Field of the Invention
The present invention relates to an alteration presence/absence detection technique.
Description of the Related Art
Recent multi function peripherals (MFPs) have a network interface, and functions equivalent to those of a PC or server, such as a file server function and mail transmission/reception function. Under these circumstances, unauthorized use of a device by illegal hacking is regarded as a problem for the multi function peripherals, similarly to PCs and servers.
Many of embedded information processing apparatuses such as multi function peripherals assume the use of only firmware assumed upon shipping. A white list system is common, which allows the use of only correct firmware by saving in advance verification data of each file of usable firmware, and performing alteration verification for the firmware using the verification data to use the firmware. To confirm the uniqueness of the firmware, it is common practice to use, as verification data, a hash value generated using a hash function based on binary data of each file storing the firmware. The hash function is also called a unidirectional function. When a hash value is generated from a given value using the hash function, it is impossible to alter the original value without changing the hash value, and thus the hash value can be used for alteration verification of determining whether the firmware is correct. Alteration confirmation indicates an operation of calculating a hash value for the entire file when executing the firmware or opening the file, confirming whether the calculated hash value coincides with verification data for the file saved in a white list, determining, if the hash value does not coincide with the verification data, that alteration has been performed, and giving the user a warning or the like.
Since firmware is generally formed from a plurality of files, verification data, the number of which is equal to that of files, are saved. Software for performing alteration verification by the white list system is widely used, and some products such as Tripwire are available.
To prevent firmware from being altered, there is proposed a method of copying data of a disk to a RAM instead of a nonvolatile disk, and mounting the RAM as a disk (Japanese Patent Laid-Open No. 2004-206394).
Problems with the conventional white list system are as follows.
First, it is necessary to save verification data for each of an enormous number of software programs in a device. In this case, if the capacity of the nonvolatile memory of the device is limited, it becomes necessary to increase the capacity of the nonvolatile memory, thereby increasing the device cost.
Second, if alteration verification is performed for an enormous number of software programs, the overhead of loading of each file and hash calculation increases to put a heavy operation load on the device, thereby degrading the operation performance.