1. Field of the Invention
The present invention relates to a measure against deterioration of a flash memory, and in particular to a measure against deterioration of a flash memory for storing integrity check data used in preventing unauthorized use of content.
2. Description of the Related Art
In recent years, content distribution systems, in which content is transmitted from a server to a client and the client plays back the content, have come into use.
There are various ways to sell content for the systems, including performing control so that the content can be viewed only once, setting a limit on a number of times viewed, setting a limit on accumulated viewing time, billing according to viewing time, etc. (see non-patent document 1). When billing is performed according to the number of times the content is viewed, or the accumulated viewing time of the content etc., it is necessary for the client to manage information pertaining to the number of times the content is viewed, or the accumulated viewing time, etc. (hereinafter referred to as “playback information”).
In this case, there is a risk of a malicious user or an external attacker gaining unauthorized use of the content, in excess of the range of allowed use, by falsifying the playback information, or performing a save-restore attack by saving a prior state of the playback information and restoring the playback information of the previous state after the content has been viewed.
In view of this, conventionally, unauthorized use of the content is prevented by storing integrity check data pieces such as hash values, etc. for the playback information in a secure memory, and checking whether the playback information has been falsified. A flash memory, which is a non-volatile memory, is likely to be used as the secure memory for storing the integrity check data pieces. However, since the flash memory deteriorates as a result of rewriting, in the end, the flash memory will break down.
In particular, there are many cases in which the integrity check data pieces are frequently updated at intervals from every several seconds to every several minutes, and when using a flash memory as the memory for storing the integrity check data pieces, the extent of the deterioration of the flash memory increases in proportion to the frequency of rewriting.
Patent document 1 and patent document 2 disclose measures against the deterioration of the flash memory.
Patent document 1 discloses technology for performing control so that a number of times of writing data to a storage area of a flash memory is equal to or less than a number of times at which the flash memory can withstand deterioration. Specifically, as shown in FIG. 13(a), data and a number of times the data has been written are stored as a pair in the storage area, and a pointer indicating the storage area currently in use is stored in a first area of the flash memory. When the number of times the data has been written exceeds a predetermined threshold, as shown in FIG. 13(b), the pointer is updated so that a next storage area is used. As a result, control can be performed so that the number of times written to each of the storage areas is less than or equal to the threshold.
Also, patent document 2 discloses technology for determining a storage area to be used next based on use frequencies of the storage areas in the flash memory. According to this technology, it is possible to suppress the deterioration of the flash memory by averaging the use frequencies of the storage areas.
However, in patent document 1, the amount of throughput is increased, since to perform read processing of integrity check data stored in the flash memory, it is necessary to read both the pointer and the data, and reading the pointer and writing the data and the number of times the data has been written are necessary to perform writing processing. Furthermore, a flash memory normally performs writing with use of a block unit as a minimum writing unit, but in a case that the data and the number of times are written to separate blocks, deterioration due to writing both the data and the number of times increases proportionally. Also, in patent document 2, it is necessary to manage the use frequencies of the areas.
In this way, the measures against deterioration described in patent document 1 and patent document 2 have the problem that the amount of throughput of reading and writing data is increased.
Patent document 1: Japanese Patent Application Publication No. H08-314807
Patent document 2: Japanese Patent Application Publication No. H11-85629
Non-patent document 1: Marlin Use Cases Part 1, 2, Mar. 24, 2008
Non-patent document 2: “Gendai Angou” (Modern Cryptography) by Tatsuaki Okamoto and Hirosuke Yamamoto, Sangyou Tosho (1997)