1. Field of the Invention
The present invention relates to a tamper resistant microprocessor which is capable of protecting secrets of program execution codes and processing target data and preventing illegal alteration by having an encryption processing function that can use a plurality of encryption keys in correspondence to programs under a multi-task program execution environment, in a multi-processor configuration which has a plurality of instruction processing functions on an identical package.
2. Description of the Related Art
The tamper resistant processor is a processor which has a mechanism for ensuring security of secrets of programs with respect to programs of multi-vendors, in a multi-task computer system (see Japanese Patent Application Laid Open No. 2001-318787, for example).
Also, the cache write back method in which the encryption key is selected independently from the currently executed execution control unit (ECU ID) is disclosed in detail by the present inventor and the others (see Japanese Patent Application Laid Open No. 2003-108442, for example).
On the other hand, in the case of using a common hardware for the encryption/decryption processing, there is a need to produce an encryption work key and a decryption work key from a key according to the specification additionally (see Japanese Patent Application Laid Open No. 2000-66586, for example). For instance, in the case of the AES cryptosystem according to the Advanced Encryption Standard (AES), the encryption work key is defined as a key according to the specification, and there is a need to obtain the decryption work key by an expansion operation on the encryption work key (see the home page of the computer security resource center of NIST (National Institute of Standards and Technology at http://csrc.nist.gov/).
When the system has a single processor (uni-processor), the security of the data on a cache can be guaranteed by the cache control scheme of the above described prior art. Also, there is a proposition of the control scheme for guaranteeing the consistency of the cache as well as the security even in the case of multi-processors in an independent package.
The multi-processor configuration includes an on-chip multi-core type configuration which has a plurality of processor cores in an identical package, but no on-chip multi-core type configuration has been known conventionally for the tamper resistant processor having the encryption function.
In realizing the tamper resistant processor, the major difference between the independent package type multi-processor configuration and the on-chip multi-core type multi-processor configuration is whether the bus for connecting between processors is provided at external of the processor package or internal of the processor package. In the case where the bus is provided at internal of the processor package, the reading information that flows through the package internal bus is impossible for the general users who do not have an LSI analyzing equipment.