[go: up one dir, main page]

WO2019142306A1 - Dispositif à semi-conducteur, procédé de fourniture de données, procédé de décodage de données et programme - Google Patents

Dispositif à semi-conducteur, procédé de fourniture de données, procédé de décodage de données et programme Download PDF

Info

Publication number
WO2019142306A1
WO2019142306A1 PCT/JP2018/001505 JP2018001505W WO2019142306A1 WO 2019142306 A1 WO2019142306 A1 WO 2019142306A1 JP 2018001505 W JP2018001505 W JP 2018001505W WO 2019142306 A1 WO2019142306 A1 WO 2019142306A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
divided data
encrypted
header
signal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2018/001505
Other languages
English (en)
Japanese (ja)
Inventor
大輔 森山
鈴木 大輔
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mitsubishi Electric Corp
Renesas Electronics Corp
Original Assignee
Mitsubishi Electric Corp
Renesas Electronics Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mitsubishi Electric Corp, Renesas Electronics Corp filed Critical Mitsubishi Electric Corp
Priority to PCT/JP2018/001505 priority Critical patent/WO2019142306A1/fr
Publication of WO2019142306A1 publication Critical patent/WO2019142306A1/fr
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/36Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols with means for detecting characters not meant for transmission

Definitions

  • the present invention relates to a semiconductor device, a data providing method, a data decoding method, and a program.
  • IoT Internet of Things
  • IoT devices are widely used. Such IoT devices may update firmware.
  • the divided data is transmitted from the transmitting terminal capable of communicating with the IoT device as the receiving terminal to the receiving terminal. Then, the receiving terminal receives the divided data and combines the received data. In such a case, it is expected that the integrity of the divided data to be transmitted and received is maintained.
  • the embedded device described in Patent Document 1 sequentially performs verification processing on each section obtained by dividing update data for updating software into a plurality of pieces.
  • the embedded device stores intermediate values obtained during the verification process.
  • the embedded device compares the value obtained by the verification process with the verification data to confirm that there is no tampering. If it is confirmed that there is no tampering, the embedded device performs verification processing on each section in order again.
  • the embedded device compares the intermediate value obtained in the verification process with the stored intermediate value, and if it matches, updates the software according to the section.
  • a division size determination unit determines the program to be tampered with based on random number information before loading the program, and the division unit divides the program into block data.
  • the first conversion means converts block data into temporary authentication data of a block division size or less by logical operation.
  • the second conversion means calculates authentication data by subjecting the authentication temporary data to a second conversion process, and stores the authentication data and the block division size.
  • the falsification detection system calculates the comparison data by performing block division, first conversion, and second conversion on the loaded program using the stored block division size after loading the program.
  • the tampering detection system detects tampering of a program by comparing authentication data and comparison data.
  • the processor described in Patent Document 3 includes a core that executes an instruction code, a CPU-unique key unique to the core, and an encrypted ROM code area that stores an encrypted instruction code in a non-rewritable form.
  • the processor includes a code authentication processing block that authenticates an instruction code including an instruction code stored in the area, and a cryptographic processing block that encrypts data input and output between the core and the outside.
  • the data input unit inputs electronic data and divides the electronic data into N segments.
  • the hash value calculation unit and the inspection data generation unit use an operation process in which an operation result obtained by performing a predetermined operation on data of the Mth segment is input for performing predetermined operation of data of the M + 1th segment. Repeat to the Nth segment to generate inspection data.
  • the verification data generation unit generates verification data of electronic data including inspection data and an operation result during generation of the inspection data as intermediate data.
  • the receiving terminal generates an intermediate value, and the transmitting terminal does not share such an intermediate value. Therefore, it can not be verified whether divided data generated at the transmitting terminal is combined in the same state as before division at the receiving terminal.
  • a program is divided and processed a plurality of times by a plurality of processing means, and these are compared and processed. Therefore, the implementation scale becomes large and the computational efficiency is not high.
  • the technique described in Patent Document 3 is not a verification method of divided data by outputting an intermediate value to the outside.
  • the technology described in Patent Document 4 uses the intermediate value for verification inside the device, but is not a technology realized between different devices. That is, the above description has not been made to solve the problem that the receiving terminal that has received the divided data by the transmitting terminal checks the integrity of such data and combines them.
  • the semiconductor device is a semiconductor device having a memory and a control circuit and providing data set in advance to the external terminal device, wherein the memory is an encrypted data with authentication and authentication. It stores key information for
  • the control circuit divides the data into a plurality of divided data while maintaining continuity on the data array, and based on a signal output by performing encryption processing on the previous divided data on the data array. Generate a transmission header.
  • the control circuit generates encrypted divided data and an authentication tag corresponding to the encrypted divided data from the transmission header, the divided data, and the key information, and generates the encrypted divided data and the encrypted divided data.
  • the corresponding authentication tag is output in the order on the data array.
  • the semiconductor device has a memory and a control circuit, and the memory stores key information for decrypting the encrypted encrypted text with authentication.
  • the control circuit sequentially receives, from the external terminal device, encrypted encrypted divided data with authentication and an authentication tag corresponding to the plurality of encrypted divided data.
  • the control circuit decrypts the currently received encrypted division data using the key information, and compares the authentication tag generated by the decryption with the authentication tag received from the external terminal apparatus, thereby performing the decrypted division. Authenticate data.
  • the control circuit collates the continuity verification signal based on the encrypted divided data processed immediately before with the transmission header attached to the decrypted divided data, thereby the divided data processed immediately before and the currently received encryption It is determined whether there is continuity on the data array with the divided data obtained by decoding the divided data.
  • the control circuit determines whether or not to perform the decryption on the encrypted divided data to be received immediately, according to the result of the authentication and the result of the determination as to whether or not the apparatus has the continuity.
