-
公开(公告)号:US20070113079A1
公开(公告)日:2007-05-17
申请号:US10580818
申请日:2004-11-26
申请人: Takayuki Ito , Teruto Hirota , Kouichi Kanemura , Tomoyuki Haga , Yoshikatsu Ito
发明人: Takayuki Ito , Teruto Hirota , Kouichi Kanemura , Tomoyuki Haga , Yoshikatsu Ito
IPC分类号: H04L9/00
CPC分类号: G06F9/4812 , G06F9/468 , G06F21/78 , G06F2221/2105
摘要: In a data processing apparatus that switches between a secure mode and a normal mode during execution, the secure mode allowing access to secure resources to be protected, the normal mode not allowing access to the secure resources, when the secure resources increase in the secure mode, the load on a protection mechanism for protecting the resources becomes large. Thus, there is a demand for data processing apparatuses that are able to reduce secure resources. The present invention relates to a data processing apparatus that stores therein a secure program including one or more processing procedures which use secure resources and a call instruction for calling a normal program to be executed in a normal mode. While executing the secure program, the data processing apparatus calls the normal program with the call instruction and operates according to the called normal program.
摘要翻译: 在执行期间在安全模式和正常模式之间切换的数据处理装置中,当安全模式下的安全资源增加时,安全模式允许访问保护资源以被保护,正常模式不允许访问安全资源 用于保护资源的保护机制的负担变大。 因此,需要能够减少安全资源的数据处理装置。 数据处理装置本发明涉及一种数据处理装置,其中存储有一个或多个使用安全资源的处理过程的安全程序和用于调用在正常模式下执行的正常程序的呼叫指令。 在执行安全程序时,数据处理装置利用呼叫指令调用正常程序,并根据所调用的正常程序进行操作。
-
公开(公告)号:US07788487B2
公开(公告)日:2010-08-31
申请号:US10580818
申请日:2004-11-26
申请人: Takayuki Ito , Teruto Hirota , Kouichi Kanemura , Tomoyuki Haga , Yoshikatsu Ito
发明人: Takayuki Ito , Teruto Hirota , Kouichi Kanemura , Tomoyuki Haga , Yoshikatsu Ito
CPC分类号: G06F9/4812 , G06F9/468 , G06F21/78 , G06F2221/2105
摘要: In a data processing apparatus that switches between a secure mode and a normal mode during execution, the secure mode allowing access to secure resources to be protected, the normal mode not allowing access to the secure resources, when the secure resources increase in the secure mode, the load on a protection mechanism for protecting the resources becomes large. Thus, there is a demand for data processing apparatuses that are able to reduce secure resources.The present invention relates to a data processing apparatus that stores therein a secure program including one or more processing procedures which use secure resources and a call instruction for calling a normal program to be executed in a normal mode. While executing the secure program, the data processing apparatus calls the normal program with the call instruction and operates according to the called normal program.
摘要翻译: 在执行期间在安全模式和正常模式之间切换的数据处理装置中,当安全模式下的安全资源增加时,安全模式允许访问保护资源以被保护,正常模式不允许访问安全资源 用于保护资源的保护机制的负担变大。 因此,需要能够减少安全资源的数据处理装置。 数据处理装置本发明涉及一种数据处理装置,其中存储有一个或多个使用安全资源的处理过程的安全程序和用于调用在正常模式下执行的正常程序的呼叫指令。 在执行安全程序时,数据处理装置利用呼叫指令调用正常程序,并根据所调用的正常程序进行操作。
-
3.发明申请CERTIFYING DEVICE, VERIFYING DEVICE, VERIFYING SYSTEM, COMPUTER PROGRAM AND INTEGRATED CIRCUIT 有权认证设备,验证设备,验证系统,计算机程序和集成电路公开(公告)号:US20090204806A1
公开(公告)日:2009-08-13
申请号:US12306816
申请日:2007-07-02
CPC分类号: G06F21/10 , G06F21/445 , G06F21/51 , G06F21/57 , G06F21/575 , G06F2221/2129 , H04L9/0822 , H04L9/0866 , H04L9/3234
摘要: An authentication system that can show having an authentic computer program, can certify the authenticity of itself, and can verify the certification. The authentication system is composed of a terminal (requesting device) and a card (verifying device). The card stores secret information to be used by the terminal, and an update program for the terminal. The card verifies authenticity of the terminal using information obtained from the terminal. When it judges that the terminal is authentic, the card outputs the secret information to the terminal. When it judges that the terminal is not authentic, the card outputs the update program. With this structure, the terminal is forced to update the program when it attempts to use the secret information.
