(1) Field of the Invention
The present invention relates to a confidential information processing device, a confidential information processing apparatus, and a confidential information processing method, and particularly to a confidential information processing device which performs multiple cryptographic computation for different target data included in a data stream.
(2) Description of the Related Art
In apparatuses such as a digital television, a DVD recorder and a mobile phone, operations for secret-key cryptography or hashing operation (hereinafter simply referred to as “cryptographic computation”, and “cryptographic computation refers to at least either decoding of encrypted data or encrypting plain text data) is performed for a received data stream or a data stream to be transmitted (hereinafter simply referred to as “stream”) in order to enhance security. More specifically, apparatuses such as a digital television, a DVD recorder, and a mobile phone include a confidential information processing device which performs cryptographic computation for a stream.
The cryptographic computation performed by the confidential information processing device are classified into the cases where the cryptographic computation for the whole stream is performed using the same algorithm, where a cryptographic computation is performed for a predetermined area of data included in the stream, and where multiple cryptographic computations are performed for different areas of data included in the stream. For example, the confidential information processing device first performs secret key cryptographic computation for the first area of the data included in a stream, and performs a hash computation for the second area of the data included in the stream. More specifically, the confidential information processing device may perform multiple cryptographic computations of which computation methods are non-unique.
Note that, a data area, the number of cryptographic computation, and the cryptographic algorithm used for cryptographic computation is specified by IPSec (Security Architecture for Internet Protocol) or Digital broadcast standard and the like.
For example, a confidential information processing device which performs multiple cryptographic computations using non-unique computation methods is disclosed in Japanese Unexamined Patent Application Publication No. 2006-41684.
The conventional confidential information processing device disclosed in Japanese Unexamined Patent Application Publication No. 2006-41684 is capable of performing authentication and encryption in parallel for one stream.
However, in the conventional confidential information processing device disclosed in Japanese Unexamined Patent Application Publication No. 2006-41684, when the computation methods are non-unique for the entire stream, it is necessary to perform a cryptographic computation for the whole stream by dividing the stream into multiple data columns and transferring each of the data columns using DMA (Direct Memory Access).
Furthermore, various settings can be assumed as an example of multiple cryptographic computations with non-unique computation methods for a stream, such as a case where a key is used for decryption and another key is used for encryption thereafter. In such a case, in the conventional confidential information processing device according to Japanese Unexamined Patent Application Publication No. 2006-41684, input and output of the stream have to be performed more than twice, for example, decrypting for the first time and encrypting for the second time. Thus, the conventional confidential information processing device has a problem that the complex control by software is required.
In view of the problem, it is an object of the present invention to provide a confidential information processing device, a confidential information processing apparatus, a confidential information processing method which can easily perform multiple cryptographic computation using non-unique computation methods.