first decryptor which receives first encrypted key data, and decrypts the first encrypted key data using a first cryptographic key, thereby generating first decrypted key data, a second cryptographic key generator which generates a second cryptographic key based on a second ID, a second encryptor which encrypts the first decrypted key data using the second cryptographic key, thereby generating second encrypted key data, and a second decryptor which decrypts the second encrypted key data using the second cryptographic key, thereby generating second decrypted key data. At a time of key setting, the second encryptor stores the second encrypted key data in a storage unit. At a time of key usage, the second decryptor reads the second encrypted key data from the storage unit.
摘要:
A mobile terminal adapted to reproduce an encrypted contents file stored in a predetermined storage area as an alert of an incoming call includes: a storage section for holding first plaintext data corresponding to a head portion of the encrypted contents file; decryption means for decrypting the encrypted contents file to generate second plaintext data; reproduction means for reproducing the first and second plaintext data; and authentication means for performing authentication processing related to use of the encrypted contents file. The reproduction means reproduces the first plaintext data and in succession to reproduction of the first plaintext data reproduces the second plaintext data when the mobile terminal receives a call. The authentication means performs the authentication processing simultaneously and in parallel with the reproduction of the first plaintext data by the reproduction means.
摘要:
A communication card comprised of: an interface unit which communicates with the host; a first communication unit which communicates with an external device other than the host; an encryption unit which performs encryption processing onto data transferred between the host device and the external device via the interface unit and the first communication unit; a storage unit which stores: list information indicating a list of identifiers of unauthorized communication cards; and communication key information used for encryption; and a control unit which performs authentication processing, and only when the authentication processing has been completed normally, allows the host to control the first communication unit, causes said encryption unit to encrypt the data by using the communication key information after the authentication processing, and transfers the encrypted data to the host via the interface unit, in which the authentication processing includes processing of revoking an unauthorized communication card by using the list information.
摘要:
In a target apparatus which stores at least one piece of domain key information in a first area and a plurality of pieces of content key information each associated with any one of the domain key information in a second area, a method for generating data for detecting tampering of the content key information. The method comprises the steps of encrypting the content key information associated with one of the domain key information using a chain encryption technique, extracting data at predetermined positions in the encrypted content key information, concatenating the pieces of data extracted at the predetermined positions in the encrypted content key information to obtain concatenated data, performing a hash calculation with respect to the concatenated data to obtain a hash value, storing check values corresponding to the data at the predetermined positions in plain text, in the target apparatus, and storing the hash value in the target apparatus.
摘要:
A check computation circuit executes a computation corresponding to a computation for generating confidential CRC data, with respect to confidential data read from a non-volatile device. A comparison circuit compares the result of the computation in the check computation circuit with confidential CRC data read from the non-volatile device. When the result of the comparison indicates a mismatch, i.e., an error is detected, an encryption circuit encrypts the confidential data and the confidential CRC data using a secret key registered in a secret key register, and outputs the encrypted confidential data and confidential CRC data to the outside of a semiconductor integrated circuit.
摘要:
The confidential information processing device according to the present invention includes: a stream analysis unit which determines the target data by analyzing the data stream; a cryptographic computation unit which holds a context including a key used for the cryptographic computation, an initial value, and intermediate information during cryptographic computation, and perform the cryptographic computation using the context that is being held; a context storage unit which stores a plurality of the contexts; a correspondence table storage unit which stores a correspondence table which indicates the number of cryptographic computations to be performed for the data stream and a context to be used for each of the cryptographic computations; a context control unit which, when the context held in the cryptographic computation unit does not match the context to be used indicated in the correspondence table, saves the context held in the cryptographic computation unit to the context storage unit and restore the context to be used for the cryptographic computation indicated in the correspondence table out of the plurality of contexts stored in the context storage unit to the cryptographic computation unit; and a stream control unit which outputs the data stream on which the cryptographic computation is performed by the cryptographic computation unit to the external device, the number of the cryptographic computations being the number indicated in the correspondence table, and to output the data stream on which the cryptographic computation is performed by the cryptographic computation unit to the stream analysis unit, the number of the cryptographic computation not meeting the number of cryptographic computations indicated in the correspondence table.
摘要:
In a system which processes confidential information, use of a confidential information processing LSI due to unauthorized tampering of software, spoofing or the like is prevented and data on a bus are protected against analysis using a probe, etc. Within the confidential information processing LSI, software which controls the LSI 1002 is subjected to tampering detection which is executed by a comparator 1008 and authentication processing which is executed by a comparator 1020,thereby confirming the validity of the software and preventing use of the confidential information processing LSI by unauthorized software. The LSI and the software share session keys 1035 and 1038 which are based on a random number used for authentication processing and encrypted communications are attained using the session keys, which protects data on the bus.
摘要:
A confidential information processing device performs a cryptographic operation on first input data and second input data. A first cryptographic operation circuit includes: a first register for holding first information; and a first cryptographic operation unit. A first pseudo-cryptographic operation circuit includes a second register for holding second information. A first arbitration circuit causes the first cryptographic operation unit to perform the cryptographic operation on the first input data using the first information held in the first register, when a cryptographic operation request for the first input data is made to the first cryptographic operation circuit, and causes the first cryptographic operation unit to perform the cryptographic operation on the second input data using the second information held in the second register, when a cryptographic operation request for the second input data is made to the first pseudo-cryptographic operation circuit.
摘要:
A Control Data Flow Graph (CDFG) which is an intermediate representation obtained by analyzing a behavioral-level circuit description of hardware, is subjected to a process of changing a shape of the CDFG by adding an operation before or after scheduling, so as to conceal design information. A CDFG to which a hardware resource has been allocated may be subjected to a process of changing the allocation of the hardware resource.
摘要:
An encryption circuit of a secret key cryptosystem which inputs a plain text and a secret key 4A, inputs R partial keys Kn obtained from the secret key 4A and applies repeatedly R times of round operations to the plain text so that the plain text is encrypted including: registers 4G and 4H which store the values after the round operations of the plain text; a fault detection circuit 1A which decides whether a degenerate fault exists or not by the values of the registers 4G and 4H; and a circuit 1B which invalidates the secret key 4A when the degenerate fault exists in the detection result. The invention provides an encryption circuit which can appropriately respond to a new element of causing occurrence of the degenerate fault, suppress the cost of the hardware, and has a measure against the fault analysis while suppressing an increase in an encryption processing time.