  • the semiconductor device can transmit and receive divided data efficiently and safely, and can maintain program consistency.
  • FIG. 1 is a schematic view of a transmission and reception system according to a first embodiment.
  • FIG. 1 is a hardware configuration diagram of a first semiconductor device according to a first embodiment.
  • FIG. 2 is a hardware configuration diagram of a second semiconductor device according to the first embodiment. It is a figure for demonstrating the process of CPU111 in a 1st semiconductor device. It is a figure for demonstrating the process of CPU121 in a 2nd semiconductor device.
  • FIG. 6 is a diagram showing transitions of signals in the CPU 111.
  • FIG. 6 is a diagram showing transitions of signals in the CPU 121.
  • FIG. 7 is a hardware configuration diagram of a first semiconductor device according to a second embodiment.
  • FIG. 7 is a hardware configuration diagram of a second semiconductor device according to a second embodiment.
  • FIG. 7 is a hardware configuration diagram of a first semiconductor device according to a second embodiment.
  • FIG. 7 is a hardware configuration diagram of a second semiconductor device according to a second embodiment. It is a figure for demonstrating the process of CPU111 in a 1st semiconductor device. It is a figure for demonstrating the process of CPU121 in a 1st semiconductor device. It is a figure showing an example of composition of a signal concerning an embodiment.
  • each element described in the drawing as a functional block that performs various processing can be configured by a CPU (Central Processing Unit), a memory, and other circuits in terms of hardware, and in terms of software, a memory It is realized by the program etc. loaded to Therefore, it is understood by those skilled in the art that these functional blocks can be realized in various forms by hardware only, software only, or a combination thereof, and is not limited to any of them. Therefore, the configuration exemplified as the circuit in the following description can be realized by either hardware or software or both, and the configuration shown as the circuit realizing a certain function realizes the same function. Can also be shown as part of the For example, a configuration described as a control circuit may be described as a control unit. In the drawings, the same elements are denoted by the same reference numerals, and the redundant description is omitted as necessary.
  • Non-transitory computer readable media include various types of tangible storage media. Examples of non-transitory computer readable media are magnetic recording media (eg flexible disk, magnetic tape, hard disk drive), magneto-optical recording media (eg magneto-optical disk), CD-ROM (Read Only Memory) CD-R, CD And semiconductor memory (eg, mask ROM, PROM (Programmable ROM), EPROM (Erasable PROM), flash ROM, RAM (Random Access Memory)).
  • the programs may also be supplied to the computer by various types of temporary computer readable media. Examples of temporary computer readable media include electrical signals, light signals, and electromagnetic waves.
  • the temporary computer readable medium can provide the program to the computer via a wired communication path such as electric wire and optical fiber, or a wireless communication path.
  • FIG. 1 is a schematic diagram of a transmission / reception system according to a first embodiment.
  • the transmission / reception system 1 transmits data of the transmission terminal 11 to the reception terminal 12.
  • the transmission terminal 11 is a device having at least the first semiconductor device 110 as a configuration, and is, for example, a computer having a communication function, a tablet, a smart phone, an IoT device, a home appliance, a mobile object, a sensor, an industrial device, etc. is there.
  • the receiving terminal 12 is a device capable of communicating with the transmitting terminal 11, and has at least a second semiconductor device 120 as a configuration.
  • the receiving terminal 12 is, for example, a computer, a tablet, a smartphone, an IoT device, a home appliance, a mobile object, a sensor, an industrial device, or the like.
  • the transmission terminal 11 and the reception terminal 12 are communicably connected. Such connection is not particularly limited as long as it is a method such as USB (Universal Serial Bus), Bluetooth (registered trademark), Wi-Fi (Wireless Fidelity), or the like, which can ensure communication regardless of wired or wireless.
  • USB Universal Serial Bus
  • Bluetooth registered trademark
  • Wi-Fi Wireless Fidelity
  • the transmission / reception system 1 transmits / receives data, for example, when the transmission terminal 11 transmits the latest firmware to the reception terminal 12 to update the firmware of the reception terminal 12. For example, the transmission / reception system 1 divides the data in the transmitting terminal 11, performs the encryption process with authentication on the divided data, and performs the encrypted divided data, which is the encrypted divided data, as an authentication tag corresponding to the data Together with the function of transmitting to the receiving terminal. Further, the transmission / reception system 1 receives the data transmitted by the transmission terminal 11 in the reception terminal 12, decodes the received data, combines them, and restores the state before the transmission terminal 11 is divided. By dividing and transmitting data, the amount of data processed by the receiving terminal 12 at one time can be reduced, and the processing load on the receiving terminal 12 can be reduced.
  • FIG. 2 is a hardware configuration diagram of the first semiconductor device 110 according to the first embodiment.
  • the first semiconductor device 110 in charge of information processing has, as main components, a CPU 111, a memory 112, and an IF 113 (Interface), and these components are connected by a communication bus.
  • the CPU 111 is an arithmetic device for performing arithmetic processing and the like to be described later in the first semiconductor device 110.
  • the CPU 111 mainly has a plaintext control circuit 111a, a transmission header control circuit 111b, and an AE encryption circuit 111c.
  • the CPU 111 may have a plurality of these configurations as hardware, or may be configured to be capable of parallel processing as software.
  • the CPU described in this embodiment may include peripheral circuits other than the CPU core.
  • the plaintext control circuit 111a divides the original data received as an input signal according to a preset specification, and sequentially outputs the divided data to the AE encryption circuit 111c.
  • the plaintext control circuit 111a divides the original data while maintaining the continuity on the data arrangement.
  • the plaintext control circuit 111a sequentially outputs the divided original data while maintaining the continuity on the data array. That is, when the data output from the plaintext control circuit 111a is combined in the order of output, the divided data matches the original data.
  • the plaintext control circuit 111a is a specification for dividing the received data into n (n is an integer of 2 or more) data.
  • the plaintext control circuit 111a receives the original data SG01 as an input signal, and while maintaining the continuity on the data arrangement of the original data SG01, the divided data SG01. Generate i (i is an integer from 1 to n). Then, the plaintext control circuit 111a converts the generated divided data into divided data SG01.1 to SG01. Output in order up to n.
  • the transmission header control circuit 111b receives the initial header and the authentication tag as input signals, and outputs the received signal to the AE encryption circuit 111c as a ciphertext header. Details of the input signal received by the transmission header control circuit 111b will be described later.
  • the key information is also used when performing decryption processing.
