WO2012124270A1 - 改ざん監視システム、管理装置、保護制御モジュール及び検知モジュール - Google Patents
改ざん監視システム、管理装置、保護制御モジュール及び検知モジュール Download PDFInfo
- Publication number
- WO2012124270A1 WO2012124270A1 PCT/JP2012/001399 JP2012001399W WO2012124270A1 WO 2012124270 A1 WO2012124270 A1 WO 2012124270A1 JP 2012001399 W JP2012001399 W JP 2012001399W WO 2012124270 A1 WO2012124270 A1 WO 2012124270A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- decryption
- key
- verification
- distributed
- control module
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2125—Just-in-time application of countermeasures, e.g., on-the-fly decryption, just-in-time obfuscation or de-obfuscation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/16—Obfuscation or hiding, e.g. involving white box
Definitions
- the present invention relates to a technique for monitoring falsification of a module or the like that operates inside a device such as an information processing apparatus.
- Patent Document 2 Patent Document 3
- the application program As a technique for protecting an application program by software, for example, falsification verification using a hash value for the application program, or when the application program is not used, the application program is encrypted and stored, and the encryption is performed only when the application program is used.
- a decryption load function for decrypting the application program and loading it into the memory.
- protection control module software that protects the application program itself is altered by an attacker, the application program will be attacked by the attacker. . Therefore, the detection of the falsification of the protection control module is performed using a detection module that detects falsification of the protection control module (Patent Document 2 and Patent Document 3).
- the detection module reads all data constituting the protection control module and calculates the MAC (Message Authentication Code) value to detect falsification of the protection control module.
- MAC Message Authentication Code
- the detection module that detects falsification of the protection control module has been falsified, there is a risk that the decryption key of the application program included in the protection control module may be illegally acquired by the falsified detection module. Then, the encrypted application program is decrypted using the illegally obtained decryption key, and the unauthorized application program is installed in the information processing apparatus. By this unauthorized application program, the user's personal information, content, etc. May leak.
- the present invention has been made in view of the above problems, and includes a falsification monitoring system, a management device, and a protection control module that can reduce the possibility that an application program decryption key is illegally acquired from the protection control module.
- An object of the present invention is to provide a detection module, an integrated circuit, a method, a computer program, and a recording medium storing the computer program.
- the present invention provides a tamper monitoring system including a protection control module that protects an application program, a plurality of detection modules that monitor tampering of the protection control module, and a management device.
- the management apparatus decomposes a decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and a plurality of the generated distributed keys, respectively, Output means for outputting to the detection module, each detection module acquires the distributed key and stores it internally, and the protection control module acquires the distributed key from each of the plurality of detection modules; A plurality of the obtained distributed keys to restore the decryption key, and the restoration means restores the decryption key.
- decoding means for decoding the application program encrypted after the decoding by said decoding means is completed, characterized in that it comprises an erasing means for erasing the decryption key.
- the protection control module always holds the decryption key only in the time zone for decrypting the encrypted application program without holding the decryption key. Since the data is erased, the possibility that the decryption key is illegally leaked from the protection control module can be reduced.
- FIG. 1 shows an overall configuration of a falsification monitoring system 10d as Embodiment 1 according to the present invention.
- the whole structure of the detection system 10 as Embodiment 2 which concerns on this invention is shown.
- 3 is a block diagram illustrating a configuration of a determination unit 210 of the management device 200.
- FIG. 3 is a block diagram illustrating a configuration of a software distribution unit 220 of the management apparatus 200.
- FIG. An example of the data structure of the verification base data 640 is shown. It is a conceptual diagram which shows the decoding process 650 comprised from the some 1st decoding partial process 651, the 2nd decoding partial process 652, and the 3rd decoding partial process 653.
- FIG. 12 is a conceptual diagram showing disassembly of an encryption / decryption key 631 and distribution to a detection module group 130.
- An example of the hardware configuration of the device 100 is shown.
- An example of the software hierarchical structure of the apparatus 100 is shown.
- 2 is a block diagram showing a configuration of a protection control module 120.
- FIG. It is a conceptual diagram showing collection of a distributed key from a detection module group 130 and restoration of an encryption / decryption key 631.
- An example of the data structure of the verification data 341 of a 1st decoding partial process is shown.
- An example of the data structure of the verification data 342 of a 2nd decoding partial process is shown.
- FIG. 3 is a block diagram illustrating a configuration of a detection module 131.
- FIG. 3 is a flowchart showing an overall operation in the detection system 10.
- FIG. 3 is a sequence diagram showing an initial setting operation in the detection system 10.
- 5 is a flowchart showing an operation of generating verification base data in the management apparatus 200.
- FIG. 4 is a sequence diagram illustrating a detection operation in the detection system 10. Continued to FIG. FIG. 4 is a sequence diagram illustrating a detection operation in the detection system 10. Continue to FIG. FIG. 4 is a sequence diagram illustrating a detection operation in the detection system 10. Continuing from FIG.
- the structure of the detection module group 130b in the detection system 10b is shown.
- the detection module 132b is disabled.
- One aspect of the present invention is a tampering monitoring system including a protection control module that protects an application program, a plurality of detection modules that monitor tampering of the protection control module, and a management device.
- the management device decomposes a decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and a plurality of the generated distributed keys, respectively.
- Output means for outputting to the detection module.
- Each detection module acquires the distributed key and stores it inside.
- the protection control module includes an obtaining unit that obtains the shared key from each of the plurality of detection modules, a restoration unit that restores the decryption key by integrating the obtained plurality of shared keys, and a restoration by the restoration unit.
- Decryption means for decrypting the encrypted application program using the decrypted key, and erasure means for erasing the decryption key after decryption by the decryption means is completed.
- the management apparatus further performs a decryption process composed of a plurality of decryption partial processes on the encrypted application program without alteration, and inputs the decryption partial process for each decryption partial process.
- Both data and output data from the decoded partial process are subjected to a unidirectional conversion to generate a decoded verification value, and verification data including the input data and the decoded verification value for each decoded partial process Verification data generation means for generating, wherein the output means further outputs the verification data to the protection control module, and the decryption means performs a plurality of decryption partial processes on the encrypted application program.
- the protection control module further performs the decryption partial process for each decryption partial process in the decryption means.
- Second output means for outputting the output data and the received verification data to a detection module, wherein the detection module receives the output data and the verification data, and receives the output data and the verification data. And verification means for performing verification and outputting the verification result
- the verification unit performs the same conversion as the one-way conversion on both the input data included in the verification data and the received output data to generate a second verification value.
- the verification is performed by determining whether or not the decrypted verification value included in the verification data matches the generated second verification value. If they do not match, the verification is considered to have failed.
- the verification result may be output.
- the protection control module further protects one or more other application programs
- the management device further generates a decryption verification value for each decryption part process for the other application programs, Certificate verification means for generating a certificate by applying a digital signature to a plurality of the decryption verification values generated for a plurality of the application programs including the application program and other application programs for each processing;
- a data generation unit generates the verification data including the decryption verification value for the other application program generated for each decryption partial process and the certificate generated for each decryption partial process, and the output unit includes:
- the verification data including the certificate is transferred to the protection control module.
- the second output unit outputs the verification data including the certificate to the detection module, the receiving unit receives the verification data including the certificate, and the verification unit further includes: For each decryption partial process, verification may be performed using the certificate included in the received verification data.
- the verification unit performs the same conversion as the one-way conversion on both the input data included in the verification data and the received output data to generate a second verification value.
- the verification may be performed using the decryption verification value and the generated second verification value for the other application program included in the verification data, and the certificate.
- each of the plurality of decoding partial processes corresponds to a plurality of the detection modules
- the second output unit performs the decoding partial processing on the detection modules corresponding to the respective decoding partial processes.
- the output data and the verification data may be output.
- each detection module further includes transmission means for transmitting identification information for identifying the decoding partial process corresponding to itself to another detection module
- the reception means of each detection module further includes: Identification information for identifying the decoding partial process corresponding to the other detection module is received from another detection module
- the verification unit of each detection module further includes the received identification information and the decoding part corresponding to itself.
- Verification may be performed.
- the verification means of each detection module has a duplicate in the received identification information and the identification information identifying the decoding partial process corresponding to the received identification information, or corresponds to the received identification information and itself.
- the identification information for identifying the decoding partial process does not cover all the identification information for identifying a plurality of decoding partial processes, a verification result indicating that the verification has failed may be output.
- the protection control module is attached with a tampering detection certificate generated by applying a digital signature to the protection control module that has not been tampered with, and each detection module has finished the decryption, After the decryption key is erased, verification means for detecting falsification with respect to the protection control module using the falsification detection certificate may be included.
- the distributed key generation means generates a plurality of the distributed keys so that the decryption key can be obtained by adding the generated plurality of distributed keys, and the restoration means adds the plurality of the distributed keys. Thus, the decryption key may be restored.
- the distributed key generation unit generates a plurality of the distributed keys from the decryption key using a secret sharing method
- the restoration unit uses the secret sharing method to generate the plurality of distributed keys from the plurality of the distributed keys.
- the decryption key may be restored.
- the protection control module further includes second output means for outputting the encrypted application program to the detection module, and each detection module is encrypted from the protection control module.
- Second acquisition means for acquiring an application program
- second decryption means for partially decrypting the encrypted application program using the stored distributed key and generating a partial decrypted text
- the generated Third output means for outputting a partial decrypted text to the protection control module, wherein the obtaining means obtains the partial decrypted text from each detection module, and the decrypting means comprises a plurality of the partial decrypted texts obtained. May be used to decrypt the encrypted application program.
- the application program is encrypted by an RSA encryption method
- the second decryption unit performs powering on the encrypted application program according to the value of the distributed key, and the partial decrypted text.
- the decrypting means may decrypt the encrypted application program by multiplying the values of the plurality of partial decrypted texts.
- the protection control module further includes selection means for selecting a plurality of detection modules from all the detection modules, and the second output means is for the detection modules selected by the selection means.
- the encrypted application program may be output.
- the protection control module is attached with a tampering detection certificate generated by applying a digital signature to the protection control module without tampering, and each detection module has the tampering detection certificate. It is also possible to include verification means for detecting tampering with the protection control module.
- one of the detection modules is invalidated, and the distributed key generation unit further decomposes the distributed key assigned to the invalidated detection module.
- a plurality of redistribution keys, and the output means further outputs the generated plurality of redistribution keys to the plurality of detection modules that are not revoked, and each detection that is not revoked.
- the module may further include a distributed key update unit that acquires the redistributed key and updates the stored distributed key using the acquired redistributed key to generate a new distributed key. .
- the distributed key generation unit generates a plurality of the redistribution keys so that the distribution key can be obtained by adding the generated plurality of redistribution keys, and the distributed key update unit stores The new distributed key may be generated by adding the acquired re-distributed key to the distributed key.
- the plurality of detection modules are classified into a first group and a second group, and the distributed key generation unit further decomposes the decryption key to generate a plurality of second distributed keys,
- the output means outputs the plurality of generated distributed keys to the plurality of detection modules belonging to the first group, respectively, and further generates the plurality of second distributed keys generated to the second group, respectively.
- each detection module belonging to the first group acquires and stores the distributed key
- each detection module belonging to the second group A second distributed key is acquired and stored therein, and the acquisition unit acquires the distributed key or the second distributed key from a plurality of the detection modules belonging to the first or second group
- Restoring means integrates a plurality of said distributed key acquired, or acquired by integrating a plurality of said second distributed key may be to restore the decryption key.
- the protection control module and the plurality of detection modules may each be a computer program, and the application program, the protection control module, and the plurality of detection modules may be stored in an information processing apparatus. .
- the output means may output the plurality of distributed keys to the plurality of detection modules, respectively, at the time of initial setting of the information processing apparatus.
- the acquisition unit may acquire the distributed key from each of the plurality of detection modules when the application program is executed in the information processing apparatus.
- One embodiment of the present invention is a management device that manages a protection control module that protects an application program and a plurality of detection modules that monitor tampering of the protection control module, and the encrypted application program is stored in the management apparatus. Decomposing a decryption key for decryption to generate a plurality of distributed keys, and a plurality of generated distributed keys, and output means for outputting the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the management apparatus further performs a decryption process composed of a plurality of decryption partial processes on the encrypted application program without alteration, and inputs the decryption partial process for each decryption partial process.
- Both data and output data from the decoded partial process are subjected to a unidirectional conversion to generate a decoded verification value, and verification data including the input data and the decoded verification value for each decoded partial process Verification data generation means for generating may be included, and the output means may further output the verification data to the protection control module.
- the protection control module further protects one or more other application programs
- the management device further generates a decryption verification value for each decryption part process for the other application programs, Certificate verification means for generating a certificate by applying a digital signature to a plurality of the decryption verification values generated for a plurality of the application programs including the application program and other application programs for each processing;
- a data generation unit generates the verification data including the decryption verification value for the other application program generated for each decryption partial process and the certificate generated for each decryption partial process, and the output unit includes:
- the verification data including the certificate is transferred to the protection control module. May output to Yuru.
- the distributed key generation means may generate a plurality of the distributed keys so that the decryption key is obtained by adding the generated plurality of distributed keys.
- the distributed key generation means may generate a plurality of the distributed keys from the decryption key using a secret sharing method.
- one of the detection modules is invalidated, and the distributed key generation unit further decomposes the distributed key assigned to the invalidated detection module. Then, a plurality of redistribution keys may be generated, and the output means may further output the generated plurality of redistribution keys to the plurality of detection modules that have not been revoked.
- the distributed key generation unit may generate a plurality of redistributed keys so that the distributed key can be obtained by adding the generated plurality of redistributed keys.
- the plurality of detection modules are classified into a first group and a second group, and the distributed key generation unit further decomposes the decryption key to generate a plurality of second distributed keys,
- the output means outputs the plurality of generated distributed keys to the plurality of detection modules belonging to the first group, respectively, and further generates the plurality of second distributed keys generated to the second group, respectively. It may be output to a plurality of the detection modules belonging to the group.
- each of the protection control module and the plurality of detection modules is a computer program
- the application program, the protection control module, and the plurality of detection modules are stored in an information processing apparatus
- the output The means may output the plurality of distributed keys to the plurality of detection modules, respectively, at the time of initial setting of the information processing apparatus.
- one aspect of the present invention is a protection control module that protects an application program and is monitored for alteration by a plurality of detection modules.
- the management device decomposes the decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively. Is done.
- Each distributed module stores the distributed key therein.
- the protection control module includes an obtaining unit that obtains the shared key from each of the plurality of detection modules, a restoration unit that restores the decryption key by integrating the obtained plurality of shared keys, and a restoration by the restoration unit. And a decrypting unit for decrypting the encrypted application program using the decrypted key, and an erasing unit for erasing the decryption key after the decryption by the decrypting unit is completed.
- the management apparatus further performs decryption processing composed of a plurality of decryption partial processes on the encrypted application program without alteration, and for each decryption partial process, Both the input data and the output data from the decoded partial process are subjected to a unidirectional conversion to generate a decoded verification value, and verification including the input data and the decoded verification value for each decoded partial process Data is generated, the verification data is output to the protection control module, and the decryption means performs a decryption process including a plurality of decryption partial processes on the encrypted application program, and the protection control
- the module further includes, for each decoding partial process in the decoding means, output data from the decoding partial process and the received verification It may include the second output means for outputting the over data to the detection module.
- the protection control module further protects one or more other application programs
- the management device further generates a decryption verification value for each decryption part process for the other application program
- a certificate is generated by applying a digital signature to the plurality of decryption verification values generated for the plurality of application programs including the application program and other application programs, and is generated for each decryption partial process.
- the verification data including the decryption verification value and the certificate generated for each decryption partial process for the other application program is generated, and the verification data including the certificate is output to the protection control module
- the second output means includes the certificate. May output the verification data to the detection module.
- each of the plurality of decoding partial processes corresponds to a plurality of the detection modules
- the second output unit performs the decoding partial processing on the detection modules corresponding to the respective decoding partial processes.
- the output data and the verification data may be output.
- a plurality of the distributed keys are generated by the management device so that the decryption key is obtained by adding the generated plurality of distributed keys, and the restoring means is configured by adding the plurality of distributed keys, The decryption key may be restored.
- the management device generates a plurality of the distributed keys from the decryption key using a secret sharing method
- the restoration means uses the secret sharing method to generate the decryption keys from the plurality of the distributed keys. May be restored.
- the protection control module further includes a second output means for outputting the encrypted application program to the detection module, and the detection module encrypts the encrypted application program from the protection control module.
- the application program is acquired and stored using the distributed key, the encrypted application program is partially decrypted to generate a partial decrypted text, and the generated partial decrypted text is sent to the protection control module.
- the obtaining means obtains the partial decrypted text from each detection module, and the decrypting means decrypts the encrypted application program using the plurality of obtained partial decrypted texts. Good.
- the application program is encrypted by the RSA encryption method
- the detection module generates the partial decrypted text by applying power to the application key encrypted by the value of the distributed key.
- the decrypting means may decrypt the encrypted application program by multiplying the values of the plurality of partial decrypted texts.
- the protection control module further includes selection means for selecting a plurality of detection modules from all the detection modules, and the second output means is for the detection modules selected by the selection means.
- the encrypted application program may be output.
- the plurality of detection modules are classified into a first group and a second group, and the management device further decomposes the decryption key to generate and generate a plurality of second distributed keys.
- the plurality of shared keys are output to the plurality of detection modules belonging to the first group, respectively, and the plurality of generated second shared keys are each assigned to the plurality of the second groups.
- the distributed key is stored internally by each detection module belonging to the first group
- the second distributed key is stored internally by each detection module belonging to the second group
- the acquisition unit acquires the distributed key or the second distributed key from a plurality of the detection modules belonging to the first or second group
- the restoration unit acquires the By integrating a plurality of said distributed key was, or obtained by integrating a plurality of said second distributed key may be to restore the decryption key.
- the protection control module and the plurality of detection modules may each be a computer program, and the application program, the protection control module, and the plurality of detection modules may be stored in an information processing apparatus. .
- the acquisition unit may acquire the distributed key from each of the plurality of detection modules when the application program is executed in the information processing apparatus.
- One aspect of the present invention is a detection module among a plurality of detection modules that monitor tampering with a protection control module that protects an application program.
- the management device decomposes the decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the detection module includes an acquisition unit that acquires the distributed key, a storage unit that stores the acquired distributed key, and an output unit that outputs the distributed key to the protection control module. To do.
- the management apparatus performs a decryption process including a plurality of decryption partial processes on the encrypted application program without alteration, and input data to the decryption partial process for each decryption partial process. Further, unidirectional conversion is performed on both of the output data from the decoded partial process and a decoded verification value is generated, and verification data including the input data and the decoded verification value for each decoded partial process includes And the verification data is output to the protection control module.
- the protection control module performs a decryption process composed of a plurality of decryption partial processes on the encrypted application program. Further, for each decryption partial process in the decryption means, The output data and the received verification data are output to the detection module.
- the detection module further performs a verification using the receiving means for receiving the output data and the verification data, and the received output data and the verification data, and outputs the verification result when the verification fails. And verification means.
- the verification unit performs the same conversion as the one-way conversion on both the input data included in the verification data and the received output data to generate a second verification value.
- the verification is performed by determining whether or not the decrypted verification value included in the verification data matches the generated second verification value. If they do not match, the verification is considered to have failed.
- the verification result may be output.
- the protection control module further protects one or more other application programs.
- the management apparatus further generates a decryption verification value for each decryption partial process for the other application programs, and creates for each of the plurality of application programs including the application program and other application programs for each decryption partial process.
- a certificate is generated by applying a digital signature to the plurality of decryption verification values, and the decryption verification value and the certification generated for each decryption partial process for the other application program generated for each decryption partial process.
- the verification data including a certificate is generated, and the verification data including the certificate is output to the protection control module.
- the protection control module outputs the verification data including the certificate to the detection module.
- the receiving unit may receive the verification data including the certificate, and the verification unit may further perform verification using the certificate included in the received verification data for each decryption partial process. .
- the verification unit performs the same conversion as the one-way conversion on both the input data included in the verification data and the received output data to generate a second verification value.
- the verification may be performed using the decryption verification value and the generated second verification value for the other application program included in the verification data, and the certificate.
- each of the plurality of decoding partial processes corresponds to a plurality of the detection modules.
- the protection control module outputs the output data and the verification data from the decryption partial process to the detection module corresponding to each decryption partial process.
- the detection module further includes transmission means for transmitting identification information for identifying the decoding partial process corresponding to the detection module to another detection module, and the reception means is further connected to the detection module from another detection module.
- the verification means further includes duplication of identification information for identifying the received identification information and the decoded partial process corresponding to itself, In addition, the comprehensiveness of the received identification information and the identification information for identifying the decoding partial process corresponding to itself and the identification information for identifying the plurality of decoding partial processes may be verified.
