The present invention is related to a semiconductor integrated circuit having a security function for data protection.
In recent years, there has been increasing demand for an IC card with a microcomputer and a nonvolatile memory mounted on a plastic card such as a credit card and a banking card which makes it possible to use electronic money or the like. FIG. 1 is a block diagram showing general configuration of a semiconductor integrated circuit based on a conventional technology in a form of an IC card or the like. The IC card generally has a magnetic stripe or an embossed area provided thereon so as to be shared as a generally used plastic card, hence size and thickness thereof are the same as those of the credit card or banking card.
Accordingly, in order to function as an IC card, a connecting terminal for performing input and output of data in and from a built-in CPU (Central Processing Unit) is located in an area other than the area where the magnetic stripe or the embossing is provided. Although this connecting terminal is standardized as eight external terminals in the ISO (International Standards Organization), two of the terminals are spare ones, and the remaining six terminals have defined functions.
In a semiconductor integrated circuit (IC card) 100 shown in FIG. 1, a connecting terminal C1 is an operation voltage supply terminal for a circuit in the card, and a connecting terminal C2 is a data-write voltage supply terminal for a memory. Connecting terminal C3 is a two-directional serial data input/output terminal, and connecting terminal C4 is an operating-clock supply terminal for a CPU 102. Connecting terminal C5 is a reset-signal supply terminal for the CPU 102, and a connecting terminal C6 is a ground terminal.
A communication interface 101 converts serial data inputted from the connecting terminal C3 to parallel data so that the converted data can be used in the CPU 102. At the manufacturing stage the IC card 100 generally stores an application program for making the card usable in a terminal for electronic money or the like (an application-provider terminal) in a ROM (Read Only Memory) 103, and the CPU 102 operates according to this application program.
The CPU 102 has a RAM (Random Access Memory) 104 for storing therein results of performing various operations on its running. Nonvolatile memory (e.g., EE-PROM, Flash memory etc.) 105 stores secret data such as information for preventing unauthorized use of the IC card, personal information of the card owner, or information depending on the application, which can be accessed from the CPU 102 through a control bus and an address bus. Input and output of data stored in the nonvolatile memory 105 in and from an external terminal (an application-provider terminal) are performed through a CPU data bus, the CPU 102 and communication interface 101. In FIG. 1, to simplify the description, three discreet IC chips mounted on the IC card are shown corresponding to the communication interface 101, CPU 102 and nonvolatile memory 105 respectively, but the communication interface 101, CPU 102 and the nonvolatile memory 105 may be integrated into one chip.
As described above, the secret data stored in the nonvolatile memory 105 is required to be protected from unauthorized access by any terminal other than the application-provider terminal. Therefore, in general, when the IC card 100 is to be used, namely when the IC card 100 is to communicate with the outside, mutual authentication is performed in the IC card 100 as well as the application-provider terminal based on an encryption algorithm such as DES (Data Encryption Standard).
This type of IC card 100 restricts one card to one function, namely to an operation according to a prespecified application program, which may have caused a number of cards to increase. In order to overcome this problem, there has been proposed a multi-application type of IC card with a plurality of application programs stored in a nonvolatile memory thereof to enable combination of various functions in one IC card.
The multi-application type of IC card is, more specifically, a card obtained by integrating functions of a banking card, a credit card, and of a prepaid card or others into a single card. Particularly, in the multi-application type of IC card, application programs can be registered therein not only during manufacture of the IC card but also when the card is issued.
Accordingly, stored in the ROM 103 is only a system program for performing basic operations such as controls for buses such as a control bus, an address bus and the CPU data bus, and controls for communications with the communication interface 101, and various types of application program are stored in the nonvolatile memory 105. When the IC card 100 is inserted in a terminal for using applications, the CPU 102 realizes a specified operation by directly executing a corresponding application program in the nonvolatile memory 105, or by reading a corresponding application program from the nonvolatile memory 105 in the RAM 104 and executing the read-in application program.
However, the multi-application type of IC card as described above is characterized in that various application programs can be registered therein for execution, but it is also possible, for example, to read an unauthorized program used for the purpose of illegally reading out or tampering with data used in other registered application programs into the IC card with an ill will to make the program execute.
Description is made hereinafter for an operation according to an unauthorized program. FIG. 2 is an explanatory view showing a program for controlling registers in the conventional type of semiconductor integrated circuit. This program comprises instructions for controlling registers in the system program stored in the ROM 103. As shown in FIG. 2, the CPU 102 generally has some registers for processing operations inside thereof, and performs data processing stored in the RAM 104 and nonvolatile memory 105 through these registers.
