The present invention relates to a storage device having a semiconductor memory and a processor, such as an IC card, or the like, and specifically to a technique for improving the confidentiality of data stored in the semiconductor memory.
In recent years, the market of a storage device incorporating a microcomputer and a semiconductor storage, such as an IC card, or the like, has been rapidly increasing, and such a device has been applied to various uses.
Especially, a use of a storage device wherein an IC card, or the like, includes personal data or financial data has been more popular. In the case of such a use, the confidentiality of data stored in the storage device is a matter of concern.
On the other hand, in the course of production of an IC card, or in the case where a defect is found in an IC card already shipped to a market, a company that manufactures IC cards or performs IC card services is frequently required to read data from the IC card to analyze internal data.
Thus, it is required to prevent a fraudulent third person from reading data and, on the other hand, it is required to allow a developer of an IC card, for example, to read internal data in the course of development of the IC card.
There has been proposed a technique of achieving both protection of confidentiality and convenience of analysis wherein each IC card has its inherent number, and the inherent number is collated with a number input through a host apparatus to open/close a gate circuit (see, for example, Japanese Unexamined Patent Publication No. 6-139422).
Furthermore, there has been a known technique of encrypting data to be stored such that the data cannot be readily decrypted even if it is read out.
However, in the method of collating an inherent number, the IC card is vulnerable to a fraudulent access if the inherent number is revealed. Moreover, there is a possibility that confidentiality is breached by sequentially inputting a series of numbers. Further, there is a possibility that the IC card is dismantled and internal data is analyzed by touching a wire with a probe. In such a case, it is difficult to protect the confidentiality.
In the case where data is encrypted, high confidentiality protection is not necessarily obtained because the level of confidentiality is determined by the encryption strength.