There is known a product having a program protecting function which disables a port for program-writing and debugging of a microcomputer on-chip memory after writing a program in order to prevent the know-how of written software from being leaked and prevent a third person from carrying out unauthorized modification in a one-chip microcomputer for an embedded device.
Also, a product having key information and cryptography hardware in a chip is known as a CPU for a security device; however, such a product is generally expensive due to key management cost and small production quantity. Also, there is known a mechanism in which a memory dump and a debugging function are used by a developer in a development process so as to prevent confidential information from being fraudulently obtained.
In the case in which the product having the above described program protecting function is applied to a device having a secret key (individual key) for authentication, when the debug port is disabled after the secret key is written to a built-in memory of a chip together with software, the secret key thereafter is safe unless a special technique such as chip analysis is applied.
However, if the above described method is simply applied, it is not safe with respect to the threat of internal fraudulent persons since the secret key is handled in plain text in the manufacturing process thereof. In a low-price microcomputer, the method that simply encrypts write data cannot be applied since no secret key is provided in the first place not to mention the multilevel key management employed in a manufacturing process of an IC card. A method capable of safely carrying out secret key writing is required also for a system to which such a microcomputer is applied.