  • the AE encryption circuit 111 c outputs a signal including the ciphertext, the authentication tag, and the header.
  • the memory 112 is a readable and writable non-volatile storage device, and mainly includes, for example, a flash memory, an EEPROM (Electrically Erasable Programmable Read-Only Memory), an SSD (Solid State Drive), and the like.
  • the memory 112 stores original data SG01 for input to the plaintext control circuit 111a, key information SG02 for input to the AE encryption circuit, and an initial header SG03 for input to the transmission header control circuit 111b.
  • the IF 113 is an interface for the semiconductor device 110 to transmit and receive various data to and from an external device.
  • the IF 113 receives data processed by the CPU 111 and outputs the received data to the outside.
  • FIG. 3 is a hardware configuration diagram of the second semiconductor device 120 according to the first embodiment.
  • the second semiconductor device 120 in charge of information processing mainly includes a CPU 121, a memory 122, and an IF 123, and these configurations are connected by a communication bus.
  • the CPU 111 is an arithmetic device for performing arithmetic processing and the like to be described later in the second semiconductor device 120.
  • the CPU 121 mainly includes a ciphertext control circuit 121a, a reception header control circuit 121b, a reception tag control circuit 121c, and an AE decryption circuit 111d.
  • the ciphertext control circuit 121a receives, as input signals, the ciphertext received from the transmitting terminal 11 and the integrity verification result received from the AE decryption circuit 121d.
  • the ciphertext control circuit 121a can determine whether to output the ciphertext to the AE decryption circuit 121d based on the received integrity verification result.
  • the reception header control circuit 121b receives, as an input signal, the initial header received from the transmission terminal 11, the transmission header, and the integrity verification result received from the AE decoding circuit 121d. Further, the reception header control circuit 121b has a function of temporarily storing the transmission header. The reception header control circuit 121b can determine whether to output the ciphertext to the AE decryption circuit 121d based on the received integrity verification result.
  • the reception tag control circuit 121c receives, as an input signal, the authentication tag received from the transmission terminal 11, and the integrity verification result received from the AE decoding circuit 121d.
  • the reception tag control circuit 121c can determine whether to output the ciphertext to the AE decryption circuit 121d based on the received integrity verification result.
  • the AE decryption circuit 121 d performs decryption processing and verification of the authentication tag on the authentication-encrypted signal. That is, the AE decryption circuit 121 d uses the ciphertext, the authentication tag, the header signal, and the key information stored in the memory 122 received from the transmission terminal 11 as input signals. The AE decryption circuit 121 d decrypts the ciphertext, and verifies whether the authentication tag generated as a result of the decryption matches the authentication tag received as the input signal. As a result of the verification, if these authentication tags match, the AE decryption circuit 121d outputs the decrypted plaintext. On the other hand, if the authentication tags do not match, the AE decoding circuit 121d outputs an error signal as a result of the consistency verification.
  • FIG. 4 is a diagram for explaining the processing of the CPU 111 in the first semiconductor device.
  • the CPU 111 accesses the memory 112 to read the original data SG01 and the initial header SG03, and supplies the original data SG01 to the plaintext control circuit 111a and the initial header SG03 to the transmission header control circuit 111b.
  • the plaintext control circuit 111a having received the original data SG01 converts the original data SG01 from the divided data SG01.1 to the divided data SG01. Generate n divided data up to n.
  • the plaintext control circuit 111a sequentially outputs each divided data to the AE encryption circuit 111c while maintaining the continuity on the data arrangement.
  • the transmission header control circuit 111b Upon receiving the initial header SG03, the transmission header control circuit 111b outputs the initial header SG03 to the AE encryption circuit 111c as a transmission header SG06.1 to be added to the divided data SG01.1.
  • the transmission header control circuit 111b causes the transmission headers SG06. i (where i is an integer from 2 to n here), the authentication tag SG 05. Receive i-1. Then, the transmission header control circuit 111b receives the received authentication tag SG05. i-1 to the next transmission header SG06. It sequentially outputs to the AE encryption circuit 111c as i.
  • the AE encryption circuit 111c receives the key information SG02 from the memory 112, and at the same time, the divided data SG01. i, transmission header SG06. Receive i. Then, the AE encryption circuit 111c transmits the divided data SG01. encrypt i. The AE encryption circuit 111 c outputs the ciphertext SG 04. i and an authentication tag SG05. Output i. Ciphertext SG04. i is divided data SG01. i is encrypted data. Note that the initial header SG03 and the output ciphertext SG04. i and an authentication tag SG05. The i is transmitted to the receiving terminal 12 via the IF 113.
  • FIG. 5 is a diagram showing a configuration example of the signal according to the first embodiment.
  • the signal in the present embodiment refers to a block of signals to be transmitted and received as a frame.
  • Ethernet registered trademark
  • BLE Bluetooth Low Energy (registered trademark)
  • FIG. 5 shows a frame 500 and a frame 600 as an example of a frame output by the CPU 111.
  • the frame 500 has a communication header at the beginning of the signal, followed by the payload, and then by the auxiliary information.
  • the communication header includes an initial header SG03.
  • the payload is divided data SG01. i includes a signal encrypted with key information SG02.
  • the auxiliary information is the authentication tag SG05. including i.
  • the frame 600 differs from the frame 500 in the configuration of the payload and the auxiliary information.
  • the payload is divided data SG01. i is encrypted by the key information SG02, and the authentication tag SG05. including i.
  • the auxiliary information is the authentication tag SG05. i is not included.
  • any configuration of the frame 500 or the frame 600 exemplified herein may be employed.
  • the original data can be divided and assigned to the payload area by adopting the frame 500.
  • the authentication tag can be put in part of the payload area.
  • FIG. 6 is a diagram for explaining the process of the CPU 121 in the second semiconductor device.
  • the CPU 121 transmits an initial header SG03, a ciphertext SG04. i, and the authentication tag SG05. Receive i.
  • the CPU 121 supplies the initial header SG03 to the reception header control circuit 121b, and the ciphertext SG04. i is supplied to the ciphertext control circuit 121a, and the authentication tag SG05. i is supplied to the reception header control circuit 121 b and the reception tag control circuit, respectively.
  • the ciphertext control circuit 121a transmits the ciphertext SG04. i received and received ciphertext SG 04. i is output to the AE decoding circuit 121 d.
  • the reception header control circuit 121b When receiving the initial header SG03, the reception header control circuit 121b outputs the initial header SG03 to the AE decryption circuit 121d as a reception header SG07.1 corresponding to the ciphertext SG04.1 that is the first piece of encrypted division data.
  • the reception header control circuit 121b causes the reception headers SG07.
  • i here, i is an integer from 2 to n here
