It is often the case that a processor is used for equipments such as a computer and a portable information terminal unit, because operations thereof can be controlled by programs, and various functions can be easily installed. In recent years, importance in security relating to the programs executed on the equipment has been increased as these equipments become widely used.
A large capacity memory to which execution codes of instructions and data are stored is mounted as another chip from the processor in many systems using the processor. It is not preferable that the memory storing data and so on is mounted at outside of the processor with another chip from points of views of leakage of information and analysis action. It is conceivable to encrypt a memory interface, but it involves significant increase of memory access time.
Generally, an action in which the data and so on are encrypted, and they are executed and so on after they are decrypted on a memory by a process of software is taken to solve the problems as stated above. However, the decrypted data exist on the memory even if it is for a short period of time in this method.
There is a case when a secure processor is used in which it is made impossible to directly read the data by encrypting the data treated at outside of the processor, and performing access protection as for inside of the processor, relating to the security problem. For example, the execution codes of the instructions, the data, and so on are encrypted and stored at an external main storage, secondary storage, or the like, and the process is executed by decrypting the encrypted execution codes and storing them at a cache memory inside the processor when the processor executes the instructions. The present applicants have already proposed the secure processor as stated above (refer to Patent Document 1).
Besides, a technology in which a memory field storing information indicating an encryption key used for the encryption of data stored at a data area is included, and the data at the corresponding data area encrypted and decrypted by the indicated encryption key, in a memory entry of the cache memory is proposed (for example, refer to Patent Document 2).
[Patent Document 1] Japanese Laid-open Patent Publication No. 2006-18528
[Patent Document 2] Japanese National Publication of International Patent Application No. 2005-512192
For example, according to the technology described in Patent Document 1, security in process increases because the data and so on are encrypted at outside of the processor, and the execution of the instruction and so on is possible regardless of whether the data is encrypted or not when it is seen from the processor side. However, the processing time increases because the execution codes of the instructions and the data are acquired from the external memory, and the instructions are executed while decrypting them. Besides, a circuit scale becomes very large resulting from an addition and so on of an encryption processing circuit to encrypt and decrypt the data and so on.