1. Field of the Invention
The present invention relates to a nonvolatile memory such as a flash memory, and, more particularly, to a nonvolatile memory which inhibits illegitimate reading of information from a predetermined area.
2. Description of the Related Art
Because of its capability to retain information even after powered off, nonvolatile memories, such as a flash memory, are widely used in portable telephones, portable information terminals, IC cards and so forth. This capability is used to record programs, predetermined data and parameters for achieving, for example, predetermined functions.
Information such as those programs and data itself has a property value so that its illegitimate readout and copy are undesirable. One way of preventing such illegitimate readout and copy, which has been proposed, is to provide a password area for recording a password in a nonvolatile memory and permits access to the main memory only when an externally given password matches with the recorded password.
FIG. 1 is a diagram showing how a conventional flash memory is used. A conventional flash memory 1 having an illegitimate-copy preventing capability has a password area 2 in addition to a main memory area 3. This password area 2 has, for example, a password PWA recorded therein and is write-protected in such a way that it is externally readable but unrewritable. That is, the password cannot be altered. A portable telephone 5 in which the flash memory 1 is installed allows an incorporated CPU 4 to read information from the password area 2 in the flash memory 1 and to gain access to the main memory area 3 in the flash memory 1 only when the read information coincides with the password PWA held in the CPU 4.
With the provision of this password area 2, even if a program A in the main memory area 3 is illegitimately copied into another flash memory 6, for example, the unauthentically copied program A cannot be read and used unless the password PWA is also copied into a password area 7 in the latter flash memory 6.
The following is the most typical example of the above case. Legitimate portable telephones 5 are available at a relatively low cost in country A, but the country code of country A is recorded in the program A, thus disabling their usage outside country A. By contrast, portable telephones are relatively expensive in country B, so that it is advantageous for users in country B if the portable telephones 5 obtained in country A can be used. In this case, one may attempt to replace the flash memory 1 in the authentic portable telephone 5 acquired in country A with another flash memory 6, illegitimately copy the program A in the latter flash memory 6 and rewrite the country code of country A in the flash memory with the country code of country B for unauthorized use. In other words, an unauthentic portable telephone 10 comes equipped with the flash memory 6 having the illegitimately copied program.
But, the program A cannot be read out and used unless the password PWA is acquired and is written in the password area 7 in the replaced flash memory 6. Because the address of the password area 2 in the authentic flash memory 1 is normally secret, it is generally difficult to access the password area 2 to acquire the password PWA.
While the password area 2 is write-protected and information there cannot be altered, it is not possible to inhibit read the information for password-based authentication. If one who wants to illegitimately copy the password attempts to read information from the password area a number of times while changing the address combination, he may be able to read the password PWA. After acquisition of the password PWA, this person can illegitimately copy the information (program A) in the free-accessible main memory area and use the unauthentic program A by copying the acquired password PWA in the password area 7.
The above is applied not only a program but also any information which should be subject to some kind of copyright protection. If password-based copy protection is applied to such information, therefore, once the password is acquired, nothing can stop the use of illegitimately copied information.