- the verification means includes an overlap between the received identification information and the identification partial process corresponding to the received identification information, or the received identification information and the decoded partial process corresponding to the received identification information.
- the identification information for identifying the identification information does not cover all the identification information for identifying the plurality of partial decoding processes, a verification result indicating that the verification has failed may be output.
- the protection control module is attached with a tampering detection certificate generated by applying a digital signature to the protection control module that has not been tampered with.
- the detection module may further include verification means for detecting falsification of the protection control module using the falsification detection certificate after the decryption is completed and the decryption key is deleted.
- the encrypted application program is further output to the detection module by the protection control module.
- the detection module further partially decrypts the encrypted application program using second acquisition means for acquiring the encrypted application program from the protection control module and the stored distributed key. Then, a second decryption unit that generates a partial decrypted text and a third output unit that outputs the generated partial decrypted text to the protection control module may be included.
- the application program is encrypted by an RSA encryption method
- the second decryption unit performs powering on the encrypted application program according to the value of the distributed key, and the partial decrypted text. May be generated.
- the protection control module is attached with a tampering detection certificate generated by applying a digital signature to the protection control module that has not been tampered with.
- the detection module may further include verification means for detecting falsification of the protection control module using the falsification detection certificate.
- one detection module is invalidated.
- the management device further disassembles the distributed key assigned to the invalidated detection module, generates a plurality of redistributed keys, and regenerates the generated redistributed keys, respectively. Not output to a plurality of the detection modules.
- the detection module that has not been revoked further acquires the redistribution key, and updates the stored distributed key using the acquired redistribution key to generate a new distribution key. Update means may be included.
- a plurality of the redistribution keys are generated by the management device so that the distribution key is obtained by adding the generated redistribution keys.
- the distributed key update unit may generate a new distributed key by adding the acquired re-distributed key to the stored distributed key.
- the protection control module and the plurality of detection modules may each be a computer program, and the application program, the protection control module, and the plurality of detection modules may be stored in an information processing apparatus. .
- One aspect of the present invention is a control method used in a management apparatus that manages a protection control module that protects an application program and a plurality of detection modules that monitor tampering of the protection control module. Decomposing a decryption key for decrypting an application program to generate a plurality of distributed keys, and a step of outputting the generated plurality of distributed keys to the plurality of detection modules, respectively. It is characterized by including.
- One aspect of the present invention is a computer recording a computer program for control used in a management apparatus that manages a protection control module that protects an application program and a plurality of detection modules that monitor tampering of the protection control module.
- a readable recording medium wherein a decryption key for decrypting the encrypted application program is decomposed to generate a plurality of distributed keys, and a plurality of generated distributed keys are Each of them records an output step to be output to a plurality of the detection modules and a computer program to be executed by the management device which is a computer.
- One aspect of the present invention is a computer program for control used in a management apparatus that manages a protection control module that protects an application program and a plurality of detection modules that monitor tampering of the protection control module.
- It is a computer program for making the management apparatus which is a step and a computer perform.
- One aspect of the present invention is an integrated circuit that configures a management device that manages a protection control module that protects an application program and a plurality of detection modules that monitor tampering of the protection control module. Decomposing a decryption key for decrypting an application program to generate a plurality of distributed keys; a plurality of generated distributed keys; and an output unit for outputting the generated plurality of distributed keys to the plurality of detection modules, respectively. It is characterized by providing.
- One aspect of the present invention is a control method used in a protection control module that protects an application program and is monitored for alteration by a plurality of detection modules.
- the management device decomposes the decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the distributed key is stored in each detection module.
- the control method is restored by an acquisition step of acquiring the distributed key from a plurality of detection modules, a recovery step of recovering the decryption key by integrating the acquired plurality of distributed keys, and the recovery step.
- a decrypting step for decrypting the encrypted application program using the decryption key, and an erasing step for erasing the decryption key after the decryption by the decryption step is completed.
- One aspect of the present invention is a computer-readable recording medium that records a computer program for control used in a protection control module that protects an application program and is monitored for tampering by a plurality of detection modules.
- the management device decomposes the decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the distributed key is stored in each detection module.
- the recording medium is a computer that restores the decryption key by integrating the protection control module, which is a computer, with the acquisition step of acquiring the distributed key from each of the plurality of detection modules, and the plurality of acquired distributed keys.
- a decryption step for decrypting the encrypted application program using the decryption key restored in the restoration step, and an erasure step for erasing the decryption key after the decryption by the decryption step is completed.
- a computer program for executing the program is recorded.
- One aspect of the present invention is a computer program for control used in a protection control module that protects an application program and is monitored for tampering by a plurality of detection modules.
- the management device decomposes the decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the distributed key is stored in each detection module.
- the computer program integrates the obtained distributed key into the protection control module, which is a computer, from the plurality of detection modules, and restores the decryption key by integrating the obtained plural distributed keys.
- a decryption step for decrypting the encrypted application program using the decryption key restored in the restoration step, and an erasure step for erasing the decryption key after the decryption by the decryption step is completed. Is executed.
- One embodiment of the present invention is an integrated circuit that constitutes a protection control module that protects an application program and is monitored for alteration by a plurality of detection modules.
- the management device decomposes the decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the distributed key is stored in each detection module.
- the integrated circuit is restored by the obtaining unit that obtains the distributed key from each of the plurality of detection modules, the restoring unit that integrates the plurality of obtained distributed keys and restores the decryption key, and the restoration unit.
- a decrypting unit that decrypts the encrypted application program using the decryption key, and an erasing unit that erases the decryption key after the decryption by the decrypting unit is completed.
- One aspect of the present invention is a method used in one detection module among a plurality of detection modules that monitor tampering with a protection control module that protects an application program.
- the management device decomposes the decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the method includes an acquisition step of acquiring the distributed key, a storage step of storing the acquired distributed key, and an output step of outputting the distributed key to the protection control module. .
- One aspect of the present invention is a computer-readable recording medium in which a computer program used in one detection module among a plurality of detection modules that monitor tampering is recorded with respect to a protection control module that protects an application program It is.
- the management device decomposes the decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the recording medium includes an acquisition step of acquiring the distributed key in the detection module, which is a computer, a storage step of storing the acquired distributed key, and an output of outputting the distributed key to the protection control module And a computer program for executing the steps.
- One aspect of the present invention is a computer program used in one detection module among a plurality of detection modules that monitor tampering with a protection control module that protects an application program.
- the management device decomposes the decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the computer program includes an acquisition step of acquiring the distributed key in the detection module, which is a computer, a storage step of storing the acquired distributed key, and an output of outputting the distributed key to the protection control module. Step.
- One embodiment of the present invention is an integrated circuit that constitutes one detection module among a plurality of detection modules that monitor tampering with a protection control module that protects an application program.
- the management device decomposes the decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the integrated circuit comprises acquisition means for acquiring the distributed key, storage means for storing the acquired distributed key, and output means for outputting the distributed key to the protection control module. To do.
- Embodiment 1 Here, the falsification monitoring system 10d as Embodiment 1 which concerns on this invention is demonstrated.
- the tamper monitoring system 10d includes a protection control module 120d, a plurality of detection modules 131d, 132d, ..., 135d, and a management device 200d.
- the protection control module 120d protects the application program.
- the detection modules 131d, 132d,..., 135d each monitor tampering of the protection control module 120d.
- the management device 200d includes a distributed key generation unit 251d and an output unit 252d.
- the distributed key generation unit 251d generates a plurality of distributed keys by decomposing a decryption key for decrypting the encrypted application program.
- the output unit 252d outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the detection modules 131d, 132d,..., 135d each acquire a distributed key and store it inside.
- the protection control module 120d includes an acquisition unit 381d, a restoration unit 382d, a decryption unit 383d, and an erasure unit 384d.
- the acquisition unit 381d acquires a distributed key from each of the plurality of detection modules 131d, 132d, ..., 135d.
- the restoration unit 382d restores the decryption key by integrating the plurality of obtained distributed keys.
- the decryption unit 383d decrypts the encrypted application program using the decryption key restored by the restoration unit 382d.
- the erasure unit 384d erases the decryption key after the decryption by the decryption unit 383d is completed.
- the protection control module 120d always holds the decryption key only in the time zone for decrypting the encrypted application program without holding the decryption key. Therefore, the possibility that the decryption key is illegally leaked from the protection control module 120d can be reduced.
- the management device 200d may further include a verification data generation unit (not shown).
- the verification data generation unit performs a decryption process composed of a plurality of decryption partial processes on the encrypted application program without falsification, and for each decryption partial process, the input data and the decryption Both the output data from the partial processing are subjected to unidirectional conversion to generate a decoding verification value, and verification data including the input data and the decoding verification value is generated for each decoding partial processing.
- the output unit 252d further outputs the verification data to the protection control module 120d.
- the decryption unit 383d performs decryption processing including a plurality of decryption partial processes on the encrypted application program.
- the protection control module further includes a second output unit (not shown). For each decoding partial process in the decoding unit 383d, the second output unit outputs the output data from the decoding partial process and the received verification data to the detection module 131d.
- the detection module 131d includes a receiving unit (not shown) and a verification unit (not shown).
- the receiving unit receives the output data and the verification data.
- the verification unit performs verification using the received output data and the verification data, and outputs the verification result when verification fails.
- the detection module can verify the falsification of the decryption partial process that constitutes the decryption process of the protection control module 120d using the output data and the verification data.
- the verification unit performs the same conversion as the one-way conversion on both the input data included in the verification data and the received output data to generate a second verification value, Performing the verification by determining whether or not the decrypted verification value included in the verification data and the generated second verification value match, and if they do not match, the verification is considered to have failed, The verification result may be output.
- the protection control module 120d may further protect one or more other application programs.
- the management device 200d further includes certificate generation means (not shown).
- the certificate generation unit generates a decryption verification value for each decryption partial process for the other application programs, and is generated for a plurality of the application programs including the application program and other application programs for each decryption partial process.
- a digital signature is applied to the plurality of decryption verification values to generate a certificate.
- the verification data generation unit generates the verification data including the decryption verification value for the other application program generated for each decryption partial process and the certificate generated for each decryption partial process.
- the output unit 252d outputs the verification data including the certificate to the protection control module 120d.
- the second output unit outputs the verification data including the certificate to the detection module 131d.
- the receiving unit receives the verification data including the certificate.
- the verification unit further performs verification using the certificate included in the received verification data for each decryption partial process.
- the detection module uses the output data and the verification data to verify falsification of the decryption partial process that constitutes the decryption process of the protection control module 120d. It can be carried out.
- the verification unit performs the same conversion as the one-way conversion on both the input data included in the verification data and the received output data to generate a second verification value,
- the verification may be performed using the decryption verification value and the generated second verification value for the other application program included in the verification data, and the certificate.
- Each of the plurality of decoding partial processes corresponds to a plurality of the detection modules.
- the second output unit may output the output data and the verification data from the decoding partial process to the detection module corresponding to each decoding partial process.
- each detection module verifies the corresponding decryption partial process. Therefore, if a detection module that does not have a corresponding relationship with the decryption partial process is falsified, it does not affect the tampering verification. Can be.
- Each detection module may further include a transmission unit that transmits identification information for identifying the decoding partial process corresponding to itself to another detection module.
- the receiving unit of each detection module further receives identification information for identifying the partial decoding process corresponding to the other detection module from another detection module.
- the verification unit of each detection module further performs duplication of identification information for identifying the received identification information and the decoding partial process corresponding to itself, and the received identification information and the decoding partial processing corresponding to itself. The completeness of the identification information for identifying and the identification information for identifying each of the plurality of decoding partial processes is verified.
- each detection module verifies the redundancy and the completeness. Therefore, when a plurality of detection modules are tampered so as to verify the same decoding partial processing, the detection module corresponds. Even when the decryption partial process is tampered so as not to be verified, such tampering can be detected.
- the verification unit of each detection module has an overlap in the received identification information and the identification information identifying the decoding partial process corresponding to itself, or the received identification information and the corresponding information
- a verification result indicating that the verification has failed may be output.
- the protection control module 120d is attached with a tampering detection certificate generated by applying a digital signature to the protection control module that has not been tampered with.
- Each detection module may include a verification unit that detects falsification of the protection control module using the falsification detection certificate after the decryption is completed and the decryption key is erased.
- the distributed key generation unit 251d may generate a plurality of the distributed keys so that the decryption key can be obtained by adding the plurality of generated distributed keys.
- the restoration unit 382d restores the decryption key by adding a plurality of the distributed keys.
- the original decryption key can be restored.
- the distributed key generation unit 251d may generate a plurality of the distributed keys from the decryption key using a secret sharing method.
- the restoration unit 382d restores the decryption key from the plurality of shared keys using the secret sharing method.
- the original decryption key can be restored.
- the protection control module 120d may further include a second output unit that outputs the encrypted application program to the detection module.
- Each detection module includes a second acquisition unit, a second decoding unit, and a third output unit.
- the second acquisition unit acquires the encrypted application program from the protection control module 120d.
- the second decryption unit partially decrypts the encrypted application program using the stored distributed key to generate a partial decrypted text.
- the third output unit outputs the generated partial decrypted text to the protection control module 120d.
- the acquisition unit 381d acquires the partial decrypted text from each detection module.
- the decryption unit 383d decrypts the encrypted application program using the plurality of partial decrypted texts obtained.
- the protection control module 120d does not always hold the decryption key. For this reason, there is no possibility that the decryption key is illegally leaked from the protection control module 120d.
- the application program may be encrypted by the RSA encryption method.
- the second decryption unit generates the partial decrypted text by applying power to the encrypted application program according to the value of the distributed key.
- the decryption unit 383d decrypts the encrypted application program by multiplying a plurality of partial decrypted text values.
- the encrypted application program can be decrypted.
- the protection control module 120d may further include a selection unit that selects a plurality of detection modules from all the detection modules.
- the second output unit outputs the encrypted application program to the detection module selected by the selection unit.
- the selected detection module since the selected detection module performs partial decoding, even if a detection module that has not been selected has been tampered with, verification can be prevented from being affected.
- the protection control module 120d may be attached with a tampering detection certificate generated by applying a digital signature to the protection control module that has not been tampered with.
- Each detection module includes a verification unit that detects falsification of the protection control module using the falsification detection certificate.
- one detection module may be invalidated.
- the distributed key generation unit 251d further decomposes the distributed key assigned to the invalidated detection module to generate a plurality of redistributed keys.
- the output unit 252d further outputs the generated plurality of redistributed keys to the plurality of detection modules that are not revoked, respectively.
- Each detection module that has not been revoked further acquires the redistribution key, and uses the acquired redistribution key to update the stored distributed key to generate a new distributed key. Includes update section.
- the protection control module obtains a new distributed key from the detection module that has not been invalidated and restores the decryption key. Can do.
- the distributed key generation unit 251d may generate a plurality of redistributed keys so that the distributed key can be obtained by adding the generated plurality of redistributed keys.
- the distributed key update unit generates the new distributed key by adding the acquired re-distributed key to the stored distributed key.
- the plurality of detection modules may be classified into first and second groups.
- the distributed key generation unit 251d further decomposes the decryption key to generate a plurality of second distributed keys.
- the output unit 252d outputs the generated plurality of shared keys to the plurality of detection modules belonging to the first group, respectively, and further outputs the generated plurality of second shared keys to the second group. To a plurality of the detection modules belonging to the group.
- Each detection module belonging to the first group acquires the distributed key and stores it inside.
- Each detection module belonging to the second group acquires the second distributed key and stores it inside.
- the acquisition unit 381d acquires the distributed key or the second distributed key from the plurality of detection modules belonging to the first or second group, respectively.
- the restoration unit 382d restores the decryption key by integrating the acquired plurality of shared keys or by integrating the acquired second shared keys.
- the protection control module 120d and the plurality of detection modules 131d, 132d,..., 135d may each be a computer program.
- the application program, the protection control module 120d, and the plurality of detection modules 131d, 132d, ..., 135d are stored in the information processing apparatus.
- the output unit 252d may output the plurality of distributed keys to the plurality of detection modules, respectively, at the time of initial setting of the information processing apparatus.
- the acquisition unit 381d may acquire the distributed key from each of the plurality of detection modules 131d, 132d,..., 135d when executing the application program in the information processing apparatus.
- the management device 200d decomposes a decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and generates the plurality of distributed keys, respectively.
- 131d, 132d,..., 135d may be output.
- the detection modules 131d, 132d,..., 135d monitor tampering with the protection control module that protects the application program.
- One detection module among the detection modules 131d, 132d,..., 135d may include an acquisition unit, a storage unit, and an output unit.
- the acquisition unit acquires the distributed key.
- the storage unit stores the acquired distributed key.
- the output unit outputs the distributed key to the protection control module 120d.
- Embodiment 2 Here, the detection system 10 as Embodiment 2 which concerns on this invention is demonstrated.
- the detection system 10 includes a device 100 and a management device 200.
- the device 100 and the management device 200 are connected via a network 20 represented by the Internet. It is connected.
- the device 100 is an information processing apparatus that provides various services to users. For example, the device 100 accesses a content distribution server device (not shown) via the network 20 and purchases and reproduces content such as music and video. In addition, the device 100 accesses a server device (not shown) of a financial institution via the network 20 and performs net banking (deposit balance inquiry, account transfer, etc.).
- the device 100 is, for example, a PC (personal computer), a mobile phone, a portable information terminal device, a digital broadcast receiving device, a DVD (Digital Versatile Disc) player, a BD (Blu-ray Disc) player, a content recording device, or the like.
- a PC personal computer
- a mobile phone a portable information terminal device
- a digital broadcast receiving device a DVD (Digital Versatile Disc) player
- a BD (Blu-ray Disc) player a content recording device, or the like.
- An application program is installed in the device 100, and this application program is executed.
- a protection control module 120 and a plurality of detection modules 131, 132,..., 135, which are computer programs, are installed in the device 100.
- the protection control module 120 protects the application program.
- each of the plurality of detection modules 131, 132,..., 135 monitors whether the protection control module 120 has been tampered with.
- the management apparatus 200 manages the protection control module 120 and the plurality of detection modules 131, 132,.
- the management device 200 generates verification base data necessary for verifying whether or not the protection control module 120 is operating correctly, and outputs the verification base data to the device 100.
- the management apparatus 200 includes a determination unit 210, a software distribution unit 220, and a communication unit 230, as shown in FIG.
- the management apparatus 200 is a computer system including a CPU (Central Processing Unit), a ROM (Read Only Memory), a RAM (Random Access Memory), a hard disk unit, a NIC (Network Interface Card), and the like.
- the ROM or hard disk unit stores a computer program for control for controlling the operation of the management apparatus 200.
- the CPU operates according to these control computer programs, the determination unit 210 and the software distribution unit 220 of the management device 200 exhibit their functions.
- the communication part 230 exhibits the function by NIC.
- the determination unit 210 is in a state of a computer program (application program (hereinafter referred to as “application”) 110, 111, 112, 113, 114, protection control module 120 and detection module group 130) stored in the device 100. Accordingly, the process to be executed by the device 100 is determined, and various instructions are given to the software distribution unit 220.
- application program hereinafter referred to as “application”
- the determination unit 210 includes a reception unit 501, a transmission unit 502, and an instruction generation unit 503 as shown in FIG.
- the receiving unit 501 receives detection results and various requests from each detection module, and outputs the received detection results and various requests to the instruction generation unit 503. In addition, the reception unit 501 receives a notification indicating the completion of processing from the software distribution unit 220 and outputs the received notification to the instruction generation unit 503.
- the transmission unit 502 receives an instruction from the instruction generation unit 503 and transmits the received instruction to the software distribution unit 220.
- the instruction generation unit 503 receives a verification base data generation request from the protection control module 120. Upon receipt of the verification base data generation request, a verification base data generation instruction is generated, and the generated verification base data generation instruction is output to the software distribution unit 220 via the transmission unit 502.
- the software distribution unit 220 includes a reception unit 601, a transmission unit 602, a control unit 603, an authentication unit 604, a certificate generation unit 605, a signature private key storage unit 606, an encryption / decryption key storage unit 607, software
- the storage unit 608 includes a verification base data generation unit 609 and a distributed key generation unit 610.
- the signature private key holding unit 606 holds a signature private key Prk (632).
- the signature private key Prk (632) is a private key of the public key cryptosystem assigned to the management apparatus 200, and is used when the certificate generation unit 605 generates a certificate.
- the public key cryptosystem is based on RSA as an example.
- the encryption / decryption key holding unit 607 holds an encryption / decryption key d (631) used for encrypting the application and decrypting the encrypted application.
- the encryption / decryption key d (631) is a secret key of a secret encryption method.
- the encryption / decryption key d (631) is, for example, a 128-bit AES (Advanced Encryption Standard) secret key.
- the software holding unit 608 stores in advance a protection control module 120 as a computer program, a detection module group 130 as a computer program, and applications 110, 111, ..., 114 as computer programs.
