| 发明名称 |
SECURE PROCESSOR SYSTEM WITHOUT NEED FOR MANUFACTURER AND USER TO KNOW ENCRYPTION INFORMATION OF EACH OTHER |
| 摘要 |
A secure processor system capable of improving the security of processor processing by the addition of minimum modules without the need for a manufacturer and a user to know encryption information of each other has been disclosed. The secure processor system includes a secure processor having a CPU core that executes a instruction code, an encryption key hold part that holds a processor key, and an encryption processing part that encrypts or decrypts data input/output to/from the core with a processor key and a memory, and the encryption key hold part includes a hardware register that holds a hardwired encryption key, a write only register that stores an encryption key for instruction to be input and holds the stored encryption key for instruction so that it cannot be read, and the encryption key hold part outputs a hardware encryption key as a processor key at the time of activation and outputs a command encryption key as a processor key after a encryption key for instruction is written. |
| 申请公布号 |
US2015186679(A1) |
申请公布日期 |
2015.07.02 |
| 申请号 |
US201514621545 |
申请日期 |
2015.02.13 |
| 申请人 |
FUJITSU SEMICONDUCTOR LIMITED |
发明人 |
GOTO Seiji;KOYAMA Hidenori;KAMADA Jun;MUKAI Shinya;NAKAHARA Makoto;TAMIYA Taiji;NISHIKATA Makoto;NOGUCHI Arata;TSURUOKA Chiduka |
| 分类号 |
G06F21/71 |
主分类号 |
G06F21/71 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of controlling a secure processor system including:
a secure processor having a core that executes instruction codes, an encryption key hold part that holds a plurality of encryption keys, an encryption processing part that encrypts or decrypts data input/output to/from the core with one of the plurality of encryption keys, and a setting information secret key storage part that stores a setting information secret key, wherein the encryption key hold part has a read only register that holds a hardwired encryption key that is unable to write and read from outside of the secure processor and a writable register that holds a command encryption key that is unable to read from outside of the secure processor, and wherein the encryption key hold part outputs the hardwired encryption key to the encryption processing part when the processor is activated, and after a command encryption key is written to the writable register, outputs the command encryption key to the encryption processing part; and a memory that stores data input/output to/from the core, the method comprising:
decrypting a key transformation program that stores the command encryption key stored in the memory and encrypted with the hardwired encryption key in the writable register in the encryption processing part at the time of activation;decrypting the command encryption key stored in the memory and encrypted with a setting information public key with the setting information secret key stored in the setting information secret key storage part and storing the command encryption key in the writable register; andsetting so that the encryption key hold part carries out encryption or decryption with the command encryption key. |
| 地址 |
Yokohama-shi JP |
