1. Field of the Invention
The present invention relates to a semiconductor storage device in which fraudulent access and false access are surely prevented, a control device for the semiconductor storage device, and an electronic apparatus which uses the semiconductor storage device.
2. Description of the Related Art
Data stored in a semiconductor storage device may include data which should not be read out or rewritten by an unauthorized person, such as information associated with personal privacy, data protected by copyright, etc. Moreover, in a rewritable semiconductor storage device, such as an EEPROM, stored data may be falsely rewritten due to noises generated by an electronic apparatus or the semiconductor storage device itself, etc. For the purpose of protecting data stored in a memory from unexpected or undesirable access, some semiconductor storage devices and some control devices f or controlling semiconductor storage devices have security circuits incorporated therein.
Hereinafter, a semiconductor storage device having a conventional security function will be described with reference to FIGS. 13 and 14.
FIG. 13 is a block diagram showing a primary portion of a conventional semiconductor storage device 1150. The semiconductor storage device 1150 includes an interface circuit 1103 which communicates with outside, a memory 1109 having a memory space for storing data, and a security circuit 1106 interposed between the interface circuit 1103 and the memory 1109.
Now, a reading operation in the semiconductor storage device 1150 in which part of the memory space in the memory 1109 is deactivated by the security function is described.
The semiconductor storage device 1150 communicates with the outside through an input bus 1101 and a data input/output bus 1102 connected to the interface circuit 1103. Through the input bus 1101, an address for reading data stored in the memory 1109 and a control signal are supplied to the interface circuit 1103. The interface circuit 1103 analyzes a command input through the input bus 1101. When the command requests reading of data stored in the memory 1109, the interface circuit 1103 outputs through an address bus 1104 to the security circuit 1106 an address signal indicating an address in the memory 1109 from which data is to be read out.
The security circuit 1106 determines whether or not the address indicated by the address signal is included in an active memory space from which reading of data is permitted.
When the address indicated by the address signal is included in an active memory space from which reading of data is permitted, the security circuit 1106 supplies the address signal to the memory 1109 through an address bus 1107 according to the address data signal from the interface circuit 1103 and a security setting condition of the security circuit 1106. The memory 1109 reads out data stored in the address indicated by the address signal, and supplies the data to the security circuit 1106 through a data bus 1108. The security circuit 1106 supplies the data from the memory 1109 to the interface circuit 1103, and the interface circuit 1103 outputs the data to the outside through the input/output bus 1102.
In this way, the semiconductor storage device 1150 normally reads out data stored in the active memory space from which reading of data is permitted.
On the other hand, when an address indicated by the address signal from the interface circuit 1103 is included in an inactive memory space from which reading of data is prohibited, the security circuit 1106 makes any predetermined modification to the address signal, and supplies the modified address signal to the memory 1109 through the address bus 1107. Alternatively, the security circuit 1106 supplies an address indicated by the address signal from the interface circuit 1103 to the memory 1109, and receives data in the address from the memory 1109. Then, the security circuit 1106 makes any predetermined modification to the received data so that the received data is fixed as predetermined data, for example. Alternatively still, both of these modifications are made. By these modifications, the semiconductor storage device 1150 prevents normal reading of data stored in the inactive memory space from which reading of data is prohibited.
As described above, for the purpose of preventing data from being read out when the semiconductor storage device 1150 receives an address signal which commands the semiconductor storage device 1150 to read out data stored in an address in an inactive memory space from which reading of data is prohibited, data to be output is fixed to a predetermined value, for example. There are some other structures therefor where: the security circuit 1106 does not output the address signal to the memory 1109 (Japanese Laid-Open Publication No. 59-152599); the address signal supplied to the memory 1109 is disturbed (Japanese Laid-Open Publication No. 53-225839); data read out from the memory 1109 is disturbed and the disturbed data is output to the interface circuit 1103 through the data bus 1105 (Japanese Laid-Open Publication No. 6-250929).
According to these conventional techniques, any predetermined modification is made to an address signal or a signal transmitted through a data bus, whereby data stored in a memory space of a memory from which reading of data is prohibited is prevented from being normally read out from the memory.
In the example described hereinabove, reading of data is restricted by deactivating the memory space. However, deactivation of the memory space described in the present specification can be employed not only for restricting a reading operation but also for restricting a rewriting operation, restricting a special function allocated to a predetermined address, and restricting some of these operations and functions simultaneously. In either case, restriction is achieved, as in the case of restricting reading of data, by making any predetermined modification to a control signal on an address bus, by making any predetermined modification to data on a data bus, or by making any predetermined modification to other control signals. With such a modification, an active memory space and an inactive memory space are operated in a different manner, i.e., normal operation is performed for an active memory space, and normal operation is hindered for an inactive memory space.