- the protection control module 120, the detection module group 130, and the applications 110, 111, ..., 114 are installed in the device 100.
- the protection control module 120, the detection module group 130, and the applications 110, 111, ..., 114 will be described later.
- the receiving unit 601 receives a detection result for the protection control module 120 from each detection module of the device 100 via the network 20 and the communication unit 230, and outputs the received detection result to the control unit 603.
- the transmission unit 602 Under the control of the control unit 603, the transmission unit 602 sends a request for falsification verification to each application in the device 100 and the protection control module 120, verification base data necessary for the verification, and the like via the communication unit 230 and the network 20. To the device 100.
- Control unit 603 The control unit 603 controls each component of the software distribution unit 220.
- control unit 603 receives the plurality of distributed keys generated by the distributed key generation unit 610 through the transmission unit 602, the communication unit 230, and the network 20, respectively, and the plurality of detection modules 131, 132,. .., output to 135
- control unit 603 outputs the verification base data 640 (described later) generated by the verification base data generation unit 609 to the protection control module 120 of the device 100 via the transmission unit 602, the communication unit 230, and the network 20. To do.
- the authentication unit 604 performs mutual authentication with each detection module and the protection control module 120.
- the verification base data generation unit 609 performs a decryption process composed of a plurality of decryption partial processes on an encrypted application that has not been tampered with, and performs the decryption partial process for each decryption partial process. Both the input data and the output data from the decoded partial process are subjected to a unidirectional conversion to generate a decoded verification value, and the verification including the input data and the decoded verification value for each decoded partial process Generate data.
- the verification base data generation unit 609 includes a verification base including the first decoded partial processing data 641, the second decoded partial processing data 642, and the third decoded partial processing data 643 shown in FIG. Data 640 is generated, and the generated verification base data 640 is output to the control unit 603.
- the verification base data generation unit 609 generates determination information.
- the number of decoding sub-processes also referred to as decoding partial processes
- the determination information is “3”.
- the verification base data generation unit 609 reads the applications 110, 111,..., 114 from the software holding unit 608.
- File names are assigned to the applications 110, 111,..., 114, and identification information is extracted from the file names of the applications 110, 111,.
- identification information “110”, “111”, “112”, “113”, and “114” are extracted from the file names of the applications 110, 111,.
- the verification base data generation unit 609 reads the encryption / decryption key d (631) from the encryption / decryption key holding unit 607. Next, the verification base data generation unit 609 causes the decryption load unit 304 (described later) included in the protection control module 120 stored in the software holding unit 608 to be in an execution state, and The read applications 110, 111,..., 114 are controlled to be encrypted by the encryption algorithm E using the read encryption / decryption key d (631).
- the encryption algorithm E is AES of a secret key cryptosystem.
- encrypted applications 110e, 111e,..., 114e are generated from the applications 110, 111,.
- the verification base data generation unit 609 sends the encrypted application key 110e, 111e,... Using the decryption algorithm D, which is the inverse transformation of the encryption algorithm E, the decryption applications 110d, 111d,..., 114d are generated.
- the decoding algorithm D is composed of a plurality of decoding sub-processes (decoding partial processes).
- the ciphertext is converted into plaintext by sequentially going through a plurality of decryption subprocesses.
- An example of a decryption process composed of a plurality of decryption subprocesses is DES (Data Encryption Standard) and AES.
- DES Data Encryption Standard
- AES AES
- the decoding process 650 executed by the decoding load unit 304 sequentially passes through three decoding sub-processes (decoding partial processes), that is, a first decoding partial process 651 and a second decoding part.
- decoding partial processes decoding partial processes
- the process 652 and the third decoding partial process 653 are sequentially performed.
- the encrypted application 661 is converted into the first intermediate application 662 through the first decryption partial process 651.
- the first intermediate application 662 is converted into the second intermediate application 663 through the second decryption partial process 652.
- the second intermediate application 663 is converted into the decryption application 664 through the third decryption partial process 653.
- the verification base data generation unit 609 gives the decryption load unit 304 the first intermediate application 662 and the second intermediate application 662 that are the outputs of the first decryption partial process 651 together with the decryption application 664 that is the final result of the decryption process 650. Control is performed so that the second intermediate application 663 that is the output of the decryption partial process 652 is also output.
- the decryption applications 110d, 111d,..., 114d are generated for each of the encryption applications 110e, 111e,..., 114e, and the encryption applications 110e, 111e,. , 114da are generated, and second intermediate applications 110db, 111db,..., 114db are generated.
- the verification base data generation unit 609 generates a decoding verification value for each application for each decoding sub-process (decoding partial process) as follows.
- the verification base data generation unit 609 combines the encrypted application 110e and the first intermediate application 110da in this order to generate a combination, and performs a hash on the generated combination.
- the decryption verification value A (645a) is generated.
- hash SHA-1 is used.
- SHA-2, SHA-3, CBC-MAC (Cipher Block Chaining-Message Authentication Code) using a block cipher, or the like may be used.
- Hash (x) represents a hash value generated by hashing the data x
- b) is a combined body generated by combining the data a and the data b in this order. Indicates.
- the decryption verification value B (645b), the decryption verification value C (645c), the decryption verification value D (645d), and the decryption verification value E (645e) are also obtained for the encrypted applications 111e, 112e,. Generate.
- Decryption verification value B Hash (encryption application 111e
- Decryption verification value C (645c) Hash (encrypted application 112e
- Decryption verification value D Hash (encryption application 113e
- Decryption verification value E (645e) Hash (encryption application 114e
- the verification base data generation unit 609 generates a combined product by combining the first intermediate application 110da and the second intermediate application 110db in this order, and generates the combined product.
- a decryption verification value F (645f) is generated by performing hashing.
- Decryption verification value F (645f) Hash (first intermediate application 110da
- Decryption verification value G Hash (first intermediate application 111da
- Decryption verification value H Hash (first intermediate application 112da
- Decryption verification value I Hash (first intermediate application 113da
- Decryption verification value J Hash (first intermediate application 114da
- the verification base data generation unit 609 combines the second intermediate application 110db and the decryption application 110d in this order to generate a combination, and for the generated combination, A decryption verification value K (645k) is generated by applying a hash.
- Decryption verification value K Hash (second intermediate application 110db
- Decryption verification value L Hash (second intermediate application 111db
- Decryption verification value M hash (second intermediate application 112db
- Decryption verification value N Hash (second intermediate application 113db
- Decryption verification value O Hash (second intermediate application 114db
- the verification base data generation unit 609 generates a decryption certificate for each decryption subprocess (decryption partial process) as follows.
- the verification base data generation unit 609 includes the decryption verification value A (645a), the decryption verification value B (645b), the decryption verification value C (645c), the decryption verification value D (645d), and the decryption verification.
- the values E (645e) are combined in this order to produce a conjugate.
- a hash value is generated by hashing the generated combination.
- the generated hash value is output to the certificate generation unit 605, and the signature generation algorithm Sign is applied to the generated hash value using the signature private key Prk (632) to generate the decryption processing certificate 646a. .
- Decryption certificate 646a Sign (Prk, Hash (A
- the signature generation algorithm Sign is a signature scheme algorithm based on public key cryptography such as RSA signature, DSA (Digital Signature Algorithm), and elliptic curve DSA.
- the signature generation algorithm Sign is not limited to these.
- a signature scheme algorithm based on a common key encryption such as MAC (Message Authentication Code) or a hash function may be used.
- Sign (x, y) indicates signature data generated by applying the signature generation algorithm Sign to the data y using the private key x.
- the verification base data generation unit 609 includes the decryption verification value F (645f), the decryption verification value G (645g), the decryption verification value H (645h), and the decryption verification value I (645i). And the decryption verification value J (645j) are combined in this order to generate a combined body.
- a hash value is generated by hashing the generated combination.
- the generated hash value is output to the certificate generation unit 605, and the signature generation algorithm Sign is applied to the generated hash value using the signature private key Prk (632) to generate the decryption processing certificate 646a.
- Decryption certificate 646b Sign (Prk, Hash (F
- the verification base data generation unit 609 includes the decryption verification value K (645k), the decryption verification value L (645l), the decryption verification value M (645m), and the decryption verification value N (645n).
- the decryption verification value O (645o) are combined in this order to generate a combined body.
- a hash value is generated by hashing the generated combination.
- the generated hash value is output to the certificate generation unit 605, and the signature generation algorithm Sign is applied to the generated hash value using the signature private key Prk (632) to generate the decryption processing certificate 646c. .
- Decryption certificate 646c Sign (Prk, Hash (K
- the verification base data generation unit 609 sets the identification information “110”, the encrypted application 110e, and the decryption verification value A (645a) as the first set for the first decryption partial process 651, the identification information “111”, the encryption The encryption application 111e and the decryption verification value B (645b) are the second set, the identification information “112”, the encryption application 112e and the decryption verification value C (645c) are the third set, the identification information “113”, and the encryption application 113e and the decryption verification value D (645d) are the fourth set, the identification information “114”, the encryption application 114e and the decryption verification value E (645e) are the fifth set, and the determination information “3”, the first set, the first First decryption partial processing data 641 including two sets,..., Fifth set and decryption processing certificate 646a is generated.
- the verification base data generation unit 609 sets the identification information “110”, the first intermediate application 110da, and the decryption verification value F (645f) as the first set for the second decryption partial process 652, and the identification information “111”,
- the first intermediate application 111da and the decryption verification value G (645g) are set as the second set
- the identification information “112”, the first intermediate application 112da and the decryption verification value H (645h) are the third set
- the first intermediate application 113da and the decryption verification value I (645i) are set as the fourth set
- the identification information “114”, the first intermediate application 114da and the decryption verification value J (645j) are the fifth set
- the determination information “3” Second decryption partial processing data 642 including the first set, the second set,..., The fifth set and the decryption processing certificate 646b is generated.
- the verification base data generation unit 609 sets the identification information “110”, the second intermediate application 110db, and the decryption verification value K (645k) as the first set for the third decryption partial process 653, and the identification information “111”,
- the second intermediate application 111db and the decryption verification value L (645l) are set as the second set
- the identification information "112”, the second intermediate application 112db and the decryption verification value M (645m) are the third set
- the second intermediate application 113db and the decryption verification value N (645n) are set as the fourth set
- the identification information “114”, the second intermediate application 114db and the decryption verification value O (645o) are the fifth set, and the determination information “3”,
- the third set partial processing data 643 including the first set, the second set,..., The fifth set and the decryption processing certificate 646c is generated.
- the verification base data generation unit 609 generates verification base data 640 including the first decoded partial processing data 641, the second decoded partial processing data 642, and the third decoded partial processing data 643.
- FIG. 5 shows the verification base data 640 generated in this way.
- the verification base data 640 includes first decoded partial process data 641, second decoded partial process data 642, and third decoded partial process data 643.
- the first decryption partial processing data 641 includes determination information “3”, a first set, a second set,..., A fifth set, and a decryption processing certificate 646a.
- the first set includes the identification information “110”, the encrypted application 110e, and the decryption verification value A (645a).
- the second set includes the identification information “111”, the encrypted application 111e, and the decryption verification value B (645b).
- the third set includes the identification information “112”, the encrypted application 112e, and the decryption verification value C (645c).
- the fourth set includes identification information “113”, encrypted application 113e, and decryption verification value D (645d).
- the fifth set includes the identification information “114”, the encrypted application 114e, and the decryption verification value E (645e).
- the second decoded partial process data 642 and the third decoded partial process data 643 also have the same configuration as the first decoded partial process data 641.
- the certificate generation unit 605 receives data to be signed from the verification base data generation unit 609. Upon receiving the data, the certificate generation unit 605 reads the signature private key Prk (632) from the signature private key holding unit 606.
- the certificate generation unit 605 generates signature data for the received data by using the read signature private key Prk (632) by the digital signature by the signature generation algorithm Sign, and the generated signature data is verified as the verification base data.
- the data is output to the generation unit 609. .
- the distributed key generation unit 610 decomposes the encryption / decryption key d (631) held by the encryption / decryption key holding unit 607 to generate a plurality of distributed keys as described below.
- the distributed key generation unit 610 generates a plurality of distributed keys so that the original encryption / decryption key d (631) can be generated by adding all the generated distributed keys. To do.
- the distributed key generation unit 610 generates a random number r1, generates the distributed key d1, generates a random number r2, generates the distributed key d2, generates a random number r3, and generates the distributed key d3. Then, a random number r4 is generated and set as a distributed key d4.
- the distributed key generation unit 610 uses the encryption / decryption key d (631) held by the encryption / decryption key holding unit 607 as secret information, and a plurality of keys generated from the encryption / decryption key d (631) using the secret sharing method.
- the shared information may be used as a distributed key.
- the secret sharing method is described in Non-Patent Document 1.
- the distributed key generation unit 610 randomly selects integers a 1, a 2,..., An-1 ⁇ , and (n ⁇ 1) as shown in Equation 6 of FIG. Set the degree polynomial.
- Equation 6 d is a constant term, and d is an encryption / decryption key.
- the distributed key generation unit 610 detects the plurality of generated distributed keys d1, d2,..., D5 via the control unit 603, the transmission unit 602, the communication unit 230, and the network 20, and detects the device 100. Transmit to the module group 130.
- Communication unit 230 communicates with the device 100 via the network 20.
- the communication unit 230 outputs the received information to each unit in the management apparatus 200 in accordance with the information received from the device 100.
- instructions and information received from each unit in the management apparatus 200 are transmitted to the device 100.
- an instruction or notification received from the software distribution unit 220 is transmitted to the device 100, and information such as a detection result of falsification detection received from the device 100 is transmitted to the determination unit 210.
- the communication unit 230 may use a secure communication path for encrypting data for communication between the device 100 and the management apparatus 200.
- the device 100 stores therein computer programs such as applications 110, 111, 112, 113, 114, a protection control module 120, and a detection module group 130. In the device 100, these computer programs operate.
- the device 100 includes a CPU 171, an EEPROM (Electrically Erasable and Programmable Read Only Memory) 172, a RAM 173, a NIC 174, a bus 175, and other devices. ing.
- the CPU 171, the EEPROM 172, the RAM 173, and the NIC 174 are connected via a bus 175 so that they can communicate with each other.
- the EEPROM 172 is a nonvolatile semiconductor memory, such as a boot loader 190, a protection control module 120, detection modules 131, 132,..., 135, applications 110, 111, ..., 114 and an OS (Operating System) 180.
- An area for storing a computer program is provided.
- the computer program stored in the EEPROM 172 is loaded into the RAM 173, and the CPU 171 executes the computer program loaded into the RAM 173, thereby realizing the functions of each computer program.
- the RAM 173 is a volatile semiconductor memory and has an area for storing the above computer program and other data.
- the RAM 173 is loaded with computer programs such as the protection control module 120, detection modules 131, 132,..., 135, applications 110, 111,.
- the RAM 173 is used as a work area for the CPU 171.
- the NIC 174 is an expansion card for connecting to the network 20.
- a boot loader 190 In the device 100, a boot loader 190, a protection control module 120, an OS 180, and applications 110, 111,..., 114 are stored as shown in FIG.
- the OS 180 includes a detection module group 130, and the detection module group 130 includes detection modules 131, 132, 133, 134, and 135.
- the boot loader 190 When the power of the device 100 is turned on, the boot loader 190 is operated first, and then the protection control module 120 is loaded into the RAM 173 so that the protection control module 120 can be operated. Subsequently, the OS 180 is loaded into the RAM 173, and the OS 180 operates. At this time, since the OS 180 includes the detection module group 130, the detection module group 130 becomes operable. Next, any or all of the applications 110, 111,..., 114 are loaded into the RAM 173, and the applications 110, 111,.
- Protection control module 120 has a function for protecting each application so that each application is not analyzed by an attacker and secret data is not extracted from each application, and these functions are exhibited. It is a computer program for controlling.
- the secret data is data to be kept secret held by each application, as will be described later.
- One function for protecting the application by the protection control module 120 is a decryption load function.
- the decryption load function encrypts and saves the application, and only when the application is used, the encrypted application is decrypted to generate a plaintext application. Load into memory.
- Another function is a falsification detection function that determines whether or not an application has been falsified.
- another function is an analysis tool detection function for determining whether or not an analysis tool such as a debugger is operating.
- the protection control module 120 controls operations by these functions, and determines whether or not each application is analyzed or attacked by an attacker. When an attack by an attacker or the like is detected, the protection control module 120 stops the operation of the application in which the attack is detected. Also, processing such as clearing the memory used by the application, particularly the memory area where the confidential data is recorded, is performed. For example, the memory area is filled with “0”. Thus, leakage of confidential data is prevented.
- the protection control module 120 acquires a distributed key from each of the plurality of detection modules 131, 132,..., 135, and then integrates the acquired plurality of distributed keys to restore an encryption / decryption key, The encrypted application is decrypted using the encryption / decryption key, and after the encrypted application is decrypted, the encryption / decryption key is deleted.
- the protection control module 120 includes a reception unit 301, a transmission unit 302, a control unit 303, a decryption load unit 304, a falsification detection unit 305, an analysis tool detection unit 306, an encryption / decryption key restoration unit 307, a verification base.
- a data holding unit 308 and a verification data generation unit 309 are included.
- a tampering detection certificate 331 is attached to the protection control module 120.
- the tampering detection certificate 331 is a certificate for detecting tampering of the protection control module 120 itself.
- the tampering detection certificate 331 applies hash SHA-1 to the entire protection control module 120 to generate a hash value, and the signature privately held by the management apparatus 200 for the generated hash value.
- the signature data generated by applying a digital signature by the signature generation algorithm Sign using the key 632 is included.
- CBC-MAC CipherCBlock Chaining-Message Authentication Code
- the receiving unit 301 receives distributed information and various requests from each detection module.
- the transmission unit 302 transmits various requests to the detection modules 131, 132,.
- Control unit 303 The control unit 303 controls and operates the decryption load unit 304, the falsification detection unit 305, and the analysis tool detection unit 306, and detects an attack when each application is attacked by an attacker.
- the control unit 303 acquires a distributed key from the detection modules 131, 132,..., 135 of the device 100 via the reception unit 301.
- the control unit 303 erases the encryption / decryption key 631 generated by the encryption / decryption key restoration unit 307 and used for decryption of the encrypted application after the decryption of the encrypted application is completed.
- the control unit 303 outputs the output data from the decryption partial process and the received verification data to the detection module for each decryption partial process.
- the control unit 303 transmits the first intermediate application and the verification data to the detection module 131 via the transmission unit 302, and transmits the second intermediate application and the verification data to the detection module 132.
- the verification data is transmitted to the detection module 133.
- control unit 303 transmits the identification information of the application to the detection module 131, the detection module 132, and the detection module 133 as an example via the transmission unit 302.
- the decryption load unit 304 uses the encryption / decryption key 631 restored by the encryption / decryption key restoration unit 307 when executing the encrypted applications 110e, 111e,..., 114e held in the device 100,
- the encrypted applications 110e, 111e,..., 114e are decrypted by the decryption algorithm D to generate plain text applications 110, 111,... 114, and the generated applications 110, 111,. Is loaded onto the RAM 173.
- the encryption algorithm E is used to relate to the application 110 stored on the RAM 173 using the encryption / decryption key 631.
- the encrypted data is generated by encrypting the data to be stored, the generated encrypted data is temporarily stored, and when the context is switched to the application 110 again, the stored encrypted data is decrypted, Data is generated, and the generated data is stored on the RAM 173.
- the context switch is a process of saving or restoring the CPU state (context) so that a plurality of modules can share one CPU.
- the decryption load unit 304 performs decryption processing composed of a plurality of decryption partial processes on the encrypted application by the decryption algorithm D.
- the decoding process including a plurality of decoding partial processes has already been described with reference to FIG.
- the encryption algorithm E and the decryption algorithm D used in the decryption load unit 304 are, for example, AES of a secret key cryptosystem. Further, it may be DES.
- the falsification detection unit 305 executes falsification detection processing for confirming whether each application has been falsified.
- the falsification detection process is performed by using a falsification detection certificate added to each application. Note that tampering detection may be performed by comparing the MAC values.
- the analysis tool detection unit 306 detects an analysis tool such as a debugger when it is installed or operated. This is because it is assumed that an unauthorized attacker installs or operates an analysis tool in order to attack each application. For example, you can search for the name of a file that contains an analysis tool such as a debugger, check whether a special register used by the debugger is used, or detect an interrupt set by the debugger. Use.
- the encryption / decryption key restoration unit 307 integrates a plurality of distributed keys received from a plurality of detection modules, and restores an encryption / decryption key 631 for encrypting / decrypting each application.
- the encryption / decryption key restoration unit 307 restores the original encryption / decryption key 631 by adding all the distributed keys.
- the encryption / decryption key is restored by the secret information restoration method using the secret sharing method.
- the verification base data holding unit 308 holds the verification base data 640 received from the management device 200.
- the data structure of the verification base data 640 is as described above.