摘要翻译: 可以显示具有真实的计算机程序的认证系统可以证明其本身的真实性,并且可以验证认证。 认证系统由终端(请求装置)和卡(验证装置)组成。 该卡存储终端使用的秘密信息和终端的更新程序。 该卡使用从终端获得的信息来验证终端的真实性。 当该终端判断该终端是可信的时,该卡将该秘密信息输出到该终端。 当判断终端不可信时,卡会输出更新程序。 利用这种结构,终端在尝试使用秘密信息时被强制更新程序。
-
4.发明授权Certifying device, verifying device, verifying system, computer program and integrated circuit 有权认证设备,验证设备,验证系统,计算机程序和集成电路公开(公告)号:US08296561B2
公开(公告)日:2012-10-23
申请号:US12306816
申请日:2007-07-02
IPC分类号: H04L29/06
CPC分类号: G06F21/10 , G06F21/445 , G06F21/51 , G06F21/57 , G06F21/575 , G06F2221/2129 , H04L9/0822 , H04L9/0866 , H04L9/3234
摘要: An authentication system verifies an authentic computer program, certifies the authenticity itself, and verifies a certification. The authentication system includes a terminal (e.g., requesting device) and a card (e.g., verifying device). The card stores secret information to be used by the terminal, and an update program for the terminal. The card verifies authenticity of the terminal using information obtained from the terminal. When it judges that the terminal is authentic, the card outputs the secret information to the terminal. When it judges that the terminal is not authentic, the card outputs the update program. The terminal is forced to update the program when it attempts to use the secret information.
摘要翻译: 认证系统验证真实的计算机程序,证明其真实性本身,并验证认证。 认证系统包括终端(例如,请求设备)和卡(例如,验证设备)。 该卡存储终端使用的秘密信息和终端的更新程序。 该卡使用从终端获得的信息来验证终端的真实性。 当该终端判断该终端是可信的时,该卡将该秘密信息输出到该终端。 当判断终端不可信时,卡会输出更新程序。 终端在尝试使用秘密信息时被强制更新程序。
-
公开(公告)号:US07503049B2
公开(公告)日:2009-03-10
申请号:US10853132
申请日:2004-05-26
申请人: Kouichi Kanemura , Teruto Hirota , Takayuki Ito
发明人: Kouichi Kanemura , Teruto Hirota , Takayuki Ito
IPC分类号: G06F9/46 , G06F15/00 , G06F15/76 , G06F9/30 , G06F9/40 , G06F7/38 , G06F9/00 , G06F9/44 , G06F12/00 , G06F12/14 , G06F13/24 , G06F13/32 , G06F15/177
CPC分类号: G06F9/441 , G06F2209/481
摘要: An information processing apparatus switches between an Operating System 1 and an Operating System 2 during operation and comprises: a storing unit including a first area storing data managed by OS1, a second area storing a reset handler containing instructions for returning to OS2 and for branching to OS2, and a switching unit that switches connection/disconnection of the first area with outside; a table storing unit storing information showing the reset handler's position; a CPU having a program counter and executing an instruction at a position indicated by positional information in the program counter; and a management unit that, when instructed to switch from OS1 to OS2 while the apparatus is operating with OS1, instructs the switching unit to disconnect the first area and the CPU to reset. When instructed to reset itself, the CPU initializes its state and sets the reset handler positional information into the program counter.
摘要翻译: 信息处理装置在操作期间在操作系统1和操作系统2之间切换,并且包括:存储单元,其包括存储由OS1管理的数据的第一区域,存储复位处理器的第二区域,该复位处理器包含用于返回到OS2的指令并分支到 OS2,以及切换单元,其切换第二区域与外部的连接/断开; 表存储单元,存储表示重置处理者的位置的信息; CPU,其具有程序计数器,并且在由程序计数器中的位置信息指示的位置处执行指令; 以及管理单元,当指示在OS1操作时从OS1切换到OS2时,指示切换单元断开第一区域和CPU的复位。 当指示自己复位时,CPU初始化其状态,并将复位处理程序位置信息设置到程序计数器中。
-
公开(公告)号:US20050172294A1
公开(公告)日:2005-08-04
申请号:US10853132
申请日:2004-05-26
申请人: Kouichi Kanemura , Teruto Hirota , Takayuki Ito
发明人: Kouichi Kanemura , Teruto Hirota , Takayuki Ito
CPC分类号: G06F9/441 , G06F2209/481
摘要: An information processing apparatus switches between an Operating System 1 and an Operating System 2 during operation and comprises: a storing unit including a first area storing data managed by OS1, a second area storing a reset handler containing instructions for returning to OS2 and for branching to OS2, and a switching unit that switches connection/disconnection of the first area with outside; a table storing unit storing information showing the reset handler's position; a CPU having a program counter and executing an instruction at a position indicated by positional information in the program counter; and a management unit that, when instructed to switch from OS1 to OS2 while the apparatus is operating with OS1, instructs the switching unit to disconnect the first area and the CPU to reset. When instructed to reset itself, the CPU initializes its state and sets the reset handler positional information into the program counter.
