1. Technical Field of the Invention
The present invention relates generally to a security unit for use in a memory unit and/or a data processing unit to prevent unauthorized retrieval of data stored in the memory or data processing units.
2. Description of the Related Art
In conventional non-volatile memory such as EEPROM (Electrically Erasable Programmable ROM), two transistors are employed to store one bit of information. As a result, the memory area per bit is large, which limits the ability to raise the integration of the memory. On the other hand, this problem has been eliminated in a recently-developed flash memory in which one bit is stored using a single transistor according to the “all-bit-simultaneous-erase” method. In the not so distant future, it is expected that the flash memories will replace conventional record mediums such as magnetic and optical discs in many applications.
Flash memory-based memory cards or “memory sticks™” that are attachable to and detachable from a card reading/recording unit are also known. With the advent of this type of memory card, digital audio recording/reproducing units have been developed which use the memory card instead of a conventional disc shaped medium such as a CD (Compact Disc) or a mini-disc.
An audio recorder that uses a memory card as a record medium typically employs a data compressing method which allows data to be restored in a relatively high quality for recording/reproducing. Encryption techniques can be implemented to protect the copyright of music titles recorded and reproduced with this audio recorder. As an example, the audio recorder can be designed to determine, via an encryption technique, whether a memory card is invalid and thus prohibited from being used with the recorder. In other words, a valid recorder and a valid memory card in combination allow encrypted data to be decrypted. In addition to the copyright protection, encryption technologies may be used to protect the security of other information stored in the memory card.
Conventional memory cards do not have an encrypting function. Thus, when secret data is recorded to a memory card, the data is encrypted on the “set” side, i.e., in the device (“set”) that the card is inserted into and which sets up the data for recording The encrypted data is then transferred to the memory card for storage. If a decryption key is also stored in the memory card, the data security of the card is compromised. On the other hand, when a decryption key is stored in a particular set, data originally encrypted by that set and recorded on a memory card cannot be decrypted by sets other than that particular set. Thus, the compatibility of memory cards cannot be maintained. To solve this problem, a system has been proposed in which a set and a memory card each have an encrypting function, thus enabling the set and memory card to be mutually authenticated. The memory card in this case can be considered a “smart card” having processing circuitry to carry out the data encryption. With this approach, both the security and compatibility of cards can be maintained.
A security unit having the above authenticating and encrypting functions may encrypt according to the Data Encryption Standard (DES). The DES is a block encrypting system in which text is block-segmented and each block segment is encrypted. With DES, input data of 64 bits is encrypted with a key of 64 bits (in reality, a key of 56 bits and a parity of 8 bits) and encrypted data of 64 bits is output. The DES has four use modes, one of which is a Cipher Block Chaining (CBC) mode. The CBC mode is a feedback type mode in which text of 64 bits and the preceding encrypted data (of 64 bits) are XORed and the result is input to the DES unit. In the initial state, since there is no encrypted data, an initialization vector is used. In addition, as data is being exchanged between the set and the memory card, random numbers may be generated and added to the data.
When a memory card has an internal security unit, the set may send a command to the memory card and the memory card may respond by sending data back which includes an encryption key, so as to mutually authenticate the set and the card. The encrypting circuit of the memory card has a register, the content of which is forwarded to the set in response to the command issued by the set. Another register that stores an intermediate calculation result of the encrypting process may also be required. For example, in the case where there is only one encrypting circuit, when an encrypting process is to be performed a number of times, a register is provided for storing the intermediate calculation result of the encrypting process. This register is prohibited from being externally accessed. The intermediate calculation result may be used to decrypt the encrypted data.
Accordingly, a memory card with an internal security unit may be provided with two types of registers: an accessible register for storing data to be transferred to the set in response to a command requesting the same; and a non-accessible register for storing an intermediate calculation result of the encryption process. Consequently,with two registers, the circuit scale of the security unit becomes large. This hampers the ability to increase the integration of the security unit structured as an IC chip. When the encryption process is to be performed a number of times, in order to remove a register that temporarily stores data, it is necessary to employ a plurality of encryption circuits so as to obtain all final data (encrypted data) at about the same time. Thus, in this case, the circuit scale also increases.