- the verification data generation unit 309 extracts the first decoded partial processing data 641 from the verification base data 640 held in the verification base data holding unit 308, and uses the extracted first decoded partial processing data 641 as verification data 341. . Further, the second decoded partial process data 642 is extracted from the verification base data 640, and the extracted first decoded partial process data 641 is set as the verification data 342. Further, the third decoded partial process data 643 is extracted from the verification base data 640, and the extracted first decoded partial process data 641 is set as the verification data 343.
- 12 to 14 show examples of the data structures of the verification data 341, the verification data 342, and the verification data 343, respectively.
- the verification data generation unit 309 transmits the generated verification data 341 to the detection module 131 via the control unit 303 and the transmission unit 302.
- the detection module 131 holds verification data 341.
- the verification data generation unit 309 transmits the generated verification data 342 to the detection module 132 via the control unit 303 and the transmission unit 302.
- the detection module 132 holds verification data 342.
- the verification data generation unit 309 transmits the generated verification data 343 to the detection module 133 via the control unit 303 and the transmission unit 302.
- the detection module 133 holds verification data 343.
- the detection module group 130 includes five detection modules 131, 132, 133, 134, and 135, as shown in FIG.
- the detection modules 131, 132, 133, 134 and 135 are computer programs each having a function of detecting whether or not the protection control module 120 has been tampered with.
- Each detection module acquires a distributed key from the management apparatus 200 and stores it inside. Each detection module transmits the detection result of tampering with respect to the protection control module 120 to the management apparatus 200 via the network 20.
- the detection module 131 includes a reception unit 401, a transmission unit 402, a control unit 403, a verification unit 404, a verification data holding unit 405, and a distributed key holding unit 406.
- the detection modules 132, 133, 134, and 135 have the same configuration as that of the detection module 131, description thereof will be omitted.
- the receiving unit 401 receives various instructions from the management device 200. In addition, a result of processing requested to another module and a detection result of alteration of the protection control module 120 by another detection module are received.
- the transmission unit 402 transmits data such as various processing results to the management apparatus 200, the protection control module 120, and other detection modules.
- Control unit 403 The control unit 403 controls the verification unit 404 based on various instructions and notifications received by the reception unit 401 and performs verification processing on the protection control module 120.
- control unit 403 receives, from the protection control module 120 via the receiving unit 401, the decryption partial process corresponding to the detection module, output data from the decryption partial process, and verification data generated for the decryption partial process.
- the control unit 403 of the detection module 131 receives verification data generated for the decryption partial process corresponding to the first intermediate application and the detection module 131.
- the control unit 403 of the detection module 132 receives verification data generated for the decryption partial process corresponding to the second intermediate application and the detection module 132.
- control unit 403 of the detection module 133 receives verification data generated for the decryption application and the decryption partial process corresponding to the detection module 133.
- control unit 403 outputs the received output data and verification data to the verification unit 404 for the decryption partial process corresponding to the detection module.
- control unit 403 of the detection module 131 outputs verification data generated for the decryption partial process corresponding to the first intermediate application and the detection module 131 to the verification unit 404.
- control unit 403 of the detection module 132 outputs verification data generated for the decryption partial process corresponding to the second intermediate application and the detection module 132 to the verification unit 404.
- control unit 403 of the detection module 133 outputs verification data generated for the decryption application and the decryption partial process corresponding to the detection module 133 to the verification unit 404.
- the verification unit 404 verifies whether or not the protection control module 120 is operating normally.
- the verification unit 404 performs verification using the output data and verification data received from the control unit 403, and outputs the verification result when verification fails.
- the verification unit 404 uses the verification data 341 stored in the verification data storage unit 405 when any of the applications 110, 111,. Verify against.
- the verification unit 404 performs the same conversion as the one-way conversion used by the verification base data generation unit 609 on both the input data included in the verification data and the received output data, and the second verification value And verifying by judging whether or not the decrypted verification value included in the verification data matches the generated second verification value. , Output the verification result.
- the verification unit 404 is an element constituting the detection module 131. Further, it is assumed that the application 110 is executed.
- the verification unit 404 receives the identification information of the application 110, the first intermediate application of the application 110, and the verification data 341 from the protection control module 120 via the reception unit 401 and the control unit 403.
- the verification unit 404 extracts an encrypted application corresponding to the received identification information from the received verification data 341, and combines and combines the extracted encrypted application and the received first intermediate application in this order.
- a hash value is calculated by applying a hash hash to the generated combination.
- the verification unit 404 extracts a decryption verification value corresponding to the received identification information from the verification data 341, and determines whether or not the extracted decryption verification value matches the calculated hash value.
- a decryption processing certificate is extracted from the received verification data 341, and other than the decryption verification value corresponding to the received identification information from the received verification data 341 All the decryption verification values B, C, D, E are extracted, and the combined hash value and all the extracted decryption verification values B, C, D, E are combined to generate a combination, and the signature is released Using the key Pbk, the signature verification algorithm Vrfy is applied to the generated combination and the extracted decryption processing certificate.
- Vrfy (Pbk, decryption certificate, (hash value
- the signature verification algorithm Vrfy is a signature verification algorithm corresponding to the signature generation algorithm Sign.
- a signature scheme algorithm based on public key cryptography such as RSA signature, DSA (Digital Signature Algorithm), and elliptic curve DSA is used. It is.
- the signature public key Pbk corresponds to the signature private key Prk (632), and is a public key cryptosystem public key assigned to the management apparatus 200.
- Vrfy (x, y, z) indicates a detection result obtained by applying the signature verification algorithm Vrfy to the signature data y and the data z using the public key x.
- the detection result indicates either success or failure.
- the verification unit 404 receives the identification information of the application 110, the second intermediate application of the application 110, and the verification data 342 from the protection control module 120.
- a first intermediate application corresponding to the received identification information is extracted from the received verification data 342, and a combined body is generated by combining the extracted first intermediate application and the received second intermediate application in this order.
- the hash value is calculated by applying hash hash to the generated combination.
- a decryption verification value corresponding to the received identification information is extracted from the verification data 342, and it is determined whether or not the extracted decryption verification value matches the calculated hash value.
- a decryption processing certificate is extracted from the received verification data 342, and all decryption verification values G, H, I, and J other than the decryption verification value corresponding to the received identification information are extracted from the received verification data 342. Then, the calculated hash value and all the extracted decryption verification values G, H, I, and J are combined to generate a combined body, and the generated combined body and the decryption process extracted using the signature public key Pbk A signature verification algorithm Vrfy is applied to the certificate.
- the verification unit 404 receives the identification information of the application 110, the decryption application of the application 110 and the verification data 343 from the protection control module 120.
- a second intermediate application corresponding to the received identification information is extracted from the received verification data 343, and the extracted second intermediate application and the received decryption application are combined in this order to generate a combined body.
- a hash value is calculated by applying a hash hash to the generated combination.
- a decryption verification value corresponding to the received identification information is extracted from the verification data 343, and it is determined whether or not the extracted decryption verification value matches the calculated hash value.
- a decryption processing certificate is extracted from the received verification data 343, and all decryption verification values L, M, N, and O other than the decryption verification value corresponding to the received identification information are extracted from the received verification data 343. Then, the calculated hash value and all the extracted decryption verification values L, M, N, and O are combined to generate a combined body, and the generated combined body and the decryption process extracted using the signature public key Pbk A signature verification algorithm Vrfy is applied to the certificate.
- the verification unit 404 performs verification using the identifier for identifying the decryption partial process as described below. I do.
- the verification unit 404 identifies the identification information received from another application and the duplication of the identification information that identifies the decoding partial process corresponding to itself, and the received identification information and the decoding partial process corresponding to itself. The comprehensiveness of the identification information to be identified and the identification information for identifying each of the plurality of decoding partial processes is verified.
- the verification unit 404 identifies the received identification information and the identification information identifying the decoding partial process corresponding to itself, or identifies the received identification information and the decoding partial process corresponding to itself. When the identification information does not cover all identification information for identifying a plurality of partial decoding processes, a verification result indicating that the verification has failed is output.
- the verification unit 404 is an element constituting the detection module 131.
- the verification unit 404 receives identifiers for identifying the partial decoding processes from the detection modules 132 and 133, respectively.
- the verification unit 404 uses the identifier for identifying the decryption partial process used for verification by itself and the plurality of identifiers received from each of the plurality of other detection modules to verify all the decryption partial processes. Is verified by any detection module.
- the identifier for identifying the decryption partial process used for the verification by the verification unit 404 is to identify the first decryption partial process 651 shown in FIG. 6, and two identifiers are received from other detection modules. Is an identifier for identifying the second decoding partial process 652 and the third decoding partial process 653 shown in FIG. 6, it is determined that verification corresponding to all the decoding partial processes has been performed.
- the verification unit 404 verifies all decoding partial processes when there is a matching identifier among the identifier for identifying the decoding partial process used for verification and the received plurality of identifiers. It is determined that is not made.
- the verification unit 404 must have an identifier for identifying each decoding partial process shown in FIG. 6 among the identifier for identifying the decoding partial process used for the verification by the verification unit 404 itself and the received plurality of identifiers. For example, it is determined that verification corresponding to all the decryption partial processes has not been performed.
- the verification unit 404 performs the falsification detection certificate added to the protection control module 120 as shown below.
- the falsification detection process is performed using the document 331.
- the verification unit 404 applies hash SHA-1 to the entire protection control module 120 to generate a hash value, and uses the signature public key Pbk to generate the hash value and the falsification detection certificate 331.
- the digital signature is verified by the signature verification algorithm Vrfy.
- MAC value a pre-calculated message authentication code
- the MAC value is generated using the verification key held by the verification unit 404, and the tampering is performed by comparing the calculated MAC value with the MAC value received and held in advance from the management apparatus 200. Perform detection.
- the verification data holding unit 405 holds verification data 341 for verifying whether the decryption load unit 304 of the protection control module 120 operates normally.
- the verification data 341 is transmitted from the protection control module 120.
- the verification data holding unit 405 of the detection module 132 holds the verification data 342.
- the verification data holding unit 405 of the detection module 133 holds verification data 343.
- Applications 110, 111, ..., 114 are computer programs for providing various functions to the user who uses the device 100.
- the application 110 is a computer program for purchasing music content and video content from the content distribution server device via the network 20 and playing back the purchased content.
- the application 111 is a computer program for accessing a server device of a financial institution and using net banking such as balance confirmation and transfer.
- Each application has an authentication key for authenticating whether the other device is legitimate with a content distribution server device or a server device of a financial institution, a password for certifying that the device itself is indeed It holds confidential data that should not be known to others.
- a password for certifying that the device itself is indeed It holds confidential data that should not be known to others.
- attackers malicious third parties
- a protection control module 120 In the operation of the detection system 10, as shown in FIG. 16, when the device 100 is manufactured in a factory, as an initial setting process, a protection control module 120, a detection module group 130, applications 110, 111,. Other computer programs are installed in the device 100. Further, the verification base data 640 is embedded in the protection control module 120 (step S100).
- the device 100 is shipped from the factory and used for the user.
- the protection control module 120 protects each application from an attack by an attacker and executes each application as a detection process inside the device 100. At the same time, each detection module verifies whether the protection control module 120 has been attacked.
- the detection module that has not been tampered with manages that these computer programs have been tampered with. Notify device 200. Further, the device 100 may display on the display unit of the device 100 that these computer programs have been tampered with (step S200).
- each of the detection modules 131, 132, 133, 134, and 135 is collectively described as being performed by the detection module group 130.
- the distributed key generation unit 610 of the software distribution unit 220 of the management apparatus 200 decomposes the encryption / decryption key 631 held by the encryption / decryption key holding unit 607 to generate a plurality of distributed keys. And the plurality of distributed keys are written in the detection modules 131, 132,..., 135 held in the software holding unit 608 (step S1000).
- control unit 603 is a computer necessary for the operation of the protection control module 120, the detection module group 130, the applications 110, 111,..., 114 and other devices 100 via the transmission unit 602 and the communication unit 230.
- the program is transmitted to the device 100.
- a certificate (tamper detection certificate) for verifying tampering with these computer programs is added to these computer programs.
- the device 100 receives the protection control module 120, the detection module group 130, the applications 110, 111,..., 114 and other computer programs to which the certificate is added (step S1001).
- the protection control module 120, the detection module group 130, the applications 110, 111,..., 114, and other computer programs each having a certificate added thereto are installed in the EEPROM 172 of the device 100 (step S1002).
- the computer program for initial setting of the device 100 After the installation of these computer programs, the computer program for initial setting of the device 100, the computer program for testing whether the device 100 operates normally, and the like are executed, and the device 100 is initialized. Also, an initialization instruction is issued to the protection control module 120 (step S1003).
- the protection control module 120 When receiving the initialization instruction, the protection control module 120 requests the management device 200 to send the verification base data 640 (step S1004). *
- the management apparatus 200 When the management apparatus 200 receives a request to send the verification base data 640 from the protection control module 120, the management apparatus 200 executes a generation process of the verification base data 640 (step S1005).
- the management apparatus 200 transmits the verification base data 640 to the protection control module 120 (step S1006).
- the protection control module 120 receives the verification base data 640 from the management device 200, and stores it in the received verification base data 640 verification base data holding unit 308 (step S1007).
- the verification base data generation unit 609 reads the applications 110, 111,..., 114 from the software holding unit 608. Next, the verification base data generation unit 609 makes the decryption load unit 304 included in the protection control module 120 stored in the software holding unit 608 executable, and the decryption load unit 304 sets the encryption / decryption key 631. By using the encryption algorithm E, the applications 110, 111, ..., 114 are encrypted (step S1101).
- the decryption load unit 304 decrypts the encrypted applications 110e, 111e,..., 114e using the decryption algorithm D, and for each encrypted application, the first intermediate application and the second intermediate that are output data of each decryption partial process
- the application and the decryption application are output, and the verification base data generation unit 609 acquires the encryption application, the first intermediate application, the second intermediate application, and the decryption application for each encrypted application (step S1102).
- the verification base data generation unit 609 sends the certificate generation unit 605 a set of the encrypted application and the first intermediate application, a set of the first intermediate application and the second intermediate application, and the second Control is performed to generate a decryption verification value for a set of intermediate application and decryption application, and decryption is performed using a signature private key 632 held in the signature private key holding unit 606 for a plurality of decryption verification values.
- a processing certificate is generated (step S1203).
- the verification base data generation unit 609 generates verification base data 640 including the first decoded partial process data 641, the second decoded partial process data 642, and the third decoded partial process data 643 (step S1104).
- the device 100 When the initialization process is completed, the device 100 is shipped from the factory and sent to the user.
- the protection control module 120 controls the device 100 so as to exhibit functions such as a decryption load function, a falsification detection function, and an analysis tool detection function. Protect each app from attacks by attackers.
- the verification for the protection control module 120 is the same as the case of executing the application 110, and thus the description thereof is omitted.
- the falsification detection process for the protection control module 120 is performed using the falsification detection certificate added to the protection control module 120.
- a MAC value calculated in advance may be used.
- the protection control module 120 When receiving the command for executing the application 110 (step S2000), the protection control module 120 generates a distribution key transmission request for each detection module (step S2001), and transmits the generated transmission request to each detection module. (Step S2002).
- a transmission request is transmitted to the detection modules 131, 132, and 133, but a distributed key transmission request is similarly transmitted to the detection modules 134 and 135.
- Each detection module receives a transmission request from the protection control module 120 (step S2002), reads the distributed key held (step S2003), and transmits the read distributed key to the protection control module 120 (step S2004).
- the protection control module 120 restores the encryption / decryption key from the plurality of distributed keys (step S2005).
- the protection control module 120 decrypts the encrypted application 110e by the decryption load unit 304 and executes the application 110 (step S2006).
- the control unit 303 of the protection control module 120 deletes the restored encryption / decryption key after the decryption of the application is completed (step S2007).
- the protection control module 120 generates verification data from the verification base data 640 held in the verification base data holding unit 308 for each decryption partial process (step S2008).
- the control unit 303 of the protection control module 120 transmits the application identification information, the first intermediate application, and the verification data to the detection module 131 via the transmission unit 302 (step S2009a), and the application identification information, the second intermediate
- the application and the verification data are transmitted to the detection module 132 (step S2009b), and the application identification information, the decryption application, and the verification data are transmitted to the detection module 133 (step S2009c).
- Each detection module verifies whether the input / output correspondence of the decryption partial process is correct using the verification data. Specifically, each detection module generates a decryption verification value from the data in the verification data and the received intermediate application or decryption application, compares the generated decryption verification value with the decryption verification value in the verification data, To determine if they match. Further, the signature verification of the decryption processing certificate is performed. (Steps S2010a, S2010b, and S2010c).
- each detection module fails verification using verification data, that is, when the decryption verification values do not match or when signature verification of the decryption processing certificate fails, the protection control module 120 is tampered with. ("Y" in steps S2011a, S2011b, or S2011c), and the detection result is transmitted to the determination unit 210 (steps S2012a, S2012b, or S2012c). If the verification values match and the signature verification of the decryption processing certificate is successful, each detection module determines that the protection control module 120 has not been tampered with ("N" in steps S2011a, S2011b, or S2011c).
- An identifier for identifying the decryption partial process of the verification data is transmitted to another detection module (steps S2013a, S2013b, or S2013c).
- the detection module 131 transmits a notification that the first decryption partial process has been verified and an identifier that identifies the first decryption partial process.
- each detection module confirms whether all the decryption partial processes of the protection control module 120 have been verified using an identifier for identifying each decryption partial process (steps S2014a, S2014b, or S2014c).
- step S2014a, S2014b, or S2014c the protection control module 120 is determined to have been tampered with (“Y” in step S2014a, S2014b, or S2014c), and the detection result is transmitted to the determination unit 210 (step S2015a, S2015b, or S2015c).
- the protection control module 120 receives an end notification indicating that the application has ended from the OS 180 (step S2016), and notifies the end notification to each detection module (step S2017).
- Each detection module receives the end notification indicating that the application has ended from the protection control module 120, or when the application is not operating, the tamper detection certificate 331 is used to tamper with the protection control module 120. Detection is performed (step S2018a, S2018b or S2018c).
- the verification unit 404 of each detection module calculates the MAC value of the protection control module 120 using the verification key held by the verification unit 404, and compares the calculated MAC value with the held MAC value. If the MAC values match, it may be determined that the protection control module 120 has not been tampered with, and if the MAC values do not match, it may be determined that the protection control module 120 has been tampered with.
- each detection module When it is determined that the protection control module 120 has been tampered (“Y” in S2019a, S2019b, or S2019c), each detection module notifies the determination unit 210 of the detection result (S2020a, S2020b, or S2020c).
- step S2000 to S2015 in FIG. 19 the encryption / decryption key is restored from a plurality of distributed keys (step S2005), and then the encryption / decryption key is used.
- step S2007 the protection control module 120 holds the encryption / decryption key of the application.
- the protection control module holds the encryption / decryption key within the period from the encryption / decryption key restoration (step S2005) to the encryption / decryption key deletion (step S2007). Therefore, the possibility that an unauthorized detection module that has been limited and falsified may illegally acquire the encryption / decryption key from the protection control module 120 can be reduced.
- the protection control module 120 does not hold the encryption / decryption key of the application. For this reason, even if the detection module detects falsification of the protection control module 120 using the tampering detection certificate, the unauthorized detection module cannot acquire the encryption / decryption key, and the protection control module 120 Since the encryption / decryption key does not leak, the security of the detection system 10 can be improved.
- Embodiment 3 Here, a detection system 10a (not shown) as Embodiment 3 according to the present invention will be described.
- the protection control module collects the distributed key from the plurality of detection modules and uses the collected distributed key.
- the encryption / decryption key is temporarily restored.
- alteration detection using the alteration detection certificate by the detection module or alteration detection using the MAC value is performed. Absent.
- the detection module executes a part of the decryption of the application without the protection control module restoring the encryption / decryption key.
- the detection module does not acquire the encryption / decryption key even if the detection module performs the falsification detection using the falsification detection certificate or the falsification detection using the MAC value. .
- RSA encryption of public key cryptosystem is used for encryption / decryption of applications. Since RSA encryption is described in Non-Patent Document 1, description thereof is omitted here.
- a plain text application is expressed as M.
- a ⁇ b indicates an operation for raising a to the power of b.
- the detection system 10a has the same configuration as the detection system 10. Here, it demonstrates centering on difference with the detection system 10.
- FIG. 10a
- the software holding unit 608 of the software distribution unit 220 of the management apparatus 200 stores a protection control module 120a instead of the protection control module 120, and stores a detection module group 130a instead of the detection module group 130.
- the detection module group 130a includes detection modules 131a, 132a, 133a, 134a, and 135a.
- a protection control module 120a and a detection module group 130a are installed instead of the protection control module 120 and the detection module group 130.
