1. Field of the Invention
The present invention relates to a microprocessor for supporting a multi-task program execution environment and a data protection method for this microprocessor.
2. Description of the Related Art
There are demands for a microprocessor that has a protection function at a time of executing a program in a computer system. In the currently available processors, a protection function in the virtual memory management and a mechanism for access limitation with respect to peripheral input/output devices are considered indispensable in order to secure the safety of the computer system that provides the multi-task execution environment.
Moreover, in recent years, a group of programs that themselves should be protected are becoming an important protection target in view of the protection mechanism. For example, a program that is protected by the copyright is not permitted to be executed in a style that violates the copyright. There is also a program that handles data to be concealed from the third party. If the program that handles data to be concealed and its execution state have a possibility of being analyzed, the secrecy of data cannot be guaranteed, so that the strict protection will be required.
In order to execute these programs safely, there are systems for guaranteeing the safety cryptographically that have been proposed and realized in practice. One of them is the tamper resistant software (David Aucsmith et al.; “Tamper Resistant Software: An implementation”, Proceedings of the 1996 Intel Software Developer's Conference). This is a technique in which a part or a whole of the program is encrypted and then distributed and stored, and the program and data are decrypted and executed immediately before utilizing the program, and the program is re-encrypted after finishing the program if necessary.
However, the tamper resistant software technique only makes the analysis by the analyzing tools such as a reverse assembler and a debugger more complicated basically. As long as the program is executable by the processor, it is always possible to analyze the program execution process by the sequential analysis that follows the program execution from a start of the program. In other words, although it is safe in a process of distributing the program, it has been impossible to conceal the program and data from the third party who has means for accessing the computer system that executes the program once the program is executed.
There are also techniques for concealing the decrypted program from an external of the microprocessor by providing a built-in encryption/decryption processing function in the microporcessor, rather than carrying out the encryption/decryption by software, as disclosed in U.S. Pat. No. 4,847,902 (Hampson), U.S. Pat. No. 5,224,166 (hartman), U.S. Pat. No. 5,825,878 (Takahashi), and Japanese Patent Application Laid Open No. 11-282756 (1999).
What is characteristic to the scheme for providing the built-in encryption/decryption processing function in the microprocessor is that the microprocessor can maintain the secret data in a form that is physically concealed from an external. Namely, the secret data are maintained in such a form that the secret cannot be revealed even by the destructive inspection of the microprocessor. This can be utilized as follows. The secret key of the public key cryptosystem is provided as a built-in secret data in the microprocessor in advance. The program is encrypted by some encryption key (for which the secret key cryptosystem is used in general) by the program vendor, for example, and distributed to the microprocessor. At this point, the encryption key is further encrypted by the public key corresponding to the secret key of the microprocessor and attached to the program.
By this mechanism, it is possible to provide the program itself in a safe form, such that its execution process cannot be recovered by the analytic method such as the reverse assembling. Also, it is cryptographically difficult to alter the program into an intended form without knowing the encryption key of the program.
However, these microprocessors for executing encrypted programs have been associated with a serious problem. Namely, these microprocessors are usually used under the operating system (OS) for realizing the multi-task environment. In the multi-task environment, a plurality of programs are executed virtually simultaneously by the time division of the microprocessor using the operation called context switching. In the process of this context switching, the OS can read and write all the execution states of the microprocessor. Consequently, by analyzing the behavior of the OS or by altering the OS itself, it becomes possible to analyze all the execution states of the program even if it is supposed to be protected by the encryption.
The prior art provides a partial resolution of this problem. For example, Japanese Patent Application Laid Open No. 11-282756 (1999) discloses a technique for providing a secret memory in a processor in order to maintain the secret data of the application. In this example, a predetermined reference value is necessary in order to access data in the secret memory. However, there is no teaching regarding how to protect the reference value for obtaining the access right with respect to the secret data, especially from the operating system, when a plurality of programs are running on the same processor.
Also, Japanese Patent Application No. 2000-135010 discloses a technique for carrying out the context switching by hardware such that the contents of the register files at a time of the context switching are encrypted and temporarily saved in a memory, so as to conceal the execution states of the program from the operating system. In this way, it becomes cryptographically difficult to recover the secret data by analyzing the execution states of the processor that are saved in the memory, so that it becomes possible to guarantee the safety of the encrypted program. However, this technique is associated with the following problems.
The first problem is that the target of protection by the encryption is limited only to the register files. There can be cases where the microprocessor internally has many memories or a large capacity memory besides the register files, and in such cases it is expected that the processing load due to the context switching becomes heavier in proportion to the capacity. However, Japanese Patent Application No. 2000-135010 discloses absolutely no teaching regarding how to protect these internal memories and how to reduce the processing load due to the context switching.
For example, in the case where the microprocessor has a large capacity internal memory, the memory cannot be protected entirely by the prior art so that the leakage of the protected data is unavoidable. Also, if an attempt to protect it entirely is made, the performance degradation due to the encryption processing would be caused because of the large capacity, so that it would give rise to a severe limitation in practice.
As a known method for reducing the processing load due to the context switching in a processor having a large capacity cache memory, there is a method for including an identifier for identifying a process that owns the cached data into a tag to be used in judging hit/miss at an associative memory unit of the cache (this method will be referred to as a process tag scheme hereafter).
However, it is difficult to apply this method straightforwardly, because the process is a concept used by the operating system in order to treat the processor virtually and it is difficult for the processor itself to handle the identifier for identifying the process. Also, even if the processor is provided with a mechanism for protecting access to data by using an identifier for identifying the process, as long as the process identifier is under the management of the operating system, nothing can be done against the leakage of the secret by the alteration of the operating system.
The second problem is that the context switching is fixedly done by hardware and all registers are to be saved or recovered so that there is a lack of flexibility. For example, in the case of the frequently occurring exception processing, it is preferable to realize the optimization to save or recover only a part of the register files but a technique disclosed in Japanese Patent Application No. 2000-135010 saves or recovers all the contents of the register files collectively.