In recent years, a vehicle control device has been generalized to be a device which performs various controls with respect to a vehicle such as the start control of an engine, an opening-and-closing control of a lock, or the like, based on a verification result by comparing an ID code (i.e., an identification code) stored in a key (e.g., an ignition key) which is carried by a user with an ID code registered in the vehicle for a purpose of antitheft of the vehicle or improved convenience for the user. The vehicle control device has a random number generation device which generates random numbers for encoding the ID code in the key and the ID code in the vehicle in order to verify the ID codes while preventing the ID code stored in the key from leaking.
Japanese Patent (Granted) Publication No. 3496547 discloses an example of a random number generation device in which the last generated random number is temporarily stored in a backup RAM (i.e., Random Access Memory) and then a new random number is generated by utilizing the stored random number. In order to prevent deleting the past random numbers, the random number generation device stores the random number at a point when an operation frequency reaches a prescribed value in a nonvolatile memory such as an EEPROM (i.e., Electronically Erasable and Programmable Read Only Memory) or the like. If the backup memory is anomalous, the random number generation device generates a present random number based on the last random number stored in the nonvolatile memory.
There is a concern that security performance has deteriorated since systems of random number generation have become easy to analyze in a case in which electricity supplied from a battery stops (i.e., a battery cancellation is conducted) by detaching the battery or the like. For example, in Japanese Patent (Granted) Publication No. 3496547, a new random number is generated using a random number stored in a nonvolatile memory when there is a battery cancellation. However, if repeating the battery cancellations at intervals in which the random numbers stored in the nonvolatile memory are renewed, it is believed that the generation order of random numbers can be analyzed theoretically. Practically, it is extremely difficult to analyze the generation order of random numbers, and the probability of leakage of the ID codes is extremely slight. However, it is important to increase security performance.
In addition, the nonvolatile memory such as an EEPROM has a problem of being limited in rewritable frequency. In the above-mentioned Japanese Patent (Granted) Publication No. 3496547, rewriting of the nonvolatile memory is reduced by rewliting the nonvolatile memory only when operation frequencies reach a prescribed number. However, the numbers of years of vehicles after sale vary. Therefore, there is a possibility in that the nonvolatile memory is rewritten more frequently times than planned if the vehicle is used for long years. Assuming that failures occur in the backup memory in addition to a case in which the nonvolatile memory cannot be rewritten, it is possible to generate the same random numbers repeatedly, resulting in a deterioration of security performance. As described above, the conventional countermeasure is not enough to prevent deterioration of the security performance. Therefore, it is necessary to take enough countermeasures.