1. Field of the Invention
The present invention relates to a composite system, method, and storage medium, and more particularly to facilitating transfer of data to be encrypted from a main system to a sub-system.
2. Description of the Related Art
Conventionally, a composite system that integrates a plurality of systems has been constructed. In such a composite system, a central processing unit (CPU) is included in each sub-system and controls the sub-system, and a CPU in a main system controls the whole system.
Since it is easy to attach and detach a sub-system in this kind of composite system, it is becoming an important issue to protect users' personal information stored in the composite system. Also, in this kind of composite system, illegal tampering and information leaks by software that pretends to be a sub-system are becoming an issue.
Also, a sub-board that includes hardware to process encryption to implement high-speed, energy-efficient cryptographic communication has been proposed. This technology adopted a configuration that did not include a cryptographic processing function in a main system and instead utilizes an encrypting function of a sub-system. Therefore, it was necessary that an encrypting process to check validity of firmware data (e.g., about 30 MB size) be executed on the sub-system. However, memory capacity in the sub-system has been minimized (to about a few hundred KB size) due to cost-cutting, memory in the sub-system could not store all the data.
A technology of a composite system that includes a main system and a sub-system to assure security from an attack that pretends to be the sub-system has been proposed (e.g., JP-2011-164810-A.) Another technology that implements writing firmware data to shorten communication time at the time of writing firmware data to a storage device via a controller as much as possible has also been proposed (e.g., JP-2000-148502-A.)
However, the system described in JP-2011-164810-A does not delegate a cryptographic process for big target data to other systems. Also, to speed up processing the system described in JP-2000-148502-A divides data at the time of writing firmware, and that is different from dividing at the time of checking validity before writing. Therefore, it is not possible to execute an encrypting process by using a sub-system that includes the encrypting function (common among models) such as checking the validity of firmware since the size of target data to be encrypted in the main system is bigger than the memory size of the sub-system in the systems described in JP-2011-164810-A and JP-2000-148502-A.
As described above, since encrypting processes depend on the size of the target data to be encrypted, the size of the memory in a sub-system, and data transfer capability between a main system and a sub-system, encryption cannot be done in case the size of target data to be encrypted in the main system is bigger than the memory size of the sub-system.