摘要翻译: 信息处理装置在操作期间在操作系统1和操作系统2之间切换,并且包括:存储单元,其包括存储由OS1管理的数据的第一区域,存储包含用于返回到OS2的指令的复位处理器的第二区域, 分支到OS2,以及切换单元,其切换第一区域与外部的连接/断开; 表存储单元,存储表示重置处理者的位置的信息; CPU,其具有程序计数器,并且在由程序计数器中的位置信息指示的位置处执行指令; 以及管理单元,当所述设备在用OS 1操作时被指示从OS 1切换到OS2时,指示切换单元断开第一区域和CPU的复位。 当指示自己复位时,CPU初始化其状态,并将复位处理程序位置信息设置到程序计数器中。
-
7.发明授权Key terminal apparatus, crypto-processing LSI, unique key generation method, and content system 有权密钥终端装置,密码处理LSI,唯一密钥生成方法和内容系统公开(公告)号:US08189793B2
公开(公告)日:2012-05-29
申请号:US12376700
申请日:2008-08-07
申请人: Yoshikatsu Ito , Kouichi Kanemura
发明人: Yoshikatsu Ito , Kouichi Kanemura
IPC分类号: H04L9/08
CPC分类号: H04L9/3265 , H04L9/0822 , H04L9/083 , H04L2209/603
摘要: A key terminal apparatus includes a crypto-processing LSI that performs predetermined crypto-processing. Unique information identifying the crypto-processing LSI is embedded in the crypto-processing LSI. A predetermined master key corresponding to a predetermined key is embedded in the crypto-processing LSI. The crypto-processing LSI (a) receives an encrypted manufacturer key from the manufacturer key storage unit, (b) decrypts the encrypted manufacturer key using the predetermined master key to generate a manufacturer key, (c) generates a unique manufacturer key identical to the predetermined unique manufacturer key, based on the unique information embedded in the crypto-processing LSI and the generated manufacturer key, and (d) decrypts the received encrypted device key using the generated identical unique manufacturer key to generate a predetermined device key.
摘要翻译: 密钥终端装置包括执行预定密码处理的密码处理LSI。 识别加密处理LSI的唯一信息被嵌入到加密处理LSI中。 对应于预定密钥的预定主密钥被嵌入到密码处理LSI中。 加密处理LSI(a)从制造商密钥存储单元接收加密的制造商密钥,(b)使用预定的主密钥解密加密的制造商密钥以生成制造商密钥,(c)生成与 基于嵌入在加密LSI中的唯一信息和所生成的制造商密钥,以及(d)使用所生成的相同唯一制造商密钥对接收到的加密设备密钥进行解密以产生预定的设备密钥。
-
公开(公告)号:US08135963B2
公开(公告)日:2012-03-13
申请号:US11884147
申请日:2006-02-09
申请人: Taichi Sato , Rieko Asai , Yoshikatsu Ito , Kouichi Kanemura , Hideki Matsushima
发明人: Taichi Sato , Rieko Asai , Yoshikatsu Ito , Kouichi Kanemura , Hideki Matsushima
CPC分类号: G06F21/14
摘要: A program conversion device generates a program by obfuscating an original program, and generates and encrypts conversion parameters for inverse conversion of the obfuscated program. The program conversion device distributes the obfuscated program together with the encrypted conversion parameters. To execute the obfuscated program, a device having a high security level decrypts the encrypted parameters by using a decryption key stored in advance, applies inverse conversion to the obfuscated program by using the decrypted conversion parameters, and executes the program resulting from the inverse conversion. A device having a low security level executes the obfuscated program without any inverse conversion.