  • Receive i-1 That is, the reception header control circuit 121b transmits the authentication tag SG05.
  • i is received, it is temporarily stored, and the immediately following authentication tag SG05.
  • i + 1 is received, the authentication tag SG05.
  • i is output to the AE decoding circuit 121 d. Note that the timing of output to the AE decoding circuit 121 d and the immediately following authentication tag SG05. The timing of receiving i + 1 does not matter.
  • the reception tag control circuit 121c controls the authentication tag SG05. i received the authentication tag SG05. i is output to the AE decoding circuit 121 d.
  • the AE decryption circuit 121 d transmits the ciphertext SG 04. i, received header SG07. i, and the authentication tag SG05. Receive i each. Also, the AE decryption circuit 121 d accesses the memory 122 and receives the key information SG 02. The AE decryption circuit 121 d uses the key information SG02 to encrypt the ciphertext SG04. Decryption division data SG08. i, and authentication tag SG09. Calculate i. In addition, ciphertext SG 04. If i is correctly decoded, the decoded split data SG08. i is divided data SG01. The same as i, the authentication tag SG09. i is an authentication tag SG05. It is the same as i. When the AE decoding circuit 121d performs the decoding process as described above, it performs the following verification process.
  • the AE decoding circuit 121d determines whether the authentication tag SG09. i and the authentication tag SG05.n received from the reception tag control circuit 121c. It is checked whether i matches. Authentication tag SG09. i and authentication tag SG05. If i matches, the AE decryption circuit 121 d determines that the ciphertext SG 04. It means that i has been correctly decoded.
  • the AE decryption circuit 121d receives the reception header SG07. As a header signal for guaranteeing the continuity of the encrypted divided data. Receive i. Therefore, when the AE decoding circuit 121d performs the above-described verification process and correct decoding is performed, the decoded divided data SG08. i is the decoded split data SG08. It is data maintaining continuity on data array from i-1.
  • the AE decoding circuit 121 d performs the above verification process, and if the decoding is correctly performed, the verification result SG10. For example, a signal “1” is output to i as a signal indicating that the verification result has been correctly performed.
  • the AE decoding circuit 121d detects the verification result SG10.
  • the i is output to the ciphertext control circuit 121a, the reception header control circuit 121b, and the reception tag control circuit 121c. Furthermore, the AE decoding circuit 121d outputs the decoded divided data SG08. Output i.
  • the AE decoding circuit 121d performs the above verification process, and if the verification result is not a correct result, the verification result SG10. For example, a signal “0” is output to i as a signal indicating that the verification result has not been correctly performed. Further, in this case, the AE decoding circuit 121d is configured to use the decoded divided data SG08. Do not output i.
  • FIG. 7 is a diagram showing transitions of signals in the CPU 111. As shown in FIG. FIG. 7 shows that each signal output from the CPU 111 has a relationship to maintain the continuity on the data array, and thus shows how the processing proceeds in a chained manner from the left to the right. ing. Therefore, for convenience of explanation, a plurality of configurations of the CPU 111 are described in FIG. 7 differently from the actual configuration. The details of the processing already described in FIG. 4 will be omitted.
  • the AE encryption circuit 111c encrypts the divided data SG01.1. Also, the AE encryption circuit 111c receives the initial header SG03 as a transmission header SG06.1. As a result of the encryption processing, the AE encryption circuit 111c outputs the first authentication tag SG05.1 corresponding to the first ciphertext SG04.1 and the ciphertext SG04.1.
  • the output ciphertext SG04.1 and the authentication tag SG05.1 are included in the first frame FR1, and the frame FR1 is transmitted from the transmitting terminal 11 to the receiving terminal 12.
  • the AE encryption circuit 111c encrypts the divided data SG01.2. Also, the AE encryption circuit 111c receives the authentication tag SG05.1 attached to the frame FR1 as the transmission header SG06.2. As a result of the encryption processing, the AE encryption circuit 111c outputs the second ciphertext SG04.2 and the first authentication tag SG05.2 corresponding thereto.
  • the output ciphertext SG04.2 and authentication tag SG05.2 are included in the second frame FR2, and the frame FR2 is transmitted from the transmitting terminal 11 to the receiving terminal 12.
  • the third data is also generated similarly to the second data and sequentially transmitted to the receiving terminal.
  • the AE encryption circuit 111c generates divided data SG01. Encrypt n.
  • the AE encryption circuit 111c transmits the authentication tag SG05. Send n-1 header SG06. Receive as n.
  • the AE encryption circuit 111c transmits the nth ciphertext SG04. n and the first authentication tag SG 05. Output n
  • the output ciphertext SG04. n and authentication tag SG05. n is included in the nth frame FRn, and the frame FRn is transmitted from the transmitting terminal 11 to the receiving terminal 12.
  • FIG. 8 is a diagram showing transitions of signals in the CPU 121.
  • FIG. 8 is a diagram showing transitions of signals in the CPU 121.
  • FIG. 8 shows that processing proceeds from the left side to the right side in order to show that each signal output from the CPU 121 has a relationship maintaining continuity on the data arrangement. Therefore, for convenience of explanation, a plurality of configurations of the CPU 111 are described in FIG. 7 differently from the actual configuration. The details of the processing already described in FIG. 6 will be omitted.
  • the AE decryption circuit 121 d decrypts the ciphertext SG04.1.
  • the AE decoding circuit 121d receives the reception header SG07.1 (equal to the initial header SG03) and the authentication tag SG05.1, and verifies whether the decoded divided data SG08.1 is correctly decoded. If the verification result is output as the correct one, the AE decoding circuit 121d outputs the decoded divided data SG08.1.
  • the AE decryption circuit 121d decrypts the ciphertext SG04.2.
  • the AE decoding circuit 121d receives the reception header SG07.2 (equal to the authentication tag SG05.1) and the authentication tag SG05.2, and verifies whether the decoded divided data SG08.2 is correctly decoded. If the verification result is output as the correct one, the AE decoding circuit 121d outputs the decoded divided data SG08.2. When the decrypted divided data SG08.1 is not properly decrypted, the decryption process of the ciphertext SG04.2 may or may not be performed.
  • the CPU 121 may combine and process the first decoded divided data SG08.1 and the second decoded divided data SG08.2 after they are output.
  • the AE decryption circuit 121d decrypts the third ciphertext SG04.3 in the same manner as the second ciphertext SG04.2, and outputs the decrypted divided data SG08.3 if the verification result is correct.
  • the CPU 121 may combine the first decoded split data SG08.1 and the second decoded split data SG08.2, and then combine the third decoded split data SG08.3.
  • the decryption process of the ciphertext SG04.3 may or may not be performed.
  • the AE decryption circuit 121d transmits the ciphertext SG04. Decode n.
  • the AE decoding circuit 121d receives the reception header SG07. n (equal to transmission header SG06.n-1), an authentication tag SG05.n. n, and the decoded split data SG08. Verify that n was correctly decoded. If the verification result is output as the correct one, the AE decoding circuit 121 d outputs the decoded divided data SG08. Output n In this way, the CPU 121 can sequentially verify divided data maintaining continuity on the data array, and sequentially combine and process them. The combining process may be sequentially performed, or may be collectively performed after all the verification processes are completed. When the subsequent decryption is performed when the ciphertext is not correctly decrypted in any decryption process, the decrypted divided data may be discarded.
