The present invention generally relates to nonvolatile semiconductor memory devices including security protection mechanisms and capable of electrically rewriting data, and methods for providing security for the devices.
In recent years, nonvolatile semiconductor memory devices typified by flash memories have been used in various fields since they are not only capable of electrically rewriting data but also capable of retaining data even if the devices are turned off. For example, nonvolatile semiconductor memory devices are used as memory devices for storing data in systems such as cellular phones, digital cameras and silicon audio players. Nonvolatile semiconductor memory devices are also used as internal memory devices of microcomputers provided in, for example, IC cards.
Nonvolatile semiconductor memory devices store therein, for example, programs for allowing systems to operate in accordance with desired procedures, information concerning individual privacy, and information protected by copyright. If these programs or pieces of information can be illegally read out or freely rewritten by a third party, critical problems occur in terms of security for classified information. Therefore, nonvolatile semiconductor memory devices are generally equipped with security circuits for providing security.
FIG. 20 is a circuit diagram for showing the configuration of a conventional nonvolatile semiconductor memory device. As shown in FIG. 20, the conventional nonvolatile semiconductor memory device includes: a data input/output buffer 1000 for exchanging address and data with external equipment; a security circuit 1003 for carrying out a security function; and a memory cell array 1011 in which a large number of memory cells are arranged.
The data input/output buffer 1000 receives address and data from outside and transfers the address and data to internal address bus 1001 and internal data bus 1002, respectively. A data terminal DATA is a bi-directional bus. For example, during a read operation, data in the internal data bus 1002 is outputted to external equipment via the data terminal DATA; on the other hand, during a write operation, data from the external equipment is inputted to the internal data bus 1002 via the data terminal DATA.
The security circuit 1003 includes: a password storage circuit 1004; a comparator 1005 for comparing an output value 1006 from the password storage circuit 1004 with a value from the internal data bus 1002; and an operation restriction circuit 1008 for restricting access to the memory cell array 1011.
Between the memory cell array 1011 and the operation restriction circuit 1008, data is exchanged through address bus 1009 and data bus 1010.
FIG. 21 is a flow chart illustrating a method for providing security for the conventional nonvolatile semiconductor memory device.
First, in step S2000, the memory device is put into a security authentication mode, and inputs a password for deactivating the security function through the data terminal DATA. In this case, the password is outputted from the data input/output buffer 1000 to the internal data bus 1002 and is then inputted to the comparator 1005.
Next, in step S2001, the comparator 1005 makes a comparison between the value 1006 representing the password outputted from the password storage circuit 1004 and the value representing the password inputted to the internal data bus 1002, thereby determining whether or not these values are identical to each other.
If the answer in step S2001 is YES, i.e., if it is determined that the passwords are identical, a high-level signal 1007 is outputted (see FIG. 20). On the other hand, if the answer in step S2001 is NO, i.e., if it is determined that the passwords are not identical, a low-level signal 1007 is outputted. The high-level and low-level signals 1007 are inputted to the operation restriction circuit 1008.
When the high-level signal 1007 is outputted, the process goes to step S2002 in which the operation restriction circuit 1008 receives the high-level signal 1007 signifying that the passwords are identical, and permits the deactivation of the security function. Once the security function has been deactivated, the process goes to step S2003 in which the internal address bus 1001 and address bus 1009 are connected to each other and the internal data bus 1002 and data bus 1010 are connected to each other. As a result, access to the memory cell array 1011 is enabled.
To the contrary, if it is determined in step S2001 that the password inputted through the data terminal DATA and the password stored in the password storage circuit 1004 are not identical, the signal 1007 outputted from the comparator 1008 is a low-level signal, and therefore, the operation restriction circuit 1008 does not permit the deactivation of the security function. Accordingly, the internal address bus 1001 and address bus 1009 are disconnected from each other, and the internal data bus 1002 and data bus 1010 are also disconnected from each other, thus preventing access to the memory cell array 1011.
As described above, in the conventional nonvolatile semiconductor memory device provided with the security circuit 1003, only a person who knows in advance the password stored in the password storage circuit 1004 has access to the memory cell array 1011; thus, illegal access by a third party can be prevented.
However, the conventional nonvolatile semiconductor memory device including the above-mentioned security circuit and conventional method for providing security (method for deactivating a security function) for the device present the following problems.
First, as shown in FIG. 20, the conventional security circuit has to be additionally provided with: the password storage circuit; and the comparator for making a comparison between the password stored in the password storage circuit and the password inputted through the data terminal, thus increasing the circuit size of a memory chip. However, in accordance with the trend toward miniaturization of equipment, the nonvolatile semiconductor memory device also needs to be reduced in size since the increase in circuit size as mentioned above becomes a contributory factor to inhibiting the miniaturization of equipment. Further, as a conceivable measure to enhance the security function, the number of bits for password may be increased. However, if the number of bits is increased, the password storage circuit and the comparator further increase in size, thus making the above-described problem more conspicuous.
Secondly, in order to implement the security function in the nonvolatile semiconductor memory device, it is necessary to put the memory device into not only a conventional operational mode but also another operational mode, i.e., a security authentication mode in which the password stored in the password storage circuit is compared with the password inputted through the data terminal. To adopt another operational mode in this manner adversely increases the complexity and size of a control circuit.