Now, another example of a security function is described with reference to FIG. 14. FIG. 14 shows a conventional semiconductor storage device 1250 including an interface circuit 1203, a security circuit 1206, and a memory 1209. In this semiconductor storage device 1250, a security function is activated at power-on, by inputting a reset signal, etc., and deactivated by inputting a predetermined password inherently given to the semiconductor storage device 1250.
The security circuit 1206 shown in FIG. 14 includes a security control circuit 1210, an operation restriction circuit 1212 for restricting a security function by an output of the security control circuit 1210. The security control circuit 1210 includes a password storage circuit 1213 and a comparator circuit 1215 for comparing a password supplied from the interface circuit 1203 to the security circuit 1206 with a password stored in the password storage circuit 1213.
When an externally provided address signal commands the semiconductor storage device 1250 to read out data stored in the memory 1209, the same operation as in the semiconductor storage device 1150 is performed. That is, when the address signal indicates an address within a memory space from which reading of data is prohibited, the operation restriction circuit 1212 in the security circuit 1206 makes any predetermined modification to the address signal received from the interface circuit 1203 through an address bus 1204, and the modified address signal is output to the memory 1209 through an address bus 1207. Alternatively, the operation restriction circuit 1212 in the security circuit 1206 makes any predetermined modification to data read out from the memory 1209, and the modified data is output to the interface circuit 1203 through a data bus 1205. Alternatively still, both of these modifications (the modification to the address signal and the modification to the read out data) are made by the security circuit 1206. In the case where the address indicated by the address signal is within a memory space from which reading of data is permitted, these modifications are not made, i.e., the security function is not activated.
When the operation restriction circuit 1212 in the security circuit 1206 receives from the comparator circuit 1215 through a data bus 1211 a match signal indicating a match between a password from the interface circuit 1203 and a password from the password storage circuit 1213, the operation restriction circuit 1212 cancels the above modifications.
After the interface circuit 1203 receives a password input command from outside the semiconductor storage device 1250 through an input bus 1201 or an input/output bus 1202, the interface circuit 1203 receives a password from outside through the input/output bus 1202. The interface circuit 1203 outputs the received password to the comparator circuit 1215 through the data bus 1205. The comparator circuit 1215 compares the password from the interface circuit 1203 (i.e., originally from the outside) with the password which is stored in the password storage circuit 1213. When the passwords are matched, the comparator circuit 1215 generates and outputs a match signal to the operation restriction circuit 1212. In response to the match signal, the operation restriction circuit 1212 cancels the modification to the address signal and/or the modification to the data signal. As a result, the security function is deactivated, and therefore, it is possible to normally read out data within a memory space from which reading of data was prohibited.
According to this conventional technique, in order to freely use the semiconductor storage device 1250, a person who wants to use the semiconductor storage device 1250 needs to know the password stored in the password storage circuit 1213 and how to input the password. As long as these are kept secret from unauthorized people, fraudulent reading of data by an unauthorized person can be prevented. Furthermore, at least a part of the functions of the semiconductor storage device 1250 are restricted until the device 1250 receives a correct password. Thus, the possibility of false rewriting, etc., decreases.
However, conventional security control methods require inputting a password inherent to a semiconductor device by stationary input means, such as a keyboard, etc., in order to control the security function. Therefore, through analyzing an input bus, the conditions for deactivating the security function may be revealed.
Furthermore, according to the conventional security control methods, when a security function for preventing fraudulent reading of data from a semiconductor storage device is deactivated by an unauthorized person, and all the data stored in a memory is read out, a counterfeit of such a semiconductor storage device may be easily produced. In such a case, in order to prevent use of data stored in the counterfeit product, it is necessary to provide an identification apparatus for identifying the counterfeit product.
According to one aspect of the present invention, a semiconductor storage device includes: a memory having a memory space, a plurality of addresses of the memory space each having data stored therein; and a security circuit for controlling a security function which activates or deactivates at least a part of the memory space according to whether, in the case where an address input to the security circuit matches at least one key-address included in the security circuit, data stored in the address in the memory space is manipulated under a condition equal to a predetermined condition or under a condition not equal to the predetermined condition.
In one embodiment of the present invention, a plurality of addresses are input to the security circuit, the security circuit including a plurality of key-addresses set in a predetermined order; and the predetermined condition is that the predetermined order of the key-addresses is equal to an order of manipulation for data stored in addresses among the plurality of addresses which match the key-addresses.
