1. Field of the Invention
The present invention relates to a recording method recording information in an IC card, a recorder using the recording method, and an IC card using the recording method, and particularly relates to the recording method, the recorder, and the IC card capable of preventing an execution of an illegal program transmitted from an external apparatus.
2. Description of Related Art
An IC card, on which a memory such as a ROM and RAM, and a CPU are loaded, can record a large amount of data compared to a magnetic card, and has a high safety. This contributes to further spreading of the IC card in the future. By making such an IC card communicate with an external apparatus (reader-writer) that performs recording/reading of information with or without making contact therewith, the external apparatus transmits to the IC card the information such as a command APDU (Application Protocol Data Unit) defined by a standard such as an ISO/IEC7816-4, executes a processing based on received information, and transmits its result to the external apparatus as a response.
However, important information including personal information is recorded in the memory loaded on the IC card. Therefore, there is a possibility that by applying an attack to the IC card, illegal reading of stored information, and an illegal action such as alteration are performed.
The illegal action to the IC card will be explained. The information transmitted from the external apparatus to the IC card as the APDU must be originally processed by the IC card. However, it is also possible for an attacker having a malicious intent to transmit not the information to be processed by the IC card but a command (program code) for the illegal action that can be executed by the CPU, as the information to be transmitted as the command APDU, from an external apparatus to the IC card. In the IC card that receives from the external apparatus the command APDU including the command for the illegal action, the received command is recorded in the memory loaded thereon as the RAM for a reception buffer. The CPU loaded on the IC card incorporates a program counter that shows an address of the command to be executed next, and the program counter is changed every time the command is executed. When the attacker performs an attack such as a particular noise irradiation to the IC card by operating the program counter, and the address on the memory used as the reception buffer is set in the program counter, the command recorded in the memory is executed by the CPU, and illegal reading of the information stored in the memory and the illegal action such as alteration are performed.
As a countermeasure to such an illegal action, Japanese Patent Laid Open No. 2000-222202 discloses a technique of preventing the illegal action by converting the command incorporated in the command APDU transmitted from the external apparatus into a non-executable state and recording it in the memory. When the command recorded in the memory is executed, by performing a reverse conversion, an original command is restored and executed.
As described above, a conventional IC card has a problem that the illegal action combining the command APDU and an external attack may be possibly performed.
Also, the technique disclosed in Japanese Patent Laid Open No. 2000-222202 has a problem that a processing load and a processing time associated with the conversion and the reverse conversion are increased. In addition, although the command APDU converted and recorded in the memory is not executed, there is a possibility that the illegal action is performed when the reverse-converted command APDU is executed.