- the encryption / decryption key holding unit 607 included in the software distribution unit 220 of the management apparatus 200 stores a private key d (631a) instead of the encryption / decryption key d (631).
- a distributed key d1 (641a), a distributed key d2 (642a), a distributed key d3 (643a), a distributed key d4 (644a), and a distributed key d5 (645a) are generated.
- the distributed key generation unit 610 generates a random number r1, generates the random number r1 as a distributed key d1 (641a), generates a random number r2, and generates the generated random number r2 as a distributed key d2 (642a).
- a random number r3 is generated, and the generated random number r3 is set as a distributed key d4 (644a).
- the distributed key generation unit 610 converts the generated plurality of distributed keys d1 (641a), d2 (642a),..., D5 (645a) into a control unit 603 and a transmission unit. 602, and transmitted to the detection modules 131a, 132a, 133a, 134a, and 134a of the detection module group 130a of the device 100 via the communication unit 230 and the network 20, respectively.
- the distributed keys d1 (641a), d2 (642a), ..., d5 (645a) are stored, respectively.
- the protection control module 120a includes a reception unit 301, a transmission unit 302, a control unit 303, a decryption load unit 304, a falsification detection unit 305, an analysis tool detection unit 306, and a detection module selection unit 310. .
- the tampering detection certificate 331a is attached to the protection control module 120a.
- the falsification detection certificate 331a is a certificate for detecting falsification of the protection control module 120a itself, similarly to the falsification detection certificate 331.
- components having the same functions as those of the protection control module 120 are denoted by the same reference numerals, and description thereof will be omitted.
- the protection control module 120a Comparing the configuration of the protection control module 120a with the configuration of the protection control module 120, the protection control module 120a does not include the encryption / decryption key restoration unit 307, the verification base data holding unit 308, and the verification data generation unit 309.
- the protection control module 120 a includes a detection module selection unit 310 that does not exist in the protection control module 120.
- the detection module selection unit 310 selects a detection module that causes the application to be decoded when the application is decoded.
- the detection module selection unit 310 holds a detection module list 351 that indicates combinations of detection modules that cause the application to be decoded.
- the detection module list 351 holds a plurality of sets composed of an index and a detection module identifier group. Each set represents a plurality of detection modules that cause the application to be decrypted.
- the index is identification information for identifying the corresponding detection module identifier group.
- the detection module identifier group includes a plurality of detection module identifiers.
- the plurality of detection module identifiers are identification information for identifying the plurality of detection modules, respectively.
- the plurality of detection modules are detection modules for decoding an application. These multiple detection modules store a distributed key for decrypting the application.
- the detection module list 351 has a set of an index 361 “1” and a detection module identifier group 362 including detection module identifiers “131”, “132”, and “133”. 363 “2” and a detection module identifier group 364 including detection module identifiers “131”, “134”, and “135”.
- the detection modules identified by the detection module identifiers “131”, “132”, “133”, “134”, and “135” are detection modules 131a, 132a, 133a, 134a, and 135a, respectively. .
- the detection module identifier group 362 corresponding to the index 361 “1” includes detection module identifiers “131”, “132”, and “133”.
- the detection module identifiers “131”, “132”, and “133” identify the detection modules 131a, 132a, and 133a, respectively.
- the detection modules 131a, 132a, and 133a store a distributed key d1 (641a), a distributed key d2 (642a), and a distributed key d3 (643a), respectively.
- the private key 631a can be calculated by adding the distributed key d1 (641a), the distributed key d2 (642a), and the distributed key d3 (643a).
- the detection module identifier group 364 corresponding to the index 363 “2” is also a detection module identified by the detection module identifiers “131”, “134”, and “135” in the detection module identifier group 364.
- the private key 631a can be calculated by adding the stored distributed key d1 (641a), distributed key d4 (644a), and distributed key d5 (645a).
- the detection module list 351 includes two sets as shown in FIG. 24, but is not limited to this.
- the detection module list 351 may include a larger number of sets.
- the detection module selection unit 310 selects one index at random from the detection module list 351 when the application is decoded under the control of the control unit 303. Next, a detection module identifier group corresponding to the selected index is extracted, and the extracted detection module identifier group is output to the control unit 303.
- the detection module 131a includes a reception unit 401, a transmission unit 402, a control unit 403, a verification unit 404, a distributed key holding unit 406, and a decryption unit 410. .
- components having the same functions as those of the detection module 131 are denoted by the same reference numerals, and description thereof is omitted.
- the detection module 131 a does not include the verification data holding unit 405.
- the detection module 131 includes a decoding unit 410 that does not exist.
- the detection modules 132a, 133a, 134a, and 135a also have the same configuration as the detection module 131a, description thereof will be omitted.
- the decryption unit 410 decrypts the encrypted application C (110) using the distributed key d1 (641a) held by the distributed key holding unit 406 by the RSA encryption method, and generates a decrypted text M1.
- the decryption unit 410 outputs the decrypted text M1 to the protection control module 120a via the control unit 403 and the transmission unit 402.
- the decryption unit 410 of the detection module 132a also decrypts the encrypted application C (110) using the distributed key d2 (642a) held by the distributed key holding unit 406 of the detection module 132a by the RSA encryption method.
- the decrypted text M2 is generated.
- the decryption unit 410 outputs the decrypted text M1 to the protection control module 120a via the control unit 403 and the transmission unit 402.
- the decryption unit 410 of the detection module 133a decrypts the encrypted application C (110) using the distributed key d3 (643a) held by the distributed key holding unit 406 of the detection module 133a by the RSA encryption method. Then, the decrypted text M3 is generated.
- the decryption unit 410 outputs the decrypted text M1 to the protection control module 120a via the control unit 403 and the transmission unit 402.
- the distributed key generation unit 610 of the software distribution unit 220 of the management apparatus 200 disassembles the private key 631a held by the encryption / decryption key holding unit 607 to generate a plurality of distributed keys 641a. , 642a,..., 645a, and the generated distributed keys 641a, 642a,..., 645a are stored in the detection modules 131a, 132a,. Writing is performed (step S1100).
- the control unit 603 is a computer necessary for the operation of the protection control module 120a, the detection module group 130a, the applications 110a, 111a,..., 114a and other devices 100 via the transmission unit 602 and the communication unit 230.
- the program is transmitted to the device 100.
- a certificate (tamper detection certificate) for verifying tampering with these computer programs is added to these computer programs.
- the applications 110a, 111a,..., 114a are encrypted.
- the device 100 receives the protection control module 120a, the detection module group 130a, the applications 110a, 111a,..., 114a to which the certificate is added, and other computer programs, respectively (step S1101).
- the protection control module 120a, the detection module group 130a, the applications 110a, 111a,..., 114a and other computer programs each having a certificate added thereto are installed in the EEPROM 172 of the device 100 (step S1102).
- a computer program for initial setting of the device 100 a computer program for testing whether the device 100 operates normally, and the like are executed to perform initialization processing of the device 100 (steps). S1103).
- the protection control module detection process (S201) and the application decryption process (S202) operate in parallel. In other words, the protection control module detection process (S201) and the application decryption process (S202) operate within the same time period.
- the protection control module detection process it is detected whether or not the protection control module 120a has been tampered with.
- the application decryption process the application decryption process is performed using the distributed key embedded in each detection module when the application is executed.
- protection control module detection process is executed regularly or irregularly regardless of whether the application decryption process is executed.
- each detection module may calculate the MAC value of the protection control module 120a using the verification key held by the verification unit 404, and compare the calculated MAC value with the held MAC value. Good. If the MAC values match, it is determined that the protection control module 120a has not been tampered with, and if the MAC values do not match, the protection control module 120a determines that the tampering has occurred.
- protection control module detection The operation of protection control module detection will be described with reference to the sequence diagram shown in FIG.
- the description is simplified, and the detection module 131a detects falsification of the protection control module 120a.
- similar processing is performed in the detection modules 132a, 133a, 134a, and 135a.
- the detection module 131a performs falsification detection on the protection control module 120a using the falsification detection certificate 331a (step S2101).
- the detection module 131a displays a tampering detection result indicating that the protection control module 120a has been tampered with.
- the determination unit 210 is notified (S2102).
- the detection module 131a returns to the tamper detection process (step S2101) without notifying the determination unit 210.
- the determination unit 210 receives the falsification detection results from the detection modules 131a, 132a, 133a, 134a, and 135a.
- the detection module selection unit 310 selects which detection module causes the encrypted application C to be decrypted (step S2111).
- the detection modules 131a, 132a, and 133a are selected.
- the protection control module 120a reads the encrypted application C (step S2112), and transmits the encrypted application C to the selected detection module (step S2113).
- Each detection module transmits the partially decrypted application to the protection control module 120a (steps S2115a, S2115b, and S2115c).
- the detection module 131a transmits the decrypted text M1 to the protection control module 120a (step S2115a), the detection module 131b transmits the decrypted text M2 to the protection control module 120a (step S2115b), and the detection module 131c transmits the decrypted text M3. Is transmitted to the protection control module 120a (step S2115c).
- the protection control module 120a receives the decrypted texts M1, M2, and M3 obtained by partial decryption from each detection module (steps S2115a, S2115b, and S2115c).
- the protection control module 120a decrypts the application using the decrypted text obtained by the partial decryption, and executes the application (step S2116). Specifically, the application is generated by multiplying the decrypted text M1, the decrypted text M2, and the decrypted text M3.
- the protection control module 120a notifies each detection module of the completion of application decryption after the decryption of the application is completed (step S2117).
- the detection module can detect falsification of the protection control module 120 using the falsification detection certificate regardless of whether or not the application is decrypted.
- Embodiment 4 Here, a detection system 10b (not shown) as Embodiment 4 according to the present invention will be described.
- the detection system 10b can restore the encryption / decryption key and decrypt the application by updating the distributed key held by each detection module.
- the detection system 10b has the same configuration as the detection system 10a. Here, it demonstrates centering on difference with the detection system 10a.
- the software holding unit 608 of the software distribution unit 220 of the management apparatus 200 stores a detection module group 130b instead of the detection module group 130a.
- the detection module group 130b includes detection modules 131b, 132b, 133b, 134b, and 135b.
- a detection module group 130b is installed instead of the detection module group 130a.
- d1 + d2 + d3 + d4 + d5 is satisfied.
- the determination unit 210 identifies an altered detection module in the detection module group 130b. Since the mutual monitoring process and identification of the tampered detection module are described in detail in Patent Document 3, description thereof is omitted here.
- the detection module 132b will be described as a detection module to be invalidated.
- the determination unit 210 outputs an identifier for identifying the detection module to be invalidated to the software distribution unit 220.
- the determination unit 210 outputs an identifier for identifying the detection module 132b to be invalidated to the distributed key generation unit 610 of the software distribution unit 220.
- the encryption / decryption key holding unit 607 includes, for the detection modules 131b, 132b,..., 135b included in the detection module group 130b, an identifier for identifying each detection module, and a distributed key transmitted to each detection module. Are stored in association with each other.
- the distributed key generation unit 610 receives an identifier for identifying the detection module to be invalidated from the determination unit 210. Next, the distributed key corresponding to the received identifier is read from the encryption / decryption key holding unit 607.
- the software distribution unit 220 reads the distributed key d2 transmitted to the detection module 132b to be invalidated.
- the distributed key generation unit 610 decomposes the distributed key transmitted to the detection module to be invalidated, and further generates a plurality of redistributed keys.
- the number of re-distributed keys to be generated is equal to the number of remaining detection modules excluding the detection modules that are to be invalidated from all the detection modules included in the detection module group 130b.
- the method for generating the redistribution keys d21, d23, d24, and d25 from the distribution key d2 is the same as the method for generating the distribution keys d1, d2, d3, d4, and d5 from the private key d.
- the distributed key generation unit 610 detects a plurality of generated redistribution keys via the control unit 603, the transmission unit 602, the communication unit 230, and the network 20, and the detection module that has not been invalidated in the device 100. Against. As an example, the distributed key generation unit 610 transmits the generated redistributed keys d21, d23, d24, and d25 to the detection modules 131b, 133b, 134b, and 135b, respectively.
- the detection module 131b includes a reception unit 401, a transmission unit 402, a control unit 403, a verification unit 404, a distributed key holding unit 406, a decryption unit 410, and a distributed key update unit. It is comprised from 420.
- the detection module 131b includes a distributed key update unit 420 that does not exist in the detection module 131a.
- the detection modules 132b, 133b, 134b, and 135b have the same configuration as the detection module 131b, description thereof will be omitted.
- the distributed key update unit 420 receives the redistributed key from the management device 200, reads the distributed key from the distributed key holding unit 406, adds the received redistributed key to the read distributed key, and adds the addition result to the new distributed key.
- the distributed key stored in the distributed key holding unit 406 is overwritten as a key.
- the distributed key update unit 420 receives the re-distributed key d21 from the management apparatus 200, and the distributed key holding unit 406 stores the distributed key d1 (641b) as shown in FIG. To do.
- the distributed key update unit 420 reads the distributed key d1 (641b) from the distributed key holding unit 406, and adds the received redistributed key d21 to the read distributed key d1 (641b) as shown in FIG.
- a new distributed key d1 + d21 (641c) is generated, and the generated distributed key d1 + d21 (641c) is overwritten on the distributed key d1 (641b) stored in the distributed key holding unit 406.
- the detection modules 133b, 134b, and 135b receive the re-distribution keys d23, d24, and d25, and receive them in the stored distribution keys d3, d4, and d5, respectively.
- the new redistribution keys d23, d24 and d25 are added to generate a new distribution key d3 + d23 (643c), a new distribution key d4 + d24 (644c), and a new distribution key d5 + d25 (645c). 643c, 644c and 645c are stored.
- the private key d can be obtained from the distributed key held by the detection modules 131b, 133b, 134b, and 135b of the detection module group 130b.
- the detection module 132b is a detection module to be invalidated.
- the determination unit 210 outputs an identifier for identifying the detection module to be invalidated to the software distribution unit 220 (step S3000).
- the distributed key generation unit 610 of the software distribution unit 220 acquires a distributed key corresponding to the received identifier (step S3001), decomposes the acquired distributed key to generate a plurality of redistributed keys (step S3002), and generates The re-distributed key is transmitted to each detection module that has not been revoked (step S3003).
- Each detection module that has not been revoked receives the redistribution key from the management apparatus 200 (step S3003), adds the received redistribution key to the distribution key stored in the distribution key holding unit 406, and creates a new A distributed key is generated, and the distributed key is updated by overwriting the generated distributed key in the distributed key holding unit 406 (step S3004).
- the private key d can be obtained from the distributed key held by the non-invalidated detection modules 131b, 133b, 134b, 135b of the detection module group 130b. it can.
- the mutual monitoring process may be performed between the detection modules after the detection process. Since the mutual monitoring process is described in detail in Patent Document 2, the description thereof is omitted here.
- a normal detection module may perform invalidation processing.
- the protection control module may be updated.
- the encryption / decryption key is restored in step S2005 of FIG. 19, but the protection control module 120 may further verify whether or not the restored encryption / decryption key is correct.
- the protection control module 120 receives the verification value of the encryption / decryption key from the management device 200 during the initial setting process.
- This verification value may be a hash value of the decryption key or a MAC value of the decryption key. After restoring the encryption / decryption key in step S2005, the protection control module 120 verifies whether the restored encryption / decryption key is correct using the verification value.
- the distributed key is received from each detection module in step S2004 of FIG. 19 and the encryption / decryption key is restored in step S2005.
- the protection control module 120 further receives the detection key from the detection module. It may be verified whether or not the distributed key is correct.
- the protection control module 120 receives the verification value of the distributed key of each detection module from the management apparatus 200 during the initial setting process.
- This verification value may be a hash value of the distributed key or a MAC value of the distributed key.
- the protection control module 120 After receiving the distributed key from each detection module in step S2004 of FIG. 19, the protection control module 120 verifies whether the received distributed key is correct using the verification value before restoring the encryption / decryption key in step S2005. .
- the app is decrypted in step S2116 of FIG. 29, but the protection control module 120a may further verify whether the decrypted app is correct.
- the protection control module 120a receives the verification value of the application from the management apparatus 200 during the initial setting process.
- This verification value may be the hash value of the application or the MAC value of the application. After decrypting the application in step S2116 in FIG. 29, the protection control module 120a verifies whether the decrypted application is correct using the verification value.
- the decrypted texts M1, M2, and M3 obtained by partially decrypting the encrypted application are received, and the application is decrypted in step S2116.
- the protection control module 120a may further verify whether the decrypted text obtained by the partial decryption received from the detection module is correct.
- the protection control module 120a receives the verification value of the decrypted text obtained by partial decryption from the management apparatus 200 during the initial setting process.
- This verification value may be a hash value of a decrypted text obtained by partial decryption, or may be a MAC value of a decrypted text obtained by partial decryption.
- the protection control module 120a verifies whether the decrypted text obtained by the partial decryption received from the detection module is correct using the verification value before decrypting the application in step S2116 of FIG.
- the encryption / decryption key may be decomposed as follows.
- the distributed key generation unit 610 decomposes the encryption / decryption key d (631) and distributes the distributed keys d1 (651), d2 (652), d3 (653), d4 (654), d5 ( 655) and d6 (656).
- (+) represents an exclusive OR.
- a combination of detection modules is selected from the detection module list including the detection module group held in the detection module selection unit 310, and the distributed key is transmitted to the selected detection module.
- a detection module list 351a held by the detection module selection unit 310 is shown in FIG.
- the protection control module 120 receives the distributed key from each detection module, and restores the encryption / decryption key using the received plurality of distributed keys.
- the detection module selection unit 310 selects the detection modules 131, 132, and 133, d1 (+) d2 (+) d3 is calculated from the received distributed key, and the encryption / decryption key d is restored.
- the attacker who tries to acquire the encryption / decryption key cannot restore the encryption / decryption key unless he / she knows the combination that can restore the encryption / decryption key.
- the attacker attacks the detection module randomly and acquires the distributed key from four or more detection modules including the detection modules 131, 132, 133, the correct combination of detection modules (for example, the detection modules 131, 132).
- the encryption / decryption key cannot be restored unless 133) is selected.
- the encryption / decryption d can be obtained from the distributed keys d1, d2, d3, and d4, but in the decomposition using exclusive OR, the encryption / decryption key d cannot be obtained.
- the protection control module 120 notifies the end of the application in step S2016 of FIG. 21, and the detection module performs falsification detection using the falsification detection certificate after receiving the end of the application.
- step S2007 of FIG. 19 after erasing the encryption / decryption key, the protection control module 120 notifies the detection module to delete the encryption / decryption key, and after receiving the notification of the encryption / decryption key deletion, the detection module It may be possible to detect falsification using a falsification detection certificate.
- the protection control module 120 deletes the encryption / decryption key immediately after completing the decryption of the encrypted application in step S2006 of FIG. 19 (S2007), and the protection control module 120 performs the decryption of the encrypted application.
- the notification of the completion of decryption of the encrypted application is sent to each detection module, and each detection module receives the notification of completion of decryption of the encrypted application and then performs falsification detection using the falsification detection certificate. Also good.
- the protection control module 120 notifies the end of the application in step S2016 of FIG. 21, and when the detection module receives the notification of the end of the application, the detection detection is performed using the tampering detection certificate. ing.
- the protection control module 120 may not notify the end of the application.
- the protection control module 120 notifies the detection module of the deletion of the encryption / decryption key, and after receiving the notification of the deletion of the encryption / decryption key, the detection module performs the tampering detection certificate. It is said that tampering detection may be performed.
- the protection control module 120 may not notify the deletion of the encryption / decryption key.
- the protection control module 120 transmits a notification of the completion of the decryption of the encrypted application to each detection module. After receiving the notification of the completion of decryption, alteration detection using the alteration detection certificate may be performed.
- the protection control module 120 may not notify the completion of decryption of the encrypted application.
- the detection module may execute falsification detection of the protection control module 120 if the above notification is not given even after a certain period of time has elapsed from the start of execution of the application.
- the certain period may be, for example, the time required for decrypting the application. Further, the certain period may be a time notified in advance from the server.
- each detection module holds one distributed key, but is not limited to this.
- the first detection module may hold a distributed key assigned to itself, and may hold a distributed key assigned to another second detection module. At this time, when the second detection module is attacked, the first detection module holding the distributed key of the attacked second detection module is distributed to the attacked second detection module.
- the key may be decomposed to generate a redistributed key, and the generated redistributed key may be transmitted to another non-attacked detection module. As a result, it is possible to update the distributed key held by the detection module that is not attacked without using the server device. Since the process of holding the distributed key of another detection module and updating the distributed key is described in detail in Patent Document 1, it is omitted here.
- a new second detection module may be added and installed in the device.
- the new second detection module is installed with the distributed key dx held in advance.
- the distributed key of the first detection module invalidated by the invalidation process is set to dy.
- the second detection module transmits the distributed key difference dy-dx to the other third detection modules.