摘要翻译: 程序转换装置通过模糊原始程序来生成程序,并且生成并加密转换参数,用于对模糊程序进行逆转换。 程序转换装置将加密的程序与加密的转换参数一起分发。 为了执行混淆程序,具有高安全级别的设备通过使用预先存储的解密密钥对加密参数进行解密,通过使用解密的转换参数将反转换应用于混淆程序,并执行逆转换产生的程序。 具有低安全级别的设备执行混淆的程序而不进行任何逆转换。
-
9.发明申请KEY TERMINAL APPARATUS, CRYPTO-PROCESSING LSI, UNIQUE KEY GENERATION METHOD, AND CONTENT SYSTEM 有权关键终端设备,热处理LSI,独特的关键生成方法和内容系统公开(公告)号:US20100189265A1
公开(公告)日:2010-07-29
申请号:US12376700
申请日:2008-08-07
申请人: Yoshikatsu Ito , Kouichi Kanemura
发明人: Yoshikatsu Ito , Kouichi Kanemura
CPC分类号: H04L9/3265 , H04L9/0822 , H04L9/083 , H04L2209/603
摘要: A key terminal apparatus includes a crypto-processing LSI that performs predetermined crypto-processing. Unique information identifying the crypto-processing LSI is embedded in the crypto-processing LSI. A predetermined master key corresponding to a predetermined key is embedded in the crypto-processing LSI. The crypto-processing LSI (a) receives an encrypted manufacturer key from the manufacturer key storage unit, (b) decrypts the encrypted manufacturer key using the predetermined master key to generate a manufacturer key, (c) generates a unique manufacturer key identical to the predetermined unique manufacturer key, based on the unique information embedded in the crypto-processing LSI and the generated manufacturer key, and (d) decrypts the received encrypted device key using the generated identical unique manufacturer key to generate a predetermined device key.
摘要翻译: 密钥终端装置包括执行预定密码处理的密码处理LSI。 识别加密处理LSI的唯一信息被嵌入到加密处理LSI中。 对应于预定密钥的预定主密钥被嵌入到密码处理LSI中。 加密处理LSI(a)从制造商密钥存储单元接收加密的制造商密钥,(b)使用预定的主密钥解密加密的制造商密钥以生成制造商密钥,(c)生成与 基于嵌入在加密LSI中的唯一信息和所生成的制造商密钥,以及(d)使用所生成的相同唯一制造商密钥对接收的加密设备密钥进行解密以产生预定的设备密钥。
-
公开(公告)号:US20080162949A1
公开(公告)日:2008-07-03
申请号:US11884147
申请日:2006-02-09
申请人: Taichi Sato , Rieko Asai , Yoshikatsu Ito , Kouichi Kanemura , Hideki Matsushima
发明人: Taichi Sato , Rieko Asai , Yoshikatsu Ito , Kouichi Kanemura , Hideki Matsushima
IPC分类号: G06F11/30
CPC分类号: G06F21/14
摘要: It is troublesome for a distributor (server) to manage a plurality of programs of different obfuscated levels that are suitable for various devices, including ones having a high-speed CPU but with low security level (PCs) and ones having a low-speed CPU but with high security level (consumer products). A program conversion device generates a program by obfuscating an original program, and also generates and encrypts conversion parameters for inverse conversion of the obfuscated program. The program conversion device distributes the obfuscated program together with the encrypted conversion parameters. To execute the obfuscated program, a device having a high security level decrypts the encrypted parameters by using a decryption key stored in advance, applies inverse conversion to the obfuscated program by using the decrypted conversion parameters, and executes the program resulting from the inverse conversion. A device having a low security level executes the obfuscated program as it is without any inverse conversion.
摘要翻译: 分销商(服务器)管理适合于各种设备的不同混淆级别的多个程序是麻烦的,包括具有高速CPU但具有低安全级别(PC)的程序,并且具有低速CPU 但具有较高的安全级别(消费品)。 程序转换装置通过模糊原始程序来生成程序,并且还生成并加密转换参数,用于对模糊程序进行逆转换。 程序转换装置将加密的程序与加密的转换参数一起分发。 为了执行混淆程序,具有高安全级别的设备通过使用预先存储的解密密钥对加密参数进行解密,通过使用解密的转换参数将反转换应用于混淆程序,并执行逆转换产生的程序。 具有低安全级别的设备按原样执行模糊化程序,而不进行任何逆转换。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.036 秒)