In another embodiment of the present invention, when data in an address among the plurality of addresses which does not match any of the key-addresses is manipulated, the security circuit does not determine whether or not an manipulation order for the address which does not match any of the key-addresses is consistent with a predetermined order of the key-addresses.
In still another embodiment of the present invention, when the order of manipulation for data stored in the plurality of addresses does not match the predetermined order of the key-addresses, the security circuit cancels a previously determined match between the predetermined order of the key-addresses and an order of the plurality of addresses.
In still another embodiment of the present invention, when the order of manipulation for data stored in the plurality of addresses matches the predetermined order of the key-addresses except that data in one of the addresses matched with any of the key-addresses is repetitively manipulated, the security circuit determines that these orders match each other.
In still another embodiment of the present invention, a match determination between the address and the key-address is performed only with respect to a portion of the address.
In still another embodiment of the present invention, some or all of the key-addresses are rewritable.
In still another embodiment of the present invention, the at least one key-address is stored in the memory.
In still another embodiment of the present invention, the at least one key-address is stored in the memory; and the memory has a redundant memory structure including at least one address for storing the key-address.
In still another embodiment of the present invention, the at least one key-address is stored in the memory; and the memory has a redundant memory structure including at least one address for storing the key-address in which an address in the memory for storing data for the key-address can be used for storing data for an address in the memory which is different from the key-addresses.
In still another embodiment of the present invention, the predetermined condition is changed by satisfying the predetermined condition.
In still another embodiment of the present invention, addresses in the memory space to be activated/deactivated are changed by satisfying the predetermined condition.
In still another embodiment of the present invention, the security circuit includes a security state output section for outputting a signal indicating a state of a security function.
According to another aspect of the present invention, a control device for controlling a semiconductor storage device has a memory space, in which a security function of the semiconductor storage device is controlled such that at least a part of the memory space is activated/deactivated, wherein the security function of the semiconductor storage device is controlled according to whether, in the case where an address input from the control device matches at least one key-address stored in the semiconductor storage device, data stored in the address in the memory space of the semiconductor storage device is manipulated under a condition equal to a predetermined condition or under a condition not equal to the predetermined condition.
In one embodiment of the present invention, the control device inputs a plurality of addresses into the semiconductor storage device, the semiconductor storage device having a plurality of key-addresses set in a predetermined order; and the predetermined condition is that the predetermined order of the key-addresses is equal to an order of manipulation for data stored in addresses among the plurality of addresses which match the key-addresses.
In another embodiment of the present invention, when data in an address among the plurality of addresses which does not match any of the key-addresses is manipulated, the semiconductor storage device does not determine whether or not an manipulation order for the address which does not match any of the key-addresses is consistent with a predetermined order of the key-addresses.
In still another embodiment of the present invention, when the order of manipulation for data stored in the plurality of addresses does not match the predetermined order of the key-addresses, the semiconductor storage device cancels a previously determined match between the predetermined order of the key-addresses and an order of the plurality of addresses.
In still another embodiment of the present invention, when the order of manipulation for data stored in the plurality of addresses matches the predetermined order of the key-addresses except that data in one of the addresses matched with any of the key-addresses is repetitively manipulated, the semiconductor storage device determines that these orders match each other.
In still another embodiment of the present invention, a match determination between the address and the key-address is performed only with respect to part of the address.
In still another embodiment of the present invention, some or all of the key-addresses are rewritable.
In still another embodiment of the present invention, the predetermined condition is changed by satisfying the predetermined condition.
In still another embodiment of the present invention, addresses in the memory space to be activated/deactivated are changed by satisfying the predetermined condition.
According to still another aspect of the present invention, an electronic apparatus includes: a semiconductor storage device having a memory space; and a semiconductor storage device for controlling a security function which activates/deactivates at least a part of the memory space, wherein the control device reads a state of the security function of the semiconductor storage device after the security function of the semiconductor storage device has been controlled.
In one embodiment of the present invention, the semiconductor storage device outputs authentic data when data is output from an active memory space, and outputs dummy data which is different from the authentic data when data is output from an inactive memory space; and in response to the dummy data from the semiconductor storage device, the control device deactivates the security function of the semiconductor storage device.
In another embodiment of the present invention, the security function of the semiconductor storage device is deactivated by satisfying a plurality of conditions.
Thus, the invention described herein makes possible the advantages of (1) providing a semiconductor storage device having an excellent security function in which normal operation is utilized for controlling the security function, and in which it is difficult for an unauthorized person to analyze the security function so as to know a mechanism thereof, and (2) providing an electronic apparatus which utilizes a security function to identify whether a semiconductor storage device used with the electronic apparatus is an authentic product or a counterfeit product, and to perform different operations for the authentic product and the counterfeit product.