- the third detection module receives the distributed key difference dy-dx and adds the difference dy-dx to the distributed key dz to be held, thereby updating the distributed key.
- each detection module holds one distributed key, but the present invention is not limited to this.
- the first detection module may hold the distributed key assigned to itself and may hold the distributed key of another second detection module.
- the first detection module holding the distributed key of the attacked second detection module receives the distributed key of the attacked second detection module as the server.
- Send to device The server device receives the distributed key, decomposes the received distributed key, generates a plurality of redistributed keys, and transmits the generated plurality of redistributed keys to the detection module that is not attacked.
- Each detection module that is not attacked receives the redistribution key and updates the distribution key held by itself.
- the processing after the server device receives the distributed key is the same as the processing after step S3002 in FIG.
- the distributed keys may be generated so that the distributed keys of all the detection modules are not equal to each other. Thereby, even if the distributed key leaks from each detection module, the distributed keys of other detection modules do not leak.
- the management device 200 acquires the distributed key of the detection module to be invalidated, decomposes the acquired distributed key, generates a plurality of re-distributed keys, and generates the generated plurality of re-shared keys.
- Each distributed key is transmitted to a detection module that is not an invalidation target.
- Each detection module that is not to be invalidated receives the redistribution key, and updates the distribution key held by the detection module using the received redistribution key.
- this is not a limitation.
- the management apparatus 200 newly generates a distributed key to be transmitted to each detection module again from the private key d, and transmits the new distributed key to each detection module that is not to be invalidated.
- Each detection module that is not a revocation target may replace the received new distributed key with a distributed key held by the distributed key holding unit 406.
- each of the above modules may be an individual computer program, a module incorporated in an operating system, or a driver called from the operating system. It may be an application program.
- One embodiment of the present invention may be a management device that manages a protection control module that protects an application program and a plurality of detection modules that monitor tampering of the protection control module.
- the management device decomposes a decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and generates a plurality of the distributed keys, respectively.
- An output circuit for outputting to the detection module may be provided.
- one embodiment of the present invention may be an integrated circuit constituting a management device that manages a protection control module that protects an application program and a plurality of detection modules that monitor tampering of the protection control module.
- the integrated circuit decomposes a decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and a plurality of the generated distributed keys, respectively,
- An output circuit for outputting to the detection module may be provided.
- one aspect of the present invention may be a management device that manages a protection control module that protects an application program and a plurality of detection modules that monitor tampering of the protection control module.
- the management device reads and decodes a computer instruction one by one from the computer program stored in the memory unit, a memory unit storing a computer program configured by combining a plurality of computer instructions, A processor that operates in accordance with the decoding result may be provided.
- the computer program is configured to decompose a decryption key for decrypting the encrypted application program into the management device, which is a computer, to generate a plurality of distributed keys, and to generate the plurality of generated keys
- An output step of outputting the distributed key to each of the plurality of detection modules may be executed.
- One embodiment of the present invention may be a protection control module that protects an application program and is monitored for alteration by a plurality of detection modules.
- the management device decomposes the decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the distributed key is stored in each detection module.
- the protection control module includes an acquisition circuit that acquires the shared key from each of the plurality of detection modules, a recovery circuit that recovers the decryption key by integrating the acquired multiple distributed keys, and a recovery circuit that restores the decryption key
- a decryption circuit that decrypts the encrypted application program using the decrypted key, and an erasure circuit that erases the decryption key after decryption by the decryption circuit may be provided.
- one embodiment of the present invention may be an integrated circuit that forms a protection control module that protects an application program and is monitored for tampering by a plurality of detection modules.
- the management device decomposes the decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the distributed key is stored in each detection module.
- the integrated circuit is restored by an acquisition circuit that acquires the shared key from each of the plurality of detection modules, a recovery circuit that integrates the acquired multiple distributed keys and restores the decryption key, and the recovery circuit.
- a decryption circuit for decrypting the encrypted application program using the decryption key, and an erasure circuit for erasing the decryption key after decryption by the decryption circuit may be provided.
- one aspect of the present invention may be a protection control module that protects an application program and is monitored for alteration by a plurality of detection modules.
- the protection control module reads and decodes one computer instruction at a time from a memory unit storing a computer program configured by combining a plurality of computer instructions, and the computer program stored in the memory unit.
- a processor that operates in accordance with the decoding result.
- the management device decomposes the decryption key for decrypting the encrypted application program to generate a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the distributed key is stored in each detection module.
- the computer program integrates the obtained distributed key into the protection control module, which is a computer, from the plurality of detection modules, and restores the decryption key by integrating the obtained plural distributed keys.
- a decryption step for decrypting the encrypted application program using the decryption key restored in the restoration step, and an erasure step for erasing the decryption key after the decryption by the decryption step is completed. May be executed.
- One embodiment of the present invention may be one detection module among a plurality of detection modules that monitor tampering with respect to a protection control module that protects an application program.
- the management device decomposes the decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the detection module may include an acquisition circuit that acquires the distributed key, a storage circuit that stores the acquired distributed key, and an output circuit that outputs the distributed key to the protection control module.
- one embodiment of the present invention may be an integrated circuit that constitutes one detection module among a plurality of detection modules that monitor tampering with the protection control module that protects the application program.
- the management device decomposes the decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the integrated circuit may include an acquisition circuit that acquires the distributed key, a storage circuit that stores the acquired distributed key, and an output circuit that outputs the distributed key to the protection control module.
- one embodiment of the present invention may be one detection module among a plurality of detection modules that monitor tampering with respect to a protection control module that protects an application program.
- the detection module stores a computer program configured by combining a plurality of computer instructions, and reads and decodes the computer instructions one by one from the computer program stored in the memory part, A processor that operates in accordance with the decoding result may be provided.
- the management device decomposes the decryption key for decrypting the encrypted application program, generates a plurality of distributed keys, and outputs the generated plurality of distributed keys to the plurality of detection modules, respectively.
- the computer program includes an acquisition step of acquiring the distributed key in the detection module, which is a computer, a step of storing the acquired distributed key in the memory unit, and the distributed key to the protection control module. The output step of outputting may be executed.
- One aspect of the present invention is an information processing apparatus including a protection control module having a function of protecting an application and a plurality of detection modules, each of the detection modules decomposing an encryption / decryption key for encrypting / decrypting the application Distributed key holding means for holding the distributed key, and transmission means for transmitting the distributed key to the protection control module, wherein the protection control module is distributed from the detection module when the encrypted application is decrypted.
- the detection control module protects the detection module because the protection control module does not hold the encryption / decryption key of the application except during the period from when the detection module sends the distributed key to when the encryption / decryption key is deleted. Whether the protection control module has been falsified by detecting falsification of the control module can be determined by reading the data of the protection control module and using the falsification detection certificate.
- the protection control module does not hold the encryption / decryption key of the application, even if the protection control module is attacked, the encryption / decryption key does not leak, and the protection control module information and application information do not leak. Therefore, the safety of the system can be increased.
- the protection control module distributes the output data into at least k (k ⁇ 2) decomposed data and distributes the decomposed k decomposed data to any of the detection modules.
- Each of the distribution means and the plurality of detection modules has a verification generated based on the distributed decomposition data, the input data, and the value of the decomposition data expected when the decoding means performs normal operation.
- a verification unit may be provided that determines whether or not the distributed decomposition data is correct using the data and the input data.
- the protection control module includes an erasure unit that erases the encryption / decryption key
- the detection module includes an alteration detection unit that verifies whether the protection control module has been altered, and the protection control module.
- the tampering detection means may be executed in a time other than the time from the restoration of the encryption / decryption key by the encryption / decryption key restoration means to the completion of erasure of the encryption / decryption key by the erasure means.
- the detection module Whether the protection control module has been tampered with by detecting the tampering of the protection control module can be determined by reading the data of the protection control module and using the tampering detection certificate.
- the protection control module includes notification transmission means for notifying the detection module of completion of erasure after executing the erasure means, and the detection module notifies the encryption / decryption key erasure completion from the protection control module. It may be determined that erasure of the encryption / decryption key is completed by the erasure unit by receiving the notification received by the notification unit and the notification unit.
- An information processing apparatus is an information processing apparatus including a protection control module having a function of protecting an application and a plurality of detection modules, each of the detection modules including an application.
- a distributed key holding unit that holds a distributed key obtained by decomposing a decryption key to be decrypted, and the encrypted application are input as input data, the input data is partially decrypted with the distributed key, and a decryption result is output as output data Partial decoding means for transmitting, and transmission means for transmitting the output data to a protection control module, the protection control module receiving means for receiving output data from the detection module, and the decrypted from a plurality of the output data And an application decoding means for calculating an application. .
- the detection module may include tamper detection means for verifying whether or not the protection control module has been tampered with.
- the detection module detects whether the protection control module has been tampered with, regardless of when the application is decrypted, and reads whether the protection control module has been tampered with, and uses the tampering detection certificate to determine be able to. Furthermore, even if the protection control module is tampered with, it can be detected immediately, and the safety of the system can be improved.
- the falsification detection unit increases the execution frequency of the detection process of the protection control module from the start of execution of the decryption unit of the detection module to the completion of execution of the application decryption unit of the protection control module. Also good.
- the protection control module includes notification transmission means for notifying the detection module of completion of execution after executing the application decryption means, and the detection module is configured to execute execution of the application decryption means from the protection control module. It may be determined that the execution of the application decryption unit is completed by the notification receiving unit receiving the notification and the reception of the notification by the notification unit.
