Semiconductor device including encryption section, semiconductor device including external interface, and content reproduction method
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
H04L-009/00
G06F-012/14
출원번호
US-0761964
(2013-02-07)
등록번호
US-8719595
(2014-05-06)
우선권정보
JP-2002-258481 (2002-09-04)
발명자
/ 주소
Fujiwara, Makoto
Nemoto, Yusuke
Yasui, Junichi
Maeda, Takuji
Ito, Takayuki
Yamada, Yasushi
Inoue, Shinji
출원인 / 주소
Panasonic Corporation
대리인 / 주소
McDermott Will & Emery LLP
인용정보
피인용 횟수 :
0인용 특허 :
16
초록▼
A secure LSI device 1 includes an encryption section 2 for encrypting a program, and an external I/F 50 for inputting/outputting a program or data from/to an external memory 100. In the encryption section 2, the operation of a private key arithmetic processing section 20 is prohibited with respect t
A secure LSI device 1 includes an encryption section 2 for encrypting a program, and an external I/F 50 for inputting/outputting a program or data from/to an external memory 100. In the encryption section 2, the operation of a private key arithmetic processing section 20 is prohibited with respect to a sequence whose execution is determined by a key-generation/update sequencer 30 to be impermissible. In the external I/F 50, a program processing section 51 and a data processing section 55 are structured independently from each other.
대표청구항▼
1. A semiconductor device comprising: a boot ROM for storing a boot program;a mode ID storage section for storing a mode ID, the mode ID indicating as a current operation mode, a product operation mode for operating as a product device, or a development mode for developing a program;a program verifi
1. A semiconductor device comprising: a boot ROM for storing a boot program;a mode ID storage section for storing a mode ID, the mode ID indicating as a current operation mode, a product operation mode for operating as a product device, or a development mode for developing a program;a program verification section for verifying a validity of an external program stored in an external memory; anda sequencer for controlling the boot program, wherein:a sequence of the boot program is controlled by the sequencer in accordance with the current operation mode indicated by the mode ID stored in the mode ID storage section, andwhen the mode ID indicates the development mode, the boot program is controlled by the sequencer such that the external program stored in the external memory is executed irrespective of whether the external program is valid or not, while when the mode ID indicates the product operation mode, the boot program is controlled by the sequencer such that the external program is not executed if the program verification section has failed verification of the validity and the external program is executed only if the validity of the external program is verified by the program verification section. 2. The semiconductor device of claim 1, wherein the boot program reads the external program of which the validity is verified by the program verification section into the semiconductor device. 3. The semiconductor device of claim 1, wherein the mode ID storage section stores the mode ID in an unrewritable state. 4. The semiconductor device of claim 3, further comprising a flag for con-trolling whether rewriting of the mode ID storage section is permitted or not, wherein when the mode ID is written into the mode ID storage section, a predetermined value is set at the flag and the mode ID storage section becomes in the unrewritable state. 5. The semiconductor device of claim 1, further comprising a mode ID storage register, wherein the boot program sets the mode ID stored in the mode ID storage section at the mode ID storage register. 6. The semiconductor device of claim 5, wherein: the boot program has a first sequence common to operation modes and a second sequence different at every operation mode, andat the first sequence, the mode ID is set at the mode ID storage register. 7. The semiconductor device of claim 1, further comprising a key processing section for storing a parameter required for decrypting program or data at the product operation mode, wherein the boot program sets the parameter at the key processing section. 8. The semiconductor device of claim 1, wherein the program verification section calculates a HASH value of the external program and compares the calculated HASH value with a prestored HASH value to verify the validity of the external program. 9. The semiconductor device of claim 1, wherein: the external memory is a flash memory, andthe semiconductor device further comprising an interface section for reading in program and date from the flash memory. 10. The semiconductor device of claim 1, wherein at the product operation mode, the external program is stored in the external memory in an encrypted state with an inherent key unique to the semiconductor device. 11. A method of booting a semiconductor device, wherein the semiconductor device comprises a mode ID storage section for storing a mode ID, the mode ID indicating as a current operation mode, a product operation mode for operating as a product device, or a development mode for developing a program, the method comprising the steps of: booting up a boot program in a boot ROM;determining, by execution of the boot program, the current operation mode indicated by the mode ID stored in the mode ID storage section; andverifying, by the execution of the boot program, a validity of an external program stored in an external memory,wherein when the mode ID indicates the development mode, a sequencer controls such that an operation of the semiconductor device proceeds to the external program stored in the external memory irrespective of whether the external program is valid or not, while when the mode ID indicates the product operation mode, the sequencer controls such the operation of the semiconductor device does not proceed to the external program if verification of the validity has been failed and only if the validity of the external program has been verified, the operation of the semiconductor device proceeds to the external program. 12. The method of claim 11, further comprising a step of reading the external program of which the validity is verified into the semiconductor device. 13. The method of claim 11, wherein the mode ID storage section stores the mode ID in an unrewritable state. 14. The method of claim 13, wherein when the mode ID is written into the mode ID storage section, a predetermined value is set at a flag for controlling whether rewriting of the mode ID storage section is permitted or not and the mode ID storage section becomes in the unrewritable state. 15. The method of claim 11, further comprising a step of setting, by the execution of the boot program, the mode ID stored in the mode ID storage section at a mode ID storage register in the semiconductor device. 16. The method of claim 15, wherein: the boot program has a first sequence common to operation modes and a second sequence different at every operation mode, andat the first sequence, the mode ID is set at the mode ID storage register. 17. The method of claim 11, further comprising a step of setting, by the execution of the boot program, a parameter required for decrypting program or data when the mode ID indicates the product operation mode. 18. The method of claim 11, further comprising a step of calculating a HASH value of the external program and comparing the calculated HASH value with a prestored HASH value to verify the validity of the external program. 