  • the second semiconductor device 120 can sequentially decode the divided data while maintaining the continuity on the data arrangement.
  • the second semiconductor device 120 can perform processing to prevent loss or replacement of divided data.
  • the transmission and reception system 1 according to the first embodiment can secure secrecy and data integrity in data transmission and reception.
  • the reception terminal 12 in the transmission and reception system 1 according to the first embodiment can proceed with the process of sequentially combining the decoded divided data before completing the reception of all the data.
  • Embodiment 2 will be described with reference to FIGS. 9 to 12.
  • the transmission / reception system 1 according to the second embodiment is different from that of the first embodiment in the function of the CPU 211 included in the first semiconductor device 210.
  • the transmission terminal 11 has the first semiconductor device 210.
  • the transmission / reception system 1 according to the second embodiment is different from that of the first embodiment in the function of the CPU 221 included in the second semiconductor device 220 in which the receiving terminal 12 includes the second semiconductor device 220.
  • FIG. 9 is a hardware configuration diagram of the first semiconductor device according to the second embodiment.
  • the first semiconductor device 210 according to the second embodiment has the CPU 211, and the CPU 211 performs transmission instead of the transmission header control circuit 111b that the CPU 111 according to the first embodiment has. It has a header control circuit 211b.
  • FIG. 10 is a hardware configuration diagram of the second semiconductor device according to the second embodiment.
  • the second semiconductor device 220 according to the second embodiment has the CPU 221, and the CPU 221 is replaced with the reception header control circuit 121b that the CPU 121 according to the first embodiment has, and the reception is performed. It has a header control circuit 221b.
  • FIG. 11 is a diagram for explaining the process of the CPU 211 in the first semiconductor device. As shown in FIG. 11, the CPU 211 differs from the first embodiment in signal processing between the AE encryption circuit 111 c and the transmission header control circuit 211 b.
  • the transmission header control circuit 211b When the transmission header control circuit 211b receives the initial header SG03, the transmission header control circuit 211b outputs it to the AE encryption circuit 111c as a transmission header SG06.1 to be added to the first divided data SG01.1.
  • the transmission header control circuit 111 b transmits transmission headers SG 06.
  • Receive i-1 Then, the transmission header control circuit 111b receives the ciphertext SG04. i-1 to the next transmission header SG06. It sequentially outputs to the AE encryption circuit 111c as i.
  • the transmission header control circuit 211 b receives the received ciphertext SG 04.
  • i is calculated using a preset algorithm for i, and the result is stored in a transmission header SG06. It may be i.
  • the preset algorithm is, for example, one using a hash function such as CRHF (Collision Resistant Hash Function).
  • FIG. 12 is a diagram for explaining the process of the CPU 221 in the second semiconductor device.
  • the CPU 221 transmits the initial header SG03, the ciphertext SG04. i, and the authentication tag SG05. Receive i.
  • the CPU 221 supplies the initial header SG03 to the reception header control circuit 121b, and the ciphertext SG04. i is supplied to the ciphertext control circuit 121a and the reception header control circuit 221b, and the authentication tag SG05. supply i to the receiving tag control circuit respectively.
  • the reception header control circuit 221b When receiving the initial header SG03, the reception header control circuit 221b outputs it to the AE decryption circuit 121d as a reception header SG07.1 corresponding to the ciphertext SG04.1 which is the first piece of encrypted division data.
  • the reception header control circuit 221b causes the reception headers SG07.
  • i here is an integer from 2 to n
  • Receive i-1 That is, the reception header control circuit 221b transmits the ciphertext SG04.
  • i is received, it is temporarily stored, and ciphertext SG04.
  • i + 1 is received, the ciphertext SG 04.
  • i is output to the AE decoding circuit 121 d.
  • the reception header control circuit 221b like the transmission header control circuit 211b, receives the received ciphertext SG04. An operation may be performed using a preset algorithm for i, and the result may be used as the reception header SG07.1.
  • the preset algorithm is, for example, one using a hash function such as CRHF (Collision Resistant Hash Function).
  • CRHF collision Resistant Hash Function
  • the transmission and reception system 1 according to the second embodiment can secure secrecy and data integrity in data transmission and reception.
  • the reception terminal 12 in the transmission and reception system 1 according to the second embodiment can proceed with the process of sequentially combining the decoded divided data before completing the reception of all the data.
  • the first embodiment and the second embodiment are different from each other in the original information to be used as a header.
  • the transmission / reception system or the semiconductor device according to Embodiment 1 and Embodiment 2 can be described as follows. That is, the first semiconductor devices 110 and 210 of the transmission terminal 11 generate the transmission header based on the data output by the processing on the immediately preceding divided encryption data on the data array.
  • the transmission header may be an authentication tag output from the AE encryption circuit 111c or the AE encryption circuit 211c, or may be a ciphertext.
  • the transmission header may be an authentication tag or an encrypted text output from the AE encryption circuit 111 c or the AE encryption circuit 211 c, which is calculated by a preset algorithm.
  • the second semiconductor devices 120 and 220 of the receiving terminal 12 generate the reception header based on the data output by the processing on the immediately preceding encrypted divided data on the data array.
  • the reception header may be an authentication tag or a ciphertext in the signal received by the reception terminal 12. Further, the received header may be one obtained by calculating the received authentication tag or ciphertext according to a preset algorithm.
  • the transmission terminal 11 has the first semiconductor device 310, and the function of the CPU 311 included in the first semiconductor device 310 is different from that of the first embodiment.
  • the transmission / reception system 1 according to the third embodiment is different from that of the first embodiment in the function of the CPU 321 included in the second semiconductor device 320, in which the receiving terminal 12 has the second semiconductor device 320.
  • the transmission / reception system 1 according to the third embodiment is different from that of the first embodiment in the process for the first divided data and the process for the last divided data.
  • FIG. 13 is a hardware configuration diagram of the first semiconductor device according to the third embodiment.
  • the first semiconductor device 310 according to the third embodiment has a CPU 311, and the CPU 311 performs transmission instead of the transmission header control circuit 111 b that the CPU 111 according to the first embodiment has. It has a header control circuit 311b.