- the detection module is connected to a management device via a network, and receives a distributed key receiving unit that receives a distributed key for update from the management device, a distributed key received by the distributed key receiving unit, and the distributed key
- An update unit that generates a new distributed key from the distributed key held by the holding unit and updates the distributed key held by the distributed key holding unit may be provided.
- the encryption / decryption key of the application cannot be restored by updating the distributed key held by the detection module other than the detection module that has been tampered Can be prevented. Even if the detection module is tampered with, the application can be encrypted and decrypted, and the security of the system can be improved by invalidating the tampered detection module.
- the information processing device is connected to a management device via a network, and a distributed key receiving unit that receives a distributed key for updating from the management device by a detection module from the management device, and a distributed key receiving unit. And a distribution key received, and an update means for updating the shared key held by the distributed key holding means to a new distributed key.
- a management apparatus includes a decryption unit that decrypts input encrypted data through a plurality of processing steps, and is a management device connected to an information processing apparatus that verifies each processing step.
- a verification base data generating means for generating verification base data from input data to the plurality of processing steps and output data from each processing step expected when the decoding means performs a normal operation; Transmission means for transmitting the generated verification base data to the information processing apparatus.
- the decryption unit of the information processing apparatus decrypts the plurality of encrypted applications
- the verification base data generation unit corresponds to each of the plurality of processing steps, and each of the plurality of applications.
- An encrypted application a verification value indicating a correspondence relationship between input data and output data of each processing step expected when the decryption unit performs a normal operation, and data obtained by combining a plurality of the verification values
- a plurality of the verification base data including the combined data verification value generated from the data may be generated.
- each of the above devices is a computer system including a microprocessor, a ROM, a RAM, a hard disk unit, a display unit, a keyboard, a mouse, and the like.
- a computer program is stored in the RAM or hard disk unit.
- Each device achieves its functions by the microprocessor operating according to the computer program.
- the computer program is configured by combining a plurality of instruction codes indicating instructions for the computer in order to achieve a predetermined function.
- a part or all of the constituent elements constituting each of the above-described devices may be configured by one system LSI (Large Scale Integration).
- the system LSI is a super multifunctional LSI manufactured by integrating a plurality of components on a single chip, and specifically, a computer system including a microprocessor, a ROM, a RAM, and the like. .
- a computer program is stored in the RAM.
- the system LSI achieves its functions by the microprocessor operating according to the computer program.
- each part of the constituent elements constituting each of the above devices may be individually made into one chip, or may be made into one chip so as to include a part or all of them.
- the method of circuit integration is not limited to LSI, and may be realized by a dedicated circuit or a general-purpose processor.
- An FPGA Field Programmable Gate Array
- a reconfigurable processor that can reconfigure the connection and setting of circuit cells inside the LSI may be used.
- a part or all of the constituent elements constituting each of the above devices may be constituted by an IC card or a single module that can be attached to and detached from each device.
- the IC card or the module is a computer system including a microprocessor, a ROM, a RAM, and the like.
- the IC card or the module may include the super multifunctional LSI described above.
- the IC card or the module achieves its function by the microprocessor operating according to the computer program. This IC card or this module may have tamper resistance.
- One aspect of the present invention may be a control method for controlling the operation of each device. Further, the present invention may be a computer program that realizes these methods by a computer, or may be a digital signal composed of the computer program.
- the present invention also relates to a computer-readable recording medium such as a flexible disk, hard disk, CD-ROM, MO, DVD, DVD-ROM, DVD-RAM, BD, semiconductor memory, etc. It may be recorded. The digital signal may be recorded on these recording media.
- a computer-readable recording medium such as a flexible disk, hard disk, CD-ROM, MO, DVD, DVD-ROM, DVD-RAM, BD, semiconductor memory, etc. It may be recorded.
- the digital signal may be recorded on these recording media.
- the computer program or the digital signal may be transmitted via an electric communication line, a wireless or wired communication line, a network represented by the Internet, a data broadcast, or the like.
- the present invention may be a computer system including a microprocessor and a memory, the memory storing the computer program, and the microprocessor operating according to the computer program.
- program or the digital signal is recorded on the recording medium and transferred, or the program or the digital signal is transferred via the network or the like, and executed by another independent computer system. It is good. *
- the falsification monitoring system holds the decryption key only in the time zone in which the protection control module always decrypts the encrypted application program without holding the decryption key. Since the decryption key is deleted, it is possible to reduce the possibility that the decryption key is illegally leaked from the protection control module, and it is useful as a technique for monitoring the tampering of the module operating inside the equipment such as the information processing apparatus. is there.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
Description
#請求項8
ここで、各検知モジュールの前記検証手段は、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する前記識別情報に重複があるか、又は、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する前記識別情報が、複数の復号部分処理を識別する全ての識別情報を網羅していない場合に、検証に失敗した旨を示す検証結果を出力するとしてもよい。
ここでは、本発明に係る実施の形態1としての改ざん監視システム10dについて説明する。
改ざん監視システム10dは、図1に示すように、保護制御モジュール120d、複数の検知モジュール131d、132d、・・・、135d及び管理装置200dから構成されている。
ここでは、本発明に係る実施の形態2としての検知システム10について説明する。
検知システム10は、図2に示すように、機器100及び管理装置200から構成され、機器100と管理装置200とは、インターネットに代表されるネットワーク20を介して、接続されている。
管理装置200は、保護制御モジュール120が正しく動作しているか否かを検証するために必要な検証基データを生成し、機器100へ出力する。
判断部210は、機器100内部に記憶されているコンピュータプログラム(アプリケーションプログラム(以下、「アプリ」という。)110、111、112、113、114、保護制御モジュール120及び検知モジュール群130)の状態に応じて、機器100が実行すべき処理を決定し、ソフトウェア配布部220に各種指示を行う。
ソフトウェア配布部220は、機器100内部に記憶されている保護制御モジュール120が検知される際に、各検知モジュールが検証に用いる検証データを含む検証基データを保護制御モジュール120へ送信する。
署名私有鍵保持部606は、署名私有鍵Prk(632)を保持している。署名私有鍵Prk(632)は、管理装置200に割り当てられた公開鍵暗号方式の私有鍵であり、証明書生成部605により証明書を生成するときに利用される。
暗復号鍵保持部607は、アプリを暗号化するため及び暗号化アプリを復号するために用いられる暗復号鍵d(631)を保持している。暗復号鍵d(631)は、秘密暗号方式の秘密鍵である。暗復号鍵d(631)は、一例として、128ビット長のAES(Advanced Encryption Standard)の秘密鍵である。
ソフトウェア保持部608は、コンピュータプログラムとしての保護制御モジュール120、コンピュータプログラムとしての検知モジュール群130及びコンピュータプログラムとしてのアプリ110、111、・・・、114を予め記憶している。
受信部601は、機器100の各検知モジュールから、ネットワーク20及び通信部230を介して、保護制御モジュール120に対する検出結果を受信し、受信した検出結果を制御部603へ出力する。
送信部602は、制御部603の制御により、機器100内部の各アプリ及び保護制御モジュール120に対する改ざん検証の依頼、それらの検証に必要な検証基データなどを、通信部230及びネットワーク20を介して、機器100へ送信する。
制御部603は、ソフトウェア配布部220の各構成要素を制御する。
認証部604は、各検知モジュールや保護制御モジュール120との間で相互認証を行う。
検証基データ生成部609は、以下に示すように、暗号化された改ざんのないアプリに対し、複数の復号部分処理から構成される復号処理を施し、復号部分処理毎に、当該復号部分処理への入力データ及び当該復号部分処理からの出力データの両方に対して、一方向性の変換を施して、復号検証値を生成し、復号部分処理毎に前記入力データ及び前記復号検証値を含む検証データを生成する。
ここで、一例として、ハッシュSHA-1を用いる。しかし、これには限定されない。SHA-2、SHA-3やブロック暗号を用いたCBC-MAC(Cipher Block Chaining - Message Authentication Code)などを用いるとしてもよい。
復号検証値C(645c)=Hash(暗号化アプリ112e||第一中間アプリ112da)
復号検証値D(645d)=Hash(暗号化アプリ113e||第一中間アプリ113da)
復号検証値E(645e)=Hash(暗号化アプリ114e||第一中間アプリ114da)
次に、第二復号部分処理652について、検証基データ生成部609は、第一中間アプリ110da及び第二中間アプリ110dbをこの順序で結合して、結合体を生成し、生成した結合体に対して、ハッシュを施して、復号検証値F(645f)を生成する。
第一中間アプリ111da、112da、・・・、114daについても、同様にして、復号検証値G(645g)、復号検証値H(645h)、復号検証値I(645i)及び復号検証値J(645j)を生成する。
復号検証値H(645h)=Hash(第一中間アプリ112da||第二中間アプリ112db)
復号検証値I(645i)=Hash(第一中間アプリ113da||第二中間アプリ113db)
復号検証値J(645j)=Hash(第一中間アプリ114da||第二中間アプリ114db)
次に、第三復号部分処理653について、検証基データ生成部609は、第二中間アプリ110db及び復号アプリ110dをこの順序で結合して、結合体を生成し、生成した結合体に対して、ハッシュを施して、復号検証値K(645k)を生成する。
第二中間アプリ111db、112db、・・・、114dbについても、同様にして、復号検証値L(645l)、復号検証値M(645m)、復号検証値N(645n)及び復号検証値O(645o)を生成する。
復号検証値M(645m)=Hash(第二中間アプリ112db||復号アプリ112d)
復号検証値N(645n)=Hash(第二中間アプリ113db||復号アプリ113d)
復号検証値O(645o)=Hash(第二中間アプリ114db||復号アプリ114d)
(f)検証基データ生成部609は、次に示すようにして、各復号サブプロセス(復号部分処理)について、復号証明書を生成する。
ここで、署名生成アルゴリズムSignは、例えば、RSA署名、DSA(Digital Signature Algorithm)や楕円曲線DSAなどの公開鍵暗号をベースとした署名方式のアルゴリズムである。なお、署名生成アルゴリズムSignは、これらには限定されない。他にも、MAC(Message Authentication Code)などの共通鍵暗号やハッシュ関数をベースとした署名方式のアルゴリズムであるとしてもよい。
次に、第三復号部分処理653について、検証基データ生成部609は、復号検証値K(645k)、復号検証値L(645l)、復号検証値M(645m)、復号検証値N(645n)及び復号検証値O(645o)をこの順序で結合して、結合体を生成する。次に、生成した結合体に対して、ハッシュを施して、ハッシュ値を生成する。次に、生成したハッシュ値を証明書生成部605へ出力して、署名私有鍵Prk(632)を用いて、生成したハッシュ値に署名生成アルゴリズムSignを施して、復号処理証明書646cを生成させる。
(g)検証基データ生成部609は、第一復号部分処理651について、識別情報「110」、暗号化アプリ110e及び復号検証値A(645a)を第一組とし、識別情報「111」、暗号化アプリ111e及び復号検証値B(645b)を第二組とし、識別情報「112」、暗号化アプリ112e及び復号検証値C(645c)を第三組とし、識別情報「113」、暗号化アプリ113e及び復号検証値D(645d)を第四組とし、識別情報「114」、暗号化アプリ114e及び復号検証値E(645e)を第五組とし、判定情報「3」、第一組、第二組、・・・、第五組及び復号処理証明書646aを含む第一復号部分処理データ641を生成する。
証明書生成部605は、検証基データ生成部609から署名対象とするデータを受け取る。データを受け取ると、証明書生成部605は、署名私有鍵保持部606から署名私有鍵Prk(632)を読み出す。
分散鍵生成部610は、以下に示すようにして、暗復号鍵保持部607により保持されている暗復号鍵d(631)を分解し、複数個の分散鍵を生成する。
d2=r2
d3=r3
d4=r4
次に、分散鍵生成部610は、d5を、d5=d-(d1+d2+d3+d4)により、算出する。
通信部230は、ネットワーク20を介して、機器100と通信を行う。通信部230は、機器100から受信した情報に応じて、管理装置200内部の各部に対して当該受信した情報を出力する。また、管理装置200内部の各部から受け取った指示や情報を機器100に送信する。具体的には、ソフトウェア配布部220から受け取った指示や通知などを機器100に送信したり、機器100から受け取った改ざん検出の検出結果などの情報を判断部210に送信したりする。
機器100は、図2に示すように、内部にアプリ110、111、112、113、114、保護制御モジュール120及び検知モジュール群130などのコンピュータプログラムを記憶しており、機器100においては、これらのコンピュータプログラムが動作する。
機器100は、図8に示すように、CPU171、EEPROM(Electrically Erasable and Programmable Read Only Memory)172、RAM173、NIC174、バス175及びその他のデバイス等を含んで構成されている。CPU171、EEPROM172、RAM173及びNIC174は、バス175を介して、相互に通信可能に接続されている。
次に、機器100におけるソフトウェア構成について説明する。
保護制御モジュール120は、攻撃者により各アプリが解析されないように、また、秘匿データが各アプリから抜き取られないように、各アプリを保護するための機能を有し、これらの機能が発揮されるように制御するためのコンピュータプログラムである。なお、秘匿データは、後述するように、各アプリによって保持されている秘密にすべきデータである。
改ざん検出用証明書331は、保護制御モジュール120自体の改ざんを検出するための証明書である。改ざん検出用証明書331は、保護制御モジュール120の全体に対して、ハッシュSHA-1を施して、ハッシュ値を生成し、生成したハッシュ値に対して、管理装置200によって保持されている署名私有鍵632を用いて、署名生成アルゴリズムSignによるデジタル署名を施して、生成した署名データを含んでいる。
受信部301は、各検知モジュールから、分散情報や各種依頼などを受信する。
送信部302は、各検知モジュール131、132、・・・、135へ、各種依頼などを送信する。
制御部303は、復号ロード部304、改ざん検出部305及び解析ツール検出部306を制御して動作させ、各アプリが攻撃者により攻撃されている場合に、攻撃を検出する。
復号ロード部304は、機器100内部に保持されている暗号化アプリ110e、111e、・・・、114eを実行するときに、暗復号鍵復元部307により復元された暗復号鍵631を用いて、復号アルゴリズムDにより、暗号化アプリ110e、111e、・・・、114eを復号して、平文のアプリ110、111、・・・、114を生成し、生成したアプリ110、111、・・・、114をRAM173上にロードする処理を行う。
改ざん検出部305は、各アプリが改ざんされているかどうかを確認する改ざん検出処理を実行する。改ざん検出処理は、各アプリに付加されている改ざん検出用の証明書を用いることにより、行われる。なお、MAC値を比較することにより、改ざん検出を行うとしてもよい。
解析ツール検出部306は、デバッガなどの解析ツールがインストールされたり、動作したりしたときに、それらを検出する。不正な攻撃者が各アプリを攻撃するために、解析ツールをインストールしたり、動作させることが想定されるからである。例えば、デバッガなどの解析ツールが格納されているファイル名を検索したり、デバッガが使用する特殊なレジスタが使用されているか否かを調べたり、デバッガが設定する割り込みを検出したりする方法などを用いる。
暗復号鍵復元部307は、図11に一例として示すように、複数の検知モジュールから受信した複数の分散鍵を統合して、各アプリを暗復号するための暗復号鍵631を復元する。
検証基データ保持部308は、管理装置200から受信した検証基データ640を保持する。検証基データ640のデータ構造については、上述した通りである。
検証データ生成部309は、検証基データ保持部308に保持されている検証基データ640から、第一復号部分処理データ641を抽出し、抽出した第一復号部分処理データ641を検証データ341とする。また、検証基データ640から、第二復号部分処理データ642を抽出し、抽出した第一復号部分処理データ641を検証データ342とする。また、検証基データ640から、第三復号部分処理データ643を抽出し、抽出した第一復号部分処理データ641を検証データ343とする。
検知モジュール群130は、図2に示すように、5個の検知モジュール131、132、133、134及び135を含んでいる。
受信部401は、管理装置200から、各種指示を受信する。また、他のモジュールへ依頼した処理の結果や、他の検知モジュールによる保護制御モジュール120に対する改ざんの検出結果を受信する。
送信部402は、管理装置200、保護制御モジュール120、他の検知モジュールへ、各種処理結果などのデータを送信する。
制御部403は、受信部401が受信した各種指示や通知に基づいて、検証部404を制御し、保護制御モジュール120に対する検証処理を行う。
検証部404は、保護制御モジュール120が正常に動作しているか否かの検証を行う。検証部404は、制御部403から受け取った出力データ及び検証データを用いて、検証を行い、検証に失敗した場合に、その検証結果を出力する。
ここで、署名検証アルゴリズムVrfyは、署名生成アルゴリズムSignに対応する署名検証アルゴリズムであり、例えば、RSA署名、DSA(Digital Signature Algorithm)や楕円曲線DSAなどの公開鍵暗号をベースとした署名方式のアルゴリズムである。
検証データ保持部405は、保護制御モジュール120の復号ロード部304が正常に動作するか否かを検証するための検証データ341を保持する。検証データ341は、保護制御モジュール120から送信されたものである。
アプリ110、111、・・・、114は、それぞれ、機器100を使用する利用者に、様々な機能を提供するためのコンピュータプログラムである。
(1)全体の動作概要
検知システム10全体の概要の動作について、図16に示すフローチャートを用いて、説明する。
次に、初期設定処理について、図17に示すシーケンス図を用いて、説明する。
検証基データ640の生成の動作について、図18に示すフローチャートを用いて説明する。
ここでは、図16のステップS200に示す検知処理の詳細について、図19~図21に示すシーケンス図を用いて、説明する。
検知システム10では、アプリの実行中において(図19のステップS2000からS2015)、複数の分散鍵から暗復号鍵を復元して(ステップS2005)から、暗復号鍵を消去する(ステップS2007)までの期間においては、保護制御モジュール120は、アプリの暗復号鍵を保持している。
ここでは、本発明に係る実施の形態3としての検知システム10a(図示していない)について説明する。
検知システム10では、検知モジュールに分散鍵を書き込み、アプリを復号して実行する場合において、保護制御モジュールは、複数の検知モジュールから分散鍵を収集し、収集した分散鍵を用いて、一時的に暗復号鍵を復元している。この場合に、不正な検知モジュールによる暗復号鍵の不正な取得を防ぐために、アプリ復号中には、検知モジュールによる改ざん検出用証明書を用いた改ざん検出やMAC値を用いた改ざん検出をさせていない。
検知システム10aは、検知システム10と同様の構成を有している。ここでは、検知システム10との相違点を中心として、説明する。
管理装置200のソフトウェア配布部220に含まれる暗復号鍵保持部607は、暗復号鍵d(631)に代えて、私有鍵d(631a)を記憶している。
d2=r2
d4=r3
次に、分散鍵生成部610は、分散鍵d3(643a)を、d3=d-d1-d2により算出し、分散鍵d5(645a)を、d5=d-d1-d4により算出する。
保護制御モジュール120aは、図23に示すように、受信部301、送信部302、制御部303、復号ロード部304、改ざん検出部305、解析ツール検出部306及び検知モジュール選択部310を含んでいる。
検知モジュール選択部310は、以下に示すようにして、アプリの復号時に、当該アプリの復号を実行させる検知モジュールを選択する。
検知モジュール131aは、図25に示すように、受信部401、送信部402、制御部403、検証部404、分散鍵保持部406及び復号部410から構成されている。
次に、復号部410は、復号文M1を、制御部403及び送信部402を介して、保護制御モジュール120aへ出力する。
次に、復号部410は、復号文M1を、制御部403及び送信部402を介して、保護制御モジュール120aへ出力する。
次に、復号部410は、復号文M1を、制御部403及び送信部402を介して、保護制御モジュール120aへ出力する。
(1)初期設定の動作
検知システム10aにおける初期設定の動作について、図26に示すシーケンス図を用いて説明する。
検知システム10aにおける検知処理の動作について、図27に示すフローチャートを用いて説明する。
保護制御モジュール検知処理においては、検知モジュール131a、132a、133a、134a及び135aは、改ざん検出用証明書331aを用いて、保護制御モジュール120aに対する改ざん検出を実施する。
検知システム10aにおけるアプリの復号の動作について、図29に示すシーケンス図を用いて説明する。
=(C^d1)×(C^d2)×(C^d3)
=C^(d1+d2+d3)
=C^d
=(M^e)^d
=M^(e×d)
=M^1=M
となり、平文のアプリMを求めることができる。
上述したように、保護制御モジュール検知処理とアプリ復号処理とは、並行して動作する。アプリ復号時以外では、保護制御モジュール120aが動作することが少ないので、保護制御モジュール検知処理の実行頻度を低くするとしてもよい。一方、アプリ復号時には、保護制御モジュールによるアプリを保護するための動作が多いので、保護制御モジュール検知処理の実行頻度を高くするとしてもよい。なお、アプリ復号時とは、図29に示すステップS2115a、S2115b、S2115cにおいて、各検知モジュールが保護制御モジュール120aへ部分復号により得られた復号文を送信したときから、ステップS2117において、保護制御モジュール120aから各検知モジュールへアプリ復号完了通知を送信するまでを言う。
検知システム10aにおいては、アプリの私有鍵を保護制御モジュール120a内で復元しないため、保護制御モジュール120aが改ざんされた場合であっても、アプリの私有鍵の漏洩を防止することができる。
ここでは、本発明に係る実施の形態4としての検知システム10b(図示していない)について説明する。