19. The method of claim 11, wherein at the product operation mode, the external program is stored in the external memory in an encrypted state with an inherent key unique to the semiconductor device. 20. A semiconductor device comprising: a boot ROM for storing a boot program;a mode ID storage section for storing a mode ID, the mode ID indicating as a current operation mode, a first mode or a second mode; anda program verification section for verifying a validity of an external program stored in an external memory, wherein:a sequence of the boot program is controlled in accordance with the current operation mode indicated by the mode ID stored in the mode ID storage section, andwhen the mode ID indicates the second mode, the external program stored in the external memory is executable, while when the mode ID indicates the first mode, the external program is executed only if the validity of the external program is verified by the program verification section. 21. The semiconductor device of claim 20, wherein the boot program reads the external program the validity of which is verified by the program verification section into the semiconductor device. 22. The semiconductor device of claim 20, wherein the mode ID storage section stores the mode ID in an unrewritable state. 23. The semiconductor device of claim 22, further comprising a flag for controlling whether rewriting of the mode ID storage section is permitted or not, wherein when the mode ID is written into the mode ID storage section, a predetermined value is set at the flag and the mode ID storage section becomes in the unrewritable state. 24. The semiconductor device of claim 20, further comprising a mode ID storage register, wherein the mode ID stored in the mode ID storage section is set at the mode ID storage register after the semiconductor device is powered on. 25. The semiconductor device of claim 24, wherein: the boot program has a first sequence common to operation modes and a second sequence different at every operation mode, andat the first sequence, the mode ID is set at the mode ID storage register. 26. The semiconductor device of claim 20, further comprising a key processing section for storing a parameter required for decrypting program or data at the first mode, wherein the boot program sets the parameter at the key processing section. 27. The semiconductor device of claim 20, wherein the program verification section calculates a HASH value of the external program and compares the calculated HASH value with a prestored HASH value to verify the validity of the external program. 28. The semiconductor device of claim 20, wherein: the external memory is a flash memory, andthe semiconductor device further comprises an interface section for reading in program and data from the flash memory. 29. The semiconductor device of claim 20, wherein at the first mode, the external program is stored in the external memory in an encrypted state with an inherent key unique to the semiconductor device. 30. The semiconductor device of claim 20, wherein, when the mode ID indicates the second mode, the program verification section doesn't verify the validity of the external program stored in the external memory. 31. The semiconductor device of claim 20, further comprising a key storage register for storing a key, wherein a key stored in an unrewritable area of the semiconductor device is set at the key storage register after the semiconductor device is powered on. 32. The semiconductor device of claim 20, further comprising a register for storing a security information, wherein the security information includes,an inherent key which is unique to the semiconductor device;a common key which is not unique to the semiconductor device; andan inherent ID which is unique to the semiconductor device. 33. The semiconductor device of claim 32, wherein: at least a part of security information is originally stored in an unrewritable area of the semiconductor device, and set in the register for storing security information only once after initialization. 34. A method of booting a semiconductor device, wherein the semiconductor device comprises a mode ID storage section for storing a mode ID, the mode ID indicating as a current operation mode, a first mode or a second mode, the method comprising the steps of: booting up a boot program in a boot ROM;determining, by execution of the boot program, the current operation mode indicated by the mode ID stored in the mode ID storage section; andverifying, by the execution of the boot program, a validity of an external program stored in an external memory,wherein when the mode ID indicates the second mode, an operation of the semiconductor device proceeds to the external program, while when the mode ID indicates the first mode, only if the validity of the external program has been verified, the operation of the semiconductor device proceeds to the external program. 35. The method of claim 34, further comprising a step of reading the external program the validity of which is verified into the semiconductor device. 36. The method of claim 34, wherein the mode ID storage section stores the mode ID in an unrewritable state. 37. The method of claim 36, wherein when the mode ID is written into the mode ID storage section, a predetermined value is set at a flag for controlling whether rewriting of the mode ID storage section is permitted or not and the mode ID storage section becomes in the unrewritable state. 38. The method of claim 34, further comprising a step of setting the mode ID stored in the mode ID storage section at a mode ID storage register in the semiconductor device after the semiconductor device is powered on. 39. The method of claim 38, wherein: the boot program has a first sequence common to operation modes and a second sequence different at every operation mode, andat the first sequence, the mode ID is set at the mode ID storage register. 40. The method of claim 34, further comprising a step of setting, by the execution of the boot program, a parameter required for decrypting program or data when the mode ID indicates the first mode. 41. The method of claim 34, further comprising a step of calculating a HASH value of the external program and comparing the calculated HASH value with a prestored HASH value to verify the validity of the external program. 42. The method of claim 34, wherein at the first mode, the external program is stored in the external memory in an encrypted state with an inherent key unique to the semiconductor device. 43. The method of claim 34, wherein, when the mode ID indicates the second mode, the program verification section doesn't verify the validity of the external program stored in the external memory. 44. The method of claim 34, wherein: the semiconductor device further comprises a key storage register for storing a key anda key stored in an unrewritable area of the semiconductor device is set at the key storage register after the semiconductor device is powered on. 45. The method of claim 34, wherein: the semiconductor device further comprises a register for storing a security information,wherein the security information includes,an inherent key which is unique to the semiconductor device;a common key which is not unique to the semiconductor device; andan inherent ID which is unique to the semiconductor device. 46. The method of claim 45, wherein: at least a part of security information is originally stored in an unrewritable area of the semiconductor device, and set in the register for storing security information only once after initialization.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.