1. Technical Field of the Invention
The present invention relates generally to data security, and more particularly to a memory unit, such as a memory card, which is removably attachable to a data processing unit and which includes a data security means.
2. Description of the Related Art
In conventional non-volatile memory such as EEPROM (Electrically Erasable Programmable ROM), two transistors are employed to store one bit of information. As a result, the memory area per bit is large, which limits the ability to raise the integration of the memory. On the other hand, this problem has been eliminated in a recently-developed flash memory in which one bit is stored using a single transistor according to the xe2x80x9call-bit-simultaneous-erasexe2x80x9d method. In the not so distant future, it is expected that flash memories will replace conventional record mediums such as magnetic and optical discs in many applications.
Flash memory-based memory cards or xe2x80x9cmemory sticks(trademark)xe2x80x9d that are removably attachable to a card reading/recording unit are also known. With the advent of this type of memory card, digital audio recording/reproducing units have been developed which use the memory card instead of a conventional disc shaped medium such as a CD (Compact Disc) or a mini-disc.
An audio recorder that uses a memory card as a record medium typically employs a data compressing method which allows data to be restored in a relatively high quality for recording/reproducing. Encryption techniques can be implemented to protect the copyright of music titles recorded and reproduced with this audio recorder. As an example, the audio recorder can be designed to determine, via an encryption technique, whether a memory card is invalid and thus prohibited from being used with the recorder. In other words, a valid recorder and a valid memory card in combination allow encrypted data to be decrypted. In addition to the copyright protection, encryption technologies may be used to protect the security of other information stored in the memory card.
Conventional memory cards do not have an encrypting function. Thus, when secret data is recorded to a memory card, the data is encrypted on the xe2x80x9csetxe2x80x9d side, i.e., in the device (xe2x80x9csetxe2x80x9d) that the card is inserted into and which sets up the data for recording The encrypted data is then transferred to the memory card for storage. If a decryption key is also stored in the memory card, the data security of the card is compromised. On the other hand, when a decryption key is stored in a particular set, data originally encrypted by that set and recorded on a memory card cannot be decrypted by sets other than that particular set. Thus, the compatibility of memory cards cannot be maintained. To solve this problem, a system has been proposed in which a set and a memory card each have an encrypting function, thus enabling the set and memory card to be mutually authenticated. The memory card in this case can be considered a xe2x80x9csmart cardxe2x80x9d having processing circuitry to carry out the data encryption. With this approach, both the security and compatibility of cards can be maintained.
A security unit having the above authenticating and encrypting functions may encrypt according to the Data Encryption Standard (DES). The DES is a block encrypting system in which text is block-segmented and each block segment is encrypted. With DES, input data of 64 bits is encrypted with a key of 64 bits (in reality, a key of 56 bits and a parity of 8 bits) and encrypted data of 64 bits is output. The DES has four use modes, one of which is a Cipher Block Chaining (CBC) mode. The CBC mode is a feedback type mode in which text of 64 bits and the preceding encrypted data (of 64 bits) are XORed and the result is input to the DES unit. In the initial state, since there is no encrypted data, an initialization vector is used. In addition, as data is being exchanged between the set and the memory card, random numbers may be generated and added to the data.
There are many applications in which non-copyrighted data is recorded to a memory card and reproduced therefrom. Examples include the recording of conversational speech (which is typically compressed with a high compression ratio prior to storing the same), image data from an electronic still camera or a video camera, and so forth. In these cases it is unnecessary to provide a means for protecting the copyright of the data. Generally, a security type memory card having an encrypting function is more costly than a non-security type memory card (namely, a conventional memory card). Thus, security type memory cards (and associated sets) are used in applications that require it, while non-security type cards and sets may be used for other applications to reduce cost. Prior art security type sets are usable only with security type memory cards, whereas non-security type sets are usable only with non-security type memory cards.
The present invention recognizes that from a view point of compatibility, it would be desirable in some applications for a security type memory card to be usable with a non-security type set, e.g., a conventional set. In these applications, such as recording image data from a portable video recorder, the encrypting function of the memory card would not be used.
Therefore, an object of the present invention is to provide a security-type memory unit that can be used with both security-type and non-security type data processing units (sets).
It is another object of the invention to provide a data processing unit compatible with a memory card, which transmits different types of control data to the memory card to carry out respective functions.
In one aspect of the invention, there is provided a memory unit removably attachable to a data processing unit such as a digital video recorder or an audio recording/reproducing unit. The memory unit includes a non-volatile memory, a security unit for protecting the security of data stored in the non-volatile memory, and an interface that receives control data from the data processing unit. The control data is either first control data for a read or write operation with respect to the non-volatile memory, or second control data (different from the first control data) for a security operation of the security unit.
Thus, the memory unit is capable of being used with either a security-type or a non-security type data processing unit (xe2x80x9csetxe2x80x9d). A non-security type set only transmits first control data, which is used to store and/or retrieve data (which is non-encrypted) to/from the memory unit. The security type set protects the security of data stored within the non-volatile memory by transmitting both first and second control data to the memory unit. Accordingly, the non-security type data processing unit can operate with both security-type and non-security type memory cards. Consequently, the compatibility of a security type memory unit can be improved.
In another aspect of the invention, there is provided a data processing unit for recording data to a memory unit removably attached thereto, where the memory unit has a non-volatile memory and a security unit. The data processing unit includes an interface for communicating with the memory unit, and a security block for protecting the security of data stored in the non-volatile memory in association with the security unit of the memory unit. The data processing unit transmits through the interface first control data for a reading or writing operation with respect to the non-volatile memory and second control data, which is different from the first control data, for a security operation.