  • the memory 112 stores the first signal SG11 and the second signal SG12 in addition to the original data SG01, the key information SG02, and the initial header SG03.
  • the first signal SG11 is a signal indicating that it is the processing of the first divided data when the original data SG01 is divided in the transmitting terminal 11 to perform the encryption process with authentication.
  • the second signal SG12 is a signal indicating that it is the last process when the transmitting terminal 11 divides the original data SG01 and performs encryption processing with authentication.
  • FIG. 14 is a hardware configuration diagram of the second semiconductor device according to the third embodiment.
  • the second semiconductor device 320 according to the third embodiment has the CPU 321, and the CPU 321 receives instead of the reception header control circuit 121b that the CPU 121 according to the first embodiment has. It has a header control circuit 321b.
  • the CPU 321 shown in FIG. 14 transmits a first signal SG11 and a second signal SG12 from the transmitting terminal 11. Therefore, in the execution program (not shown), it is registered in advance that the first signal SG11 is a signal related to the first divided data and the second signal SG12 is a signal related to the last divided data.
  • the CPU 321 may store the first signal SG11 and the second signal SG12 in the memory 122 and execute the following processing by referring to the stored first signal SG11 and the second signal SG12.
  • FIG. 15 is a diagram for explaining the process of the CPU 311 in the first semiconductor device.
  • the CPU 311 differs from the first embodiment in that the transmission header control circuit 311b receives the first signal SG11 and the second signal SG12 from the memory 112 and processes the received signals.
  • the processing of the transmission header control circuit 311b will be described below for the first processing, the second to (n-1) th processing, and the nth processing.
  • the transmission header control circuit 311 b In the first process, the transmission header control circuit 311 b generates an AE encryption circuit as a transmission header SG06.1 in which the received initial header SG03 and the first signal SG11 are added to the divided data SG01.1 to be subjected to the first process. Output to 111c.
  • the AE encryption circuit 111c encrypts the divided data SG01.1 using the key information SG02, adds a transmission header SG06.1 including the initial header SG03 and the first signal SG11, and adds the ciphertext SG04.1.
  • the transmission header control circuit 311 b performs the process described in the first embodiment.
  • the transmission header control circuit 311b receives the authentication tag SG05.n received from the AE encryption circuit 111c.
  • the n ⁇ 1 and the second signal SG12 are divided into divided data SG01. Transmission header SG06. It outputs to the AE encryption circuit 111c as n.
  • the AE encryption circuit 111c uses the key information SG02 to generate divided data SG01. n is encrypted, and a transmission header SG06. n is attached and ciphertext SG 04. Generate n.
  • the CPU 311 according to the third embodiment includes the first signal SG11 indicating the first process in the transmission header SG06.1 of the ciphertext SG04.1 applied to the first process. Further, the CPU 311 according to the third embodiment determines the ciphertext SG 04. n transmission header SG06. n includes a first signal SG11 indicating that it is the final process.
  • FIG. 16 is a diagram for explaining the process of the CPU 321 in the second semiconductor device.
  • the CPU 321 transmits an initial header SG03, an encrypted text SG04. i, authentication tag SG05. i, the first signal SG11, and the second signal SG12 are received.
  • the CPU 321 supplies the initial header SG03, the first signal SG11, and the second signal SG12 to the reception header control circuit 121b.
  • reception header control circuit 321b The processing of the reception header control circuit 321b will be described below for the first processing, the second to n-1st processing, and the nth processing.
  • the reception header control circuit 321b sends the initial header SG03 and the first signal SG11 to the AE decryption circuit 121d as the reception header SG07.1 to be added to the ciphertext SG04.1 which is the first piece of encrypted division data. Output.
  • the AE decryption circuit 121d decrypts the ciphertext SG04.1.
  • the AE decoding circuit 121d processes the decoded divided data SG08.1 as the first divided data.
  • the reception header control circuit 321 b performs the process described in the first embodiment.
  • the reception header control circuit 321b sets the transmission header SG06.1 as the reception header SG07.1 to be added to the ciphertext SG04.1 which is the nth encryption division data.
  • the n ⁇ 1 and the second signal SG12 are output to the AE decoding circuit 121d.
  • the AE decryption circuit 121 d transmits the ciphertext SG 04. Decode n.
  • the AE decoding circuit 121d transmits the transmission headers SG06. When it is detected that n contains the second signal SG12, the decoded split data SG08. Process n as final divided data.
  • the AE decoding circuit 121 d verifies whether the transmission header includes the first signal SG11 or the second signal SG12 in the process described above, the first signal SG11 or the second signal SG11 stored in advance in the memory 122 Processing may be performed using two signals SG12. In that case, the above-described processing may be performed without transmitting the first signal SG11 or the second signal SG12 from the transmission terminal 11.
  • the process which concerns on the above-mentioned 1st signal SG11 and 2nd signal SG12 can also abbreviate
  • the first divided data can be secured by the data included in the first header.
  • the processing relating to the first signal SG11 and the second signal SG12 described above can also be applied to the transmission and reception system 1 according to the second embodiment.
  • the CPU 321 according to the third embodiment detects that the first signal SG11 indicating that it is the head divided data is included.
  • the CPU 321 according to the third embodiment detects that the second signal SG12 indicating that the divided data is the last divided data among the n divided data is included.
  • the semiconductor device 320 according to the third embodiment can process the divided data from the beginning to the end to ensure consistency with the original data. It becomes. Therefore, the transmission and reception system 1 according to the third embodiment can secure secrecy and data integrity in data transmission and reception.
  • a semiconductor device having a memory and a control circuit and providing data set in advance to an external terminal device,
  • the memory stores key information for authenticated encryption;
  • the control circuit The data is divided into a plurality of divided data while maintaining continuity on the data array, Generating a transmission header on the basis of a signal output by performing encryption processing on the previous divided data on the data array;
  • An encrypted divided data and an authentication tag corresponding to the encrypted divided data are generated from the transmission header, the divided data, and the key information, respectively.
  • Semiconductor device Semiconductor device.
  • the transmission header is It is an authentication tag that is output by encrypting the previous divided data on the data array, The semiconductor device according to appendix 1.
  • the transmission header is A signal based on a ciphertext output by performing an encryption process on the previous divided data on the data array;
  • the transmission header is It is a signal calculated by inputting the ciphertext into a preset hash function, The semiconductor device according to appendix 3.
  • the memory further stores an initial header that is header information of the data;