検知システム10bでは、各検知モジュールが保持する分散鍵を更新する。
検知システム10bは、検知システム10aと同様の構成を有している。ここでは、検知システム10aとの相違点を中心として説明する。
判断部210は、検知モジュール群130b内の改ざんされた検知モジュールを特定する。相互監視処理や改ざんされた検知モジュールの特定に関しては、特許文献3に詳しく説明されているので、ここでの説明は省略する。
(暗復号鍵保持部607)
暗復号鍵保持部607は、検知モジュール群130bに含まれる検知モジュール131b、132b、・・・、135bについて、それぞれの検知モジュールを識別する識別子と、それぞれの検知モジュールに対して送信した分散鍵とを対応付けて記憶している。
分散鍵生成部610は、判断部210から無効化対象である検知モジュールを識別する識別子を受け取る。次に、受け取った識別子に対応する分散鍵を暗復号鍵保持部607から読み出す。ここでは、一例として、ソフトウェア配布部220は、無効化対象である検知モジュール132bに対して送信された分散鍵d2を読み出す。
検知モジュール131bは、図33に示すように、受信部401、送信部402、制御部403、検証部404、分散鍵保持部406、復号部410及び分散鍵更新部420から構成されている。
検知システム10bにおける分散鍵の更新処理の動作について、図35に示すシーケンス図を用いて説明する。
検知システム10bでは、分散鍵を記憶する検知モジュールが改ざんされ、当該検知モジュールが無効化されたとしても、無効化されていない検知モジュールに記憶されている分散鍵を更新することにより、アプリを復号するための私有鍵が復元できないという事態を防止することができる。
なお、本発明を上記実施の形態に基づいて説明しているが、本発明は、上記実施の形態に限定されないのはもちろんである。以下のような場合も本発明に含まれる。
10d 改ざん監視システム
100 機器
110、111、112、113、114 アプリ
120、120a、120b 保護制御モジュール
130、130a、130b 検知モジュール群
131、132、133、134、135 検知モジュール
171 CPU
172 EEPROM
173 RAM
174 NIC
180 OS
190 ブートローダ
200、200d 管理装置
210 判断部
220 ソフトウェア配布部
230 通信部
301 受信部
302 送信部
303 制御部
304 復号ロード部
305 改ざん検出部
306 解析ツール検出部
307 暗復号鍵復元部
308 検証基データ保持部
309 検証データ生成部
310 検知モジュール選択部
401 受信部
402 送信部
403 制御部
404 検証部
405 検証データ保持部
406 分散鍵保持部
410 復号部
420 分散鍵更新部
501 受信部
502 送信部
503 指示生成部
601 受信部
602 送信部
603 制御部
604 認証部
605 証明書生成部
606 署名私有鍵保持部
607 暗復号鍵保持部
608 ソフトウェア保持部
609 検証基データ生成部
610 分散鍵生成部
Claims (68)
- アプリケーションプログラムを保護する保護制御モジュールと、前記保護制御モジュールの改ざんを監視する複数の検知モジュールと、管理装置とを含む改ざん監視システムであって、
前記管理装置は、
暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵を生成する分散鍵生成手段と、
生成した複数の前記分散鍵を、それぞれ、複数の前記検知モジュールに出力する出力手段とを備え、
各検知モジュールは、前記分散鍵を取得して内部に記憶し、
前記保護制御モジュールは、
複数の前記検知モジュールからそれぞれ前記分散鍵を取得する取得手段と、
取得した複数の前記分散鍵を統合して、前記復号鍵を復元する復元手段と、
前記復元手段により復元された前記復号鍵を用いて、暗号化された前記アプリケーションプログラムを復号する復号手段と、
前記復号手段による復号が終了した後、前記復号鍵を消去する消去手段とを備える
ことを特徴とする改ざん監視システム。 - 前記管理装置は、さらに、
暗号化された改ざんのない前記アプリケーションプログラムに対し、複数の復号部分処理から構成される復号処理を施し、復号部分処理毎に、当該復号部分処理への入力データ及び当該復号部分処理からの出力データの両方に対して、一方向性の変換を施して、復号検証値を生成し、復号部分処理毎に前記入力データ及び前記復号検証値を含む検証データを生成する検証データ生成手段を含み、
前記出力手段は、さらに、前記検証データを前記保護制御モジュールへ出力し、
前記復号手段は、暗号化された前記アプリケーションプログラムに対して、複数の復号部分処理から構成される復号処理を施し、
前記保護制御モジュールは、さらに、前記復号手段における復号部分処理毎に、当該復号部分処理からの出力データ及び受け取った前記検証データを検知モジュールへ出力する第二出力手段を含み、
前記検知モジュールは、
前記出力データ及び前記検証データを受け取る受信手段と、
受け取った前記出力データ及び前記検証データを用いて、検証を行い、検証に失敗した場合に、その検証結果を出力する検証手段とを含む
ことを特徴とする請求項1に記載の改ざん監視システム。 - 前記検証手段は、前記検証データに含まれている前記入力データ及び受け取った前記出力データの両方に、一方向性の前記変換と同一の変換を施して、第二検証値を生成し、前記検証データに含まれる前記復号検証値と、生成した前記第二検証値とが一致するか否かを判断することにより、前記検証を行い、一致しない場合に、検証に失敗したとみなして、前記検証結果を出力する
ことを特徴とする請求項2に記載の改ざん監視システム。 - 前記保護制御モジュールは、さらに、他の一個以上のアプリケーションプログラムを保護し、
前記管理装置は、さらに、他の前記アプリケーションプログラムについて、復号部分処理毎に復号検証値を生成し、復号部分処理毎に、前記アプリケーションプログラム及び他のアプリケーションプログラムを含む複数の前記アプリケーションプログラムについて生成された複数の前記復号検証値に対しデジタル署名を施して証明書を生成する証明書生成手段を含み、
前記検証データ生成手段は、復号部分処理毎に生成された他の前記アプリケーションプログラムについての前記復号検証値及び復号部分処理毎に生成された前記証明書を含む前記検証データを生成し、
前記出力手段は、前記証明書を含む前記検証データを前記保護制御モジュールへ出力し、
前記第二出力手段は、前記証明書を含む前記検証データを前記検知モジュールへ出力し、
前記受信手段は、前記証明書を含む前記検証データを受け取り、
前記検証手段は、さらに、復号部分処理毎に、受け取った前記検証データに含まれる前記証明書を用いて、検証を行う
ことを特徴とする請求項2に記載の改ざん監視システム。 - 前記検証手段は、前記検証データに含まれている前記入力データ及び受け取った前記出力データの両方に、一方向性の前記変換と同一の変換を施して、第二検証値を生成し、前記検証データに含まれる他の前記アプリケーションプログラムについての前記復号検証値及び生成した前記第二検証値、並びに、前記証明書を用いて、前記検証を行う
ことを特徴とする請求項4に記載の改ざん監視システム。 - 複数の前記復号部分処理は、それぞれ、複数の前記検知モジュールに対応しており、
前記第二出力手段は、各復号部分処理に対応する前記検知モジュールに対して、当該復号部分処理からの前記出力データ及び前記検証データを出力する
ことを特徴とする請求項2に記載の改ざん監視システム。 - 各検知モジュールは、さらに、自身に対応する前記復号部分処理を識別する識別情報を、他の検知モジュールに対して送信する送信手段を含み、
各検知モジュールの前記受信手段は、さらに、他の検知モジュールから、当該他の検知モジュールに対応する前記復号部分処理を識別する識別情報を受け取り、
各検知モジュールの前記検証手段は、さらに、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する識別情報の重複性、並びに、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する識別情報と、複数の前記復号部分処理をそれぞれ識別する識別情報との網羅性について検証を行う
ことを特徴とする請求項6に記載の改ざん監視システム。 - 各検知モジュールの前記検証手段は、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する前記識別情報に重複があるか、又は、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する前記識別情報が、複数の復号部分処理を識別する全ての識別情報を網羅していない場合に、検証に失敗した旨を示す検証結果を出力する
ことを特徴とする請求項7に記載の改ざん監視システム。 - 前記保護制御モジュールには、改ざんのない前記保護制御モジュールに対してデジタル署名を施して生成された改ざん検出用証明書が付されており、
各検知モジュールは、前記復号が終了し、前記復号鍵が消去されたのち、前記改ざん検出用証明書を用いて、前記保護制御モジュールに対する改ざんの検出を行う検証手段を含む
ことを特徴とする請求項1に記載の改ざん監視システム。 - 前記分散鍵生成手段は、生成された複数の分散鍵の加算により前記復号鍵が得られるように、複数の前記分散鍵を生成し、
前記復元手段は、複数の前記分散鍵の加算により、前記復号鍵を復元する
ことを特徴とする請求項1に記載の改ざん監視システム。 - 前記分散鍵生成手段は、秘密分散法を用いて、前記復号鍵から複数の前記分散鍵を生成し、
前記復元手段は、前記秘密分散法を用いて、複数の前記分散鍵から前記復号鍵を復元する
ことを特徴とする請求項1に記載の改ざん監視システム。 - 前記保護制御モジュールは、さらに、暗号化された前記アプリケーションプログラムを前記検知モジュールに対して出力する第二出力手段を含み、
各検知モジュールは、
前記保護制御モジュールから、暗号化された前記アプリケーションプログラムを取得する第二取得手段と、
記憶している前記分散鍵を用いて、暗号化された前記アプリケーションプログラムを部分復号して、部分復号文を生成する第二復号手段と、
生成した前記部分復号文を前記保護制御モジュールへ出力する第三出力手段とを含み、
前記取得手段は、各検知モジュールから、前記部分復号文を取得し、
前記復号手段は、取得した複数の前記部分復号文を用いて、暗号化された前記アプリケーションプログラムを復号する
ことを特徴とする請求項1に記載の改ざん監視システム。 - 前記アプリケーションプログラムは、RSA暗号方式により、暗号化され、
前記第二復号手段は、暗号化された前記アプリケーションプログラムに対して、前記分散鍵の値によるべき乗を施して、前記部分復号文を生成し、
前記復号手段は、複数の前記部分復号文の値を乗ずることより、暗号化された前記アプリケーションプログラムを復号する
ことを特徴とする請求項12に記載の改ざん監視システム。 - 前記保護制御モジュールは、さらに、全ての前記検知モジュールから、複数の検知モジュールを選択する選択手段を含み、
前記第二出力手段は、前記選択手段により選択された前記検知モジュールに対して、暗号化された前記アプリケーションプログラムを出力する
ことを特徴とする請求項12に記載の改ざん監視システム。 - 前記保護制御モジュールには、改ざんのない前記保護制御モジュールに対してデジタル署名を施して生成された改ざん検出用証明書が付されており、
各検知モジュールは、前記改ざん検出用証明書を用いて、前記保護制御モジュールに対する改ざんの検出を行う検証手段を含む
ことを特徴とする請求項12に記載の改ざん監視システム。 - 複数の前記検知モジュールのうち、一の前記検知モジュールは、無効化されており、
前記分散鍵生成手段は、さらに、無効化された前記検知モジュールに割り当てられた前記分散鍵を分解して、複数の再分散鍵を生成し、
前記出力手段は、さらに、生成した複数の再分散鍵を、それぞれ、無効化されていない複数の前記検知モジュールに出力し、
無効化されていない各検知モジュールは、さらに、前記再分散鍵を取得し、取得した前記再分散鍵を用いて、記憶している前記分散鍵を更新して新たな分散鍵を生成する分散鍵更新手段を含む
ことを特徴とする請求項1に記載の改ざん監視システム。 - 前記分散鍵生成手段は、生成された複数の再分散鍵の加算により前記分散鍵が得られるように、複数の前記再分散鍵を生成し、
前記分散鍵更新手段は、記憶している前記分散鍵に取得した前記再分散鍵を加算することにより、新たな前記分散鍵を生成する
ことを特徴とする請求項16に記載の改ざん監視システム。 - 複数の前記検知モジュールは、第一及び第二のグループに分類されており、
前記分散鍵生成手段は、さらに、前記復号鍵を分解して、複数の第二分散鍵を生成し、
前記出力手段は、生成した複数の前記分散鍵を、それぞれ、前記第一のグループに属する複数の前記検知モジュールに出力し、さらに、生成した複数の前記第二分散鍵を、それぞれ、前記第二のグループに属する複数の前記検知モジュールに出力し、
前記第一のグループに属する各検知モジュールは、前記分散鍵を取得して内部に記憶し、
前記第二のグループに属する各検知モジュールは、前記第二分散鍵を取得して内部に記憶し、
前記取得手段は、第一又は第二のグループに属する複数の前記検知モジュールからそれぞれ前記分散鍵又は前記第二分散鍵を取得し、
前記復元手段は、取得した複数の前記分散鍵を統合して、又は取得した複数の前記第二分散鍵を統合して、前記復号鍵を復元する
ことを特徴とする請求項1に記載の改ざん監視システム。 - 前記保護制御モジュール及び複数の前記検知モジュールは、それぞれ、コンピュータプログラムであって、
前記アプリケーションプログラム、前記保護制御モジュール及び複数の前記検知モジュールは、情報処理装置に記憶されている
ことを特徴とする請求項1に記載の改ざん監視システム。 - 前記出力手段は、前記情報処理装置の初期設定時に、複数の前記分散鍵を、それぞれ、複数の前記検知モジュールに出力する
ことを特徴とする請求項19に記載の改ざん監視システム。 - 前記取得手段は、前記情報処理装置において前記アプリケーションプログラムを実行する際に、複数の前記検知モジュールからそれぞれ前記分散鍵を取得する
ことを特徴とする請求項19に記載の改ざん監視システム。 - アプリケーションプログラムを保護する保護制御モジュールと、前記保護制御モジュールの改ざんを監視する複数の検知モジュールとを管理する管理装置であって、
暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵を生成する分散鍵生成手段と、
生成した複数の前記分散鍵を、それぞれ、複数の前記検知モジュールに出力する出力手段と
を備えることを特徴とする管理装置。 - 前記管理装置は、さらに、
暗号化された改ざんのない前記アプリケーションプログラムに対し、複数の復号部分処理から構成される復号処理を施し、復号部分処理毎に、当該復号部分処理への入力データ及び当該復号部分処理からの出力データの両方に対して、一方向性の変換を施して、復号検証値を生成し、復号部分処理毎に前記入力データ及び前記復号検証値を含む検証データを生成する検証データ生成手段を含み、
前記出力手段は、さらに、前記検証データを前記保護制御モジュールへ出力する
ことを特徴とする請求項22に記載の管理装置。 - 前記保護制御モジュールは、さらに、他の一個以上のアプリケーションプログラムを保護し、
前記管理装置は、さらに、他の前記アプリケーションプログラムについて、復号部分処理毎に復号検証値を生成し、復号部分処理毎に、前記アプリケーションプログラム及び他のアプリケーションプログラムを含む複数の前記アプリケーションプログラムについて生成された複数の前記復号検証値に対しデジタル署名を施して証明書を生成する証明書生成手段を含み、
前記検証データ生成手段は、復号部分処理毎に生成された他の前記アプリケーションプログラムについての前記復号検証値及び復号部分処理毎に生成された前記証明書を含む前記検証データを生成し、
前記出力手段は、前記証明書を含む前記検証データを前記保護制御モジュールへ出力する
ことを特徴とする請求項23に記載の管理装置。 - 前記分散鍵生成手段は、生成された複数の分散鍵の加算により前記復号鍵が得られるように、複数の前記分散鍵を生成する
ことを特徴とする請求項22に記載の管理装置。 - 前記分散鍵生成手段は、秘密分散法を用いて、前記復号鍵から複数の前記分散鍵を生成する
ことを特徴とする請求項22に記載の管理装置。 - 複数の前記検知モジュールのうち、一の前記検知モジュールは、無効化されており、
前記分散鍵生成手段は、さらに、無効化された前記検知モジュールに割り当てられた前記分散鍵を分解して、複数の再分散鍵を生成し、
前記出力手段は、さらに、生成した複数の再分散鍵を、それぞれ、無効化されていない複数の前記検知モジュールに出力する
ことを特徴とする請求項22に記載の管理装置。 - 前記分散鍵生成手段は、生成された複数の再分散鍵の加算により前記分散鍵が得られるように、複数の前記再分散鍵を生成する
ことを特徴とする請求項27に記載の管理装置。 - 複数の前記検知モジュールは、第一及び第二のグループに分類されており、
前記分散鍵生成手段は、さらに、前記復号鍵を分解して、複数の第二分散鍵を生成し、
前記出力手段は、生成した複数の前記分散鍵を、それぞれ、前記第一のグループに属する複数の前記検知モジュールに出力し、さらに、生成した複数の前記第二分散鍵を、それぞれ、前記第二のグループに属する複数の前記検知モジュールに出力する
ことを特徴とする請求項22に記載の管理装置。 - 前記保護制御モジュール及び複数の前記検知モジュールは、それぞれ、コンピュータプログラムであって、
前記アプリケーションプログラム、前記保護制御モジュール及び複数の前記検知モジュールは、情報処理装置に記憶されており、
前記出力手段は、前記情報処理装置の初期設定時に、複数の前記分散鍵を、それぞれ、複数の前記検知モジュールに出力する
ことを特徴とする請求項22に記載の管理装置。 - アプリケーションプログラムを保護し、複数の検知モジュールにより改ざんを監視される保護制御モジュールであって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
各検知モジュールにより、前記分散鍵が内部に記憶され、
前記保護制御モジュールは、
複数の前記検知モジュールからそれぞれ前記分散鍵を取得する取得手段と、
取得した複数の前記分散鍵を統合して、前記復号鍵を復元する復元手段と、
前記復元手段により復元された前記復号鍵を用いて、暗号化された前記アプリケーションプログラムを復号する復号手段と、
前記復号手段による復号が終了した後、前記復号鍵を消去する消去手段と
を備えることを特徴とする保護制御モジュール。 - 前記管理装置により、さらに、暗号化された改ざんのない前記アプリケーションプログラムに対し、複数の復号部分処理から構成される復号処理が施され、復号部分処理毎に、当該復号部分処理への入力データ及び当該復号部分処理からの出力データの両方に対して、一方向性の変換が施されて、復号検証値が生成され、復号部分処理毎に前記入力データ及び前記復号検証値を含む検証データが生成され、前記検証データが前記保護制御モジュールへ出力され、
前記復号手段は、暗号化された前記アプリケーションプログラムに対して、複数の復号部分処理から構成される復号処理を施し、
前記保護制御モジュールは、さらに、前記復号手段における復号部分処理毎に、当該復号部分処理からの出力データ及び受け取った前記検証データを検知モジュールへ出力する第二出力手段を含む
ことを特徴とする請求項31に記載の保護制御モジュール。 - 前記保護制御モジュールは、さらに、他の一個以上のアプリケーションプログラムを保護し、
前記管理装置により、さらに、他の前記アプリケーションプログラムについて、復号部分処理毎に復号検証値が生成され、復号部分処理毎に、前記アプリケーションプログラム及び他のアプリケーションプログラムを含む複数の前記アプリケーションプログラムについて生成された複数の前記復号検証値に対しデジタル署名を施して証明書が生成され、復号部分処理毎に生成された他の前記アプリケーションプログラムについての前記復号検証値及び復号部分処理毎に生成された前記証明書を含む前記検証データが生成され、前記証明書を含む前記検証データが前記保護制御モジュールへ出力され、
前記第二出力手段は、前記証明書を含む前記検証データを前記検知モジュールへ出力する
ことを特徴とする請求項32に記載の保護制御モジュール。 - 複数の前記復号部分処理は、それぞれ、複数の前記検知モジュールに対応しており、
前記第二出力手段は、各復号部分処理に対応する前記検知モジュールに対して、当該復号部分処理からの前記出力データ及び前記検証データを出力する
ことを特徴とする請求項32に記載の保護制御モジュール。 - 前記管理装置により、生成された複数の分散鍵の加算により前記復号鍵が得られるように、複数の前記分散鍵が生成され、
前記復元手段は、複数の前記分散鍵の加算により、前記復号鍵を復元する
ことを特徴とする請求項31に記載の保護制御モジュール。 - 前記管理装置により、秘密分散法を用いて、前記復号鍵から複数の前記分散鍵が生成され、
前記復元手段は、前記秘密分散法を用いて、複数の前記分散鍵から前記復号鍵を復元する
ことを特徴とする請求項31に記載の保護制御モジュール。 - 前記保護制御モジュールは、さらに、暗号化された前記アプリケーションプログラムを前記検知モジュールに対して出力する第二出力手段を含み、
各検知モジュールにより、前記保護制御モジュールから、暗号化された前記アプリケーションプログラムが取得され、記憶している前記分散鍵を用いて、暗号化された前記アプリケーションプログラムを部分復号して、部分復号文が生成され、生成された前記部分復号文が前記保護制御モジュールへ出力され、
前記取得手段は、各検知モジュールから、前記部分復号文を取得し、
前記復号手段は、取得した複数の前記部分復号文を用いて、暗号化された前記アプリケーションプログラムを復号する
ことを特徴とする請求項31に記載の保護制御モジュール。 - 前記アプリケーションプログラムは、RSA暗号方式により、暗号化され、
前記検知モジュールにより、暗号化された前記アプリケーションプログラムに対して、前記分散鍵の値によるべき乗を施して、前記部分復号文が生成され、
前記復号手段は、複数の前記部分復号文の値を乗ずることより、暗号化された前記アプリケーションプログラムを復号する
ことを特徴とする請求項37に記載の保護制御モジュール。 - 前記保護制御モジュールは、さらに、全ての前記検知モジュールから、複数の検知モジュールを選択する選択手段を含み、
前記第二出力手段は、前記選択手段により選択された前記検知モジュールに対して、暗号化された前記アプリケーションプログラムを出力する
ことを特徴とする請求項37に記載の保護制御モジュール。 - 複数の前記検知モジュールは、第一及び第二のグループに分類されており、
前記管理装置により、さらに、前記復号鍵を分解して、複数の第二分散鍵が生成され、生成した複数の前記分散鍵が、それぞれ、前記第一のグループに属する複数の前記検知モジュールに出力され、さらに、生成した複数の前記第二分散鍵が、それぞれ、前記第二のグループに属する複数の前記検知モジュールに出力され、
前記第一のグループに属する各検知モジュールにより、前記分散鍵が内部に記憶され、
前記第二のグループに属する各検知モジュールにより、前記第二分散鍵が内部に記憶され、
前記取得手段は、第一又は第二のグループに属する複数の前記検知モジュールからそれぞれ前記分散鍵又は前記第二分散鍵を取得し、
前記復元手段は、取得した複数の前記分散鍵を統合して、又は取得した複数の前記第二分散鍵を統合して、前記復号鍵を復元する
ことを特徴とする請求項31に記載の保護制御モジュール。 - 前記保護制御モジュール及び複数の前記検知モジュールは、それぞれ、コンピュータプログラムであって、
前記アプリケーションプログラム、前記保護制御モジュール及び複数の前記検知モジュールは、情報処理装置に記憶されている
ことを特徴とする請求項31に記載の保護制御モジュール。 - 前記取得手段は、前記情報処理装置において前記アプリケーションプログラムを実行する際に、複数の前記検知モジュールからそれぞれ前記分散鍵を取得する
ことを特徴とする請求項41に記載の保護制御モジュール。 - アプリケーションプログラムを保護する保護制御モジュールに対して、改ざんを監視する複数の検知モジュールのうちの一の検知モジュールであって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵が分解され、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
前記検知モジュールは、
前記分散鍵を取得する取得手段と、
取得した前記分散鍵を記憶する記憶手段と、
前記保護制御モジュールに対して、前記分散鍵を出力する出力手段と
を備えることを特徴とする検知モジュール。 - 前記管理装置により、暗号化された改ざんのない前記アプリケーションプログラムに対し、複数の復号部分処理から構成される復号処理が施され、復号部分処理毎に、当該復号部分処理への入力データ及び当該復号部分処理からの出力データの両方に対して、一方向性の変換が施されて、復号検証値が生成され、復号部分処理毎に前記入力データ及び前記復号検証値を含む検証データが生成され、さらに、前記検証データが前記保護制御モジュールへ出力され、
前記保護制御モジュールにより、暗号化された前記アプリケーションプログラムに対して、複数の復号部分処理から構成される復号処理が施され、さらに、前記復号手段における復号部分処理毎に、当該復号部分処理からの出力データ及び受け取った前記検証データが検知モジュールへ出力され、
前記検知モジュールは、さらに、
前記出力データ及び前記検証データを受け取る受信手段と、
受け取った前記出力データ及び前記検証データを用いて、検証を行い、検証に失敗した場合に、その検証結果を出力する検証手段とを含む
ことを特徴とする請求項43に記載の検知モジュール。 - 前記検証手段は、前記検証データに含まれている前記入力データ及び受け取った前記出力データの両方に、一方向性の前記変換と同一の変換を施して、第二検証値を生成し、前記検証データに含まれる前記復号検証値と、生成した前記第二検証値とが一致するか否かを判断することにより、前記検証を行い、一致しない場合に、検証に失敗したとみなして、前記検証結果を出力する
ことを特徴とする請求項44に記載の検知モジュール。 - 前記保護制御モジュールにより、さらに、他の一個以上のアプリケーションプログラムが保護され、
前記管理装置により、さらに、他の前記アプリケーションプログラムについて、復号部分処理毎に復号検証値が生成され、復号部分処理毎に、前記アプリケーションプログラム及び他のアプリケーションプログラムを含む複数の前記アプリケーションプログラムについて生成された複数の前記復号検証値に対しデジタル署名を施して証明書が生成され、復号部分処理毎に生成された他の前記アプリケーションプログラムについての前記復号検証値及び復号部分処理毎に生成された前記証明書を含む前記検証データが生成され、前記証明書を含む前記検証データが前記保護制御モジュールへ出力され、
前記保護制御モジュールにより、前記証明書を含む前記検証データが前記検知モジュールへ出力され、
前記受信手段は、前記証明書を含む前記検証データを受け取り、
前記検証手段は、さらに、復号部分処理毎に、受け取った前記検証データに含まれる前記証明書を用いて、検証を行う
ことを特徴とする請求項44に記載の検知モジュール。 - 前記検証手段は、前記検証データに含まれている前記入力データ及び受け取った前記出力データの両方に、一方向性の前記変換と同一の変換を施して、第二検証値を生成し、前記検証データに含まれる他の前記アプリケーションプログラムについての前記復号検証値及び生成した前記第二検証値、並びに、前記証明書を用いて、前記検証を行う
ことを特徴とする請求項46に記載の検知モジュール。 - 複数の前記復号部分処理は、それぞれ、複数の前記検知モジュールに対応しており、
前記保護制御モジュールにより、各復号部分処理に対応する前記検知モジュールに対して、当該復号部分処理からの前記出力データ及び前記検証データが出力され、
前記検知モジュールは、さらに、自身に対応する前記復号部分処理を識別する識別情報を、他の検知モジュールに対して送信する送信手段を含み、
前記受信手段は、さらに、他の検知モジュールから、当該他の検知モジュールに対応する前記復号部分処理を識別する前記識別情報を受け取り、
前記検証手段は、さらに、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する識別情報の重複性、並びに、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する識別情報と、複数の前記復号部分処理をそれぞれ識別する識別情報との網羅性について検証を行う
ことを特徴とする請求項44に記載の検知モジュール。 - 前記検証手段は、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する前記識別情報に重複があるか、又は、受け取った前記識別情報及び自身に対応する前記復号部分処理を識別する前記識別情報が、複数の復号部分処理を識別する全ての識別情報を網羅していない場合に、検証に失敗した旨を示す検証結果を出力する
ことを特徴とする請求項48に記載の検知モジュール。 - 前記保護制御モジュールには、改ざんのない前記保護制御モジュールに対してデジタル署名を施して生成された改ざん検出用証明書が付されており、
前記検知モジュールは、さらに、前記復号が終了し、前記復号鍵が消去されたのち、前記改ざん検出用証明書を用いて、前記保護制御モジュールに対する改ざんの検出を行う検証手段を含む
ことを特徴とする請求項43に記載の検知モジュール。 - 前記保護制御モジュールにより、さらに、暗号化された前記アプリケーションプログラムが前記検知モジュールに対して出力され、
前記検知モジュールは、さらに、
前記保護制御モジュールから、暗号化された前記アプリケーションプログラムを取得する第二取得手段と、
記憶している前記分散鍵を用いて、暗号化された前記アプリケーションプログラムを部分復号して、部分復号文を生成する第二復号手段と、
生成した前記部分復号文を前記保護制御モジュールへ出力する第三出力手段とを含む
ことを特徴とする請求項43に記載の検知モジュール。 - 前記アプリケーションプログラムは、RSA暗号方式により、暗号化され、
前記第二復号手段は、暗号化された前記アプリケーションプログラムに対して、前記分散鍵の値によるべき乗を施して、前記部分復号文を生成する
ことを特徴とする請求項51に記載の検知モジュール。 - 前記保護制御モジュールには、改ざんのない前記保護制御モジュールに対してデジタル署名を施して生成された改ざん検出用証明書が付されており、
前記検知モジュールは、さらに、前記改ざん検出用証明書を用いて、前記保護制御モジュールに対する改ざんの検出を行う検証手段を含む
ことを特徴とする請求項51に記載の検知モジュール。 - 複数の前記検知モジュールのうち、一の検知モジュールは、無効化されており、
前記管理装置により、さらに、無効化された前記検知モジュールに割り当てられた前記分散鍵が分解され、複数の再分散鍵が生成され、生成された複数の再分散鍵が、それぞれ、無効化されていない複数の前記検知モジュールに出力され、
無効化されていない前記検知モジュールは、さらに、前記再分散鍵を取得し、取得した前記再分散鍵を用いて、記憶している前記分散鍵を更新して新たな分散鍵を生成する分散鍵更新手段を含む
ことを特徴とする請求項43に記載の検知モジュール。 - 前記管理装置により、生成された複数の再分散鍵の加算により前記分散鍵が得られるように、複数の前記再分散鍵が生成され、
前記分散鍵更新手段は、記憶している前記分散鍵に取得した前記再分散鍵を加算することにより、新たな前記分散鍵を生成する
ことを特徴とする請求項54に記載の検知モジュール。 - 前記保護制御モジュール及び複数の前記検知モジュールは、それぞれ、コンピュータプログラムであって、
前記アプリケーションプログラム、前記保護制御モジュール及び複数の前記検知モジュールは、情報処理装置に記憶されている
ことを特徴とする請求項43に記載の検知モジュール。 - アプリケーションプログラムを保護する保護制御モジュールと、前記保護制御モジュールの改ざんを監視する複数の検知モジュールとを管理する管理装置において用いられる制御方法であって、
暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵を生成する分散鍵生成ステップと、
生成した複数の前記分散鍵を、それぞれ、複数の前記検知モジュールに出力する出力ステップと
を含むことを特徴とする制御方法。 - アプリケーションプログラムを保護する保護制御モジュールと、前記保護制御モジュールの改ざんを監視する複数の検知モジュールとを管理する管理装置において用いられる制御用のコンピュータプログラムを記録しているコンピュータ読取可能な記録媒体であって、
暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵を生成する分散鍵生成ステップと、
生成した複数の前記分散鍵を、それぞれ、複数の前記検知モジュールに出力する出力ステップとを
コンピュータである前記管理装置に実行させるためのコンピュータプログラムを記録している記録媒体。 - アプリケーションプログラムを保護する保護制御モジュールと、前記保護制御モジュールの改ざんを監視する複数の検知モジュールとを管理する管理装置において用いられる制御用のコンピュータプログラムであって、
暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵を生成する分散鍵生成ステップと、
生成した複数の前記分散鍵を、それぞれ、複数の前記検知モジュールに出力する出力ステップとを
コンピュータである前記管理装置に実行させるためのコンピュータプログラム