In Program 1 shown in FIG. 2, at first, a value xe2x80x9cxxxe2x80x9d is written to Acc (accumulator) as one of the registers according to a MOV instruction. Then, the value stored in Acc, namely xe2x80x9cxxxe2x80x9d is written to reg 1 (register) according to the same MOV instruction.
Although the program stored in the ROM 103 can not directly be tampered with as described above, however in the multi-application type of IC card an application program is read in the RAM 104 and the program can be executed on the RAM 104, therefore, there may be a case where the program on the ROM 103 as shown in FIG. 2 can easily be replicated onto the RAM 104.
FIG. 3 is an explanatory view showing an example of an unauthorized program which can be executed in the conventional type of semiconductor integrated circuit. This program is so configured that the program for controlling registers shown in FIG. 2 is replicated and an instruction for confirming data write is added to the replicated program. In Program 2 shown in FIG. 3, at first, a value xe2x80x9cyyxe2x80x9d is written to the Acc for the purpose of tampering with the program according to the MOV instruction in place of the value xe2x80x9cxxxe2x80x9d originally written thereinto.
The value stored in Acc, namely xe2x80x9cyyxe2x80x9d is written to the reg 1 according to the same MOV instruction. Then, the value stored in the reg 1 is read in again in the Acc according to the MOV instruction, and a result of tampering can be checked by referring to this Acc.
By the way, when the Program 2 is executed and if the reg 1 is write-protected in the system program in the ROM 103 or the application program registered in the nonvolatile memory 105, the instruction of Line (2) in the FIG. 3 is not accurately executed. FIG. 4 is an explanatory view showing an operation when an unauthorized program is executed in the conventional type of semiconductor integrated circuit, and shows an operation when the write-protected reg 1 (register) executes Program 2 shown in FIG. 3.
In Line (1) in FIG. 4, at first, the value xe2x80x9cyyxe2x80x9d is written to the Acc (Acc (yy)). Then, in Line (2), the instruction to write the value, namely xe2x80x9cyyxe2x80x9d stored in the Acc into register 1 is executed. However, the reg 1 is write-protected, and actually, the data in the reg 1 i.e. the value xe2x80x9cxxxe2x80x9d is unchanged.
In Line (3) following the above lines, the data stored in reg 1 is read in the Acc and a result of tampering is checked. The unauthorized person having executed the illegal program notices that the value xe2x80x9cyyxe2x80x9d has not been written to the reg 1 and comes to know that the reg 1 is write-protected.
The write-protected data is generally secret data, and the unauthorized person comes to know that the data in reg 1 is a secret data. After knowing this, the unauthorized person can obtain hints or develop ideas to create and sophisticate an unauthorized program for tampering with the secret data by finding the cause in a case where the program for the purpose of tampering does not work as intended, and this may increase the probability of more or bigger fraud.
The present invention has been made in the light of the circumstances as described above, and it is an object of the present invention to provide a semiconductor integrated circuit having a security function to prevent data from being tampered with as well as to make it difficult to get any hints to create and sophisticate an unauthorized program for tampering with data.
With this invention, only data in a prespecified security level can be outputted to a specified circuit for using the data, and data in security levels other than the level can be prevented from its being outputted to the specified circuit even if writing is executed to the data.
According to one feature of the present invention, by outputting data stored in a storage circuit correlated to a security level, it is possible to give the operator an impression that writing of data to a specified circuit had been performed.
According to one feature of the present invention, an operation stop signal is outputted when the counting of data-inconsistency reaches a prespecified number, which allows a function of stopping an operation to be realized.
According to one feature of the present invention, bits of data to be compared are changed for each storage circuit and only the changed bits are compared to each other, so that there is no need to compare all the bits, which allows data to be compared with higher speed.
According to one feature of the present invention, by storing the same data as that stored in the storage circuit correlated to a prespecified security level in a storage circuit other than the storage circuit, it is possible to give the operator an impression that data to be written actually used in a specified circuit has been written.
According to one feature of the present invention, only a portion of data to be written in a specified circuit is stored in a specified storage circuit of the register, so that it is possible to make the capacity of the storage circuit smaller and also perform the processing of writing/reading data in/from the register at a high speed.
According to one feature of the. present invention, a storage circuit is realized with a latch circuit, so that it is possible to perform writing/reading of data at a high speed.
According to one feature of the present invention, a storage circuit is realized with a RAM or a FRAM, so that a register can be downsized.