  • the control circuit The transmission header including the initial header is generated for the first divided data on the data array among the encrypted divided data.
  • the memory further stores a first signal for indicating that it is the first divided data on the data array;
  • the control circuit The first signal is included in the transmission header with respect to the first divided data on the data array among the encrypted divided data,
  • the semiconductor device according to appendix 1.
  • the memory further stores a second signal for indicating the last divided data on the data array;
  • the control circuit The second signal is included in the transmission header with respect to the last divided data in the data array among the encrypted divided data,
  • the semiconductor device according to appendix 1.
  • a data providing method for providing preset data to an external terminal device comprising: The data is divided into a plurality of divided data while maintaining continuity on the data array, Generating a transmission header on the basis of a signal output by performing encryption processing on the previous divided data on the data array; An encrypted divided data and an authentication tag corresponding to the encrypted divided data are generated from the transmission header, the divided data, and the key information, respectively. Outputting the generated encrypted divided data and the authentication tag corresponding to the encrypted divided data in the order on the data array; Data provision method.
  • the method is The data is divided into a plurality of divided data while maintaining continuity on the data array, Generating a transmission header on the basis of a signal output by performing encryption processing on the previous divided data on the data array; An encrypted divided data and an authentication tag corresponding to the encrypted divided data are generated from the transmission header, the divided data, and the key information, respectively. Outputting the generated encrypted divided data and the authentication tag corresponding to the encrypted divided data in the order on the data array; program.
  • the memory stores key information for decrypting the encrypted encrypted data with authentication.
  • the control circuit Receiving an initial header, encrypted encrypted divided data with authentication, an authentication tag corresponding to the plurality of encrypted divided data, and a header signal for guaranteeing continuity of the encrypted divided data from an external terminal device; Decrypt the received encrypted division data by the key information; The decrypted divided data is authenticated by comparing the authentication tag generated by the decryption and the header signal with the authentication tag received from the external terminal device, and the encryption received immediately after the authentication result according to the result of the authentication Determine whether to perform the decoding on the divided data; Semiconductor device.
  • the header signal is an authentication tag corresponding to the encrypted divided data processed immediately before, The semiconductor device according to appendix 10.
  • the header signal is a signal based on the ciphertext of the encrypted divided data processed immediately before, The semiconductor device according to appendix 10.
  • the header is a signal calculated by inputting the ciphertext of the encrypted divided data processed immediately before into a hash function set in advance.
  • the control unit Along with the encrypted split data, Receiving from the external terminal apparatus a first signal for indicating that it is the first divided data on the data array; In the case where the first signal is included in the decryption header information generated by performing decryption processing on the encrypted division data received first, Execute decryption processing of encrypted split data provided immediately after, The semiconductor device according to appendix 10.
  • a data decryption method for decrypting encrypted divided data provided from an external terminal device comprising: Store key information for decryption, Receiving sequentially encrypted encrypted division data with authentication, an authentication tag corresponding to the plurality of encrypted division data, and a header signal for ensuring continuity of the encrypted division data from an external terminal device; Decrypting the received encrypted divided data sequentially with the key information; The decrypted divided data is authenticated by comparing the authentication tag generated by the decryption with the authentication tag received from the external terminal device; In accordance with the result of the authentication and the result of the determination as to whether or not the apparatus has the continuity, it is determined whether or not the decryption is to be performed on the encrypted divided data to be received immediately thereafter. Data decryption method.
  • a transmitting terminal for transmitting data and a receiving terminal for receiving data The transmitting terminal is Have key information, The data is divided into a plurality of divided data while maintaining continuity on the data array, Generating a transmission header on the basis of a signal output by performing encryption processing on the previous divided data on the data array; An encrypted divided data and an authentication tag corresponding to the encrypted divided data are generated from the transmission header, the divided data, and the key information, respectively.
  • the receiving terminal is Have the key information, Receiving sequentially encrypted encrypted division data with authentication, an authentication tag corresponding to the plurality of encrypted division data, and a header signal for ensuring continuity of the encrypted division data from an external terminal device; Decrypting the received encrypted divided data sequentially with the key information; The decrypted divided data is authenticated by comparing the authentication tag generated by the decryption with the authentication tag received from the external terminal device; In accordance with the result of the authentication and the result of the determination as to whether or not the apparatus has the continuity, it is determined whether or not the decryption is to be performed on the encrypted divided data to be received immediately thereafter. Transmission and reception system.
  • the embodiment can be applied to a server apparatus, a terminal apparatus, etc. that transmits and receives the update program.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un dispositif à semi-conducteur (110) comportant une mémoire (112) et un circuit de commande (111). Le dispositif à semi-conducteur fournit des données prédéfinies à un dispositif terminal externe. La mémoire (112) stocke des informations de clé en vue d'un chiffrement à authentification. Le circuit de commande (111) divise des données en une pluralité de données divisées, tout en maintenant la contiguïté dans un ensemble de données, et génère un en-tête de transmission sur la base d'un signal émis par chiffrement des données divisées immédiatement précédentes dans l'ensemble de données. Le circuit de commande (111) génère des données divisées de chiffrement et une étiquette d'authentification qui correspond aux données divisées de chiffrement, respectivement, à partir de l'en-tête de transmission, des données divisées et des informations de clé, et délivre en sortie les données divisées de chiffrement et l'étiquette d'authentification qui correspond aux données divisées de chiffrement selon un certain ordre dans l'ensemble de données.
PCT/JP2018/001505 2018-01-19 2018-01-19 Dispositif à semi-conducteur, procédé de fourniture de données, procédé de décodage de données et programme Ceased WO2019142306A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2018/001505 WO2019142306A1 (fr) 2018-01-19 2018-01-19 Dispositif à semi-conducteur, procédé de fourniture de données, procédé de décodage de données et programme

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2018/001505 WO2019142306A1 (fr) 2018-01-19 2018-01-19 Dispositif à semi-conducteur, procédé de fourniture de données, procédé de décodage de données et programme

Publications (1)

Publication Number Publication Date
WO2019142306A1 true WO2019142306A1 (fr) 2019-07-25

Family

ID=67301374

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2018/001505 Ceased WO2019142306A1 (fr) 2018-01-19 2018-01-19 Dispositif à semi-conducteur, procédé de fourniture de données, procédé de décodage de données et programme

Country Status (1)

Country Link
WO (1) WO2019142306A1 (fr)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009025657A (ja) * 2007-07-20 2009-02-05 Kyocera Corp 送信装置および受信方法、並びに受信装置
WO2015015702A1 (fr) * 2013-08-02 2015-02-05 日本電気株式会社 Dispositif, procédé et programme de chiffrement authentifié
WO2016116999A1 (fr) * 2015-01-19 2016-07-28 三菱電機株式会社 Dispositif de transmission de paquet, dispositif de réception de paquet, programme de transmission de paquet et programme de réception de paquet

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009025657A (ja) * 2007-07-20 2009-02-05 Kyocera Corp 送信装置および受信方法、並びに受信装置
WO2015015702A1 (fr) * 2013-08-02 2015-02-05 日本電気株式会社 Dispositif, procédé et programme de chiffrement authentifié
WO2016116999A1 (fr) * 2015-01-19 2016-07-28 三菱電機株式会社 Dispositif de transmission de paquet, dispositif de réception de paquet, programme de transmission de paquet et programme de réception de paquet

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
DWORKIN, M.: "Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC", NIST SPECIAL PUBLICATION 800-38D, November 2007 (2007-11-01), XP055537161, Retrieved from the Internet <URL:https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf> [retrieved on 20180329] *
MURAKAMI, YUMIKO ET AL.: "A Message authentication scheme with variable-length MAC", IEICE TECHNICAL REPORT, vol. 114, no. 489, 24 February 2015 (2015-02-24), pages 205 - 210 *

Similar Documents

Publication Publication Date Title
US9537657B1 (en) Multipart authenticated encryption
US20170063853A1 (en) Data cipher and decipher based on device and data authentication
US8908859B2 (en) Cryptographic apparatus and memory system
JP5855696B2 (ja) 完全性検証を含むブロック暗号化方法およびブロック復号化方法
US20110311048A1 (en) Cryptographic operation apparatus, storage apparatus, and cryptographic operation method
CN115941304B (zh) 数据的加密方法、装置、终端设备和计算机可读存储介质
EP3451574A1 (fr) Dispositif de réception de données, système de transmission de données et dispositif de génération de clés
US11516024B2 (en) Semiconductor device, update data-providing method, update data-receiving method, and program
US20230139104A1 (en) Authenticated encryption apparatus, authenticated decryption apparatus, authenticated encryption system, method, and computer readable medium
US20150012968A1 (en) Information processing system
US10547447B2 (en) Collaborative computation of HMAC
WO2019043921A1 (fr) Dispositif de chiffrement, dispositif de déchiffrement, procédé de chiffrement, procédé de déchiffrement, programme de chiffrement et programme de déchiffrement
US10771266B2 (en) Method for configuring a transponder, transponder and base station
US8995666B2 (en) Key scheduling device and key scheduling method
US20150058639A1 (en) Encryption processing device and storage device
JP6273226B2 (ja) 暗号化システム、認証システム、暗号化装置、復号装置、認証子生成装置、検証装置、暗号化方法、認証方法
US12282558B2 (en) Secure booting apparatus and operating method thereof
WO2019142306A1 (fr) Dispositif à semi-conducteur, procédé de fourniture de données, procédé de décodage de données et programme
US20150249467A1 (en) Storage device, controller, and data writing method
JP2022513496A (ja) 演算装置および演算装置の作動方法
US12328397B2 (en) Memory processing apparatus, memory verification apparatus, memory updating apparatus, memory protection system, method, and computer readable medium
KR101974345B1 (ko) 전자 서명을 통한 차량 간 보안 통신을 지원하는 커넥티드 차량용 데이터 통신 장치 및 그 동작 방법
JP6436794B2 (ja) 情報処理装置、その制御方法及びプログラム
US20200228310A1 (en) Circuit concealing apparatus, calculation apparatus, and program
JP2025012826A (ja) 半導体装置、半導体装置の制御方法及び半導体装置の制御プログラム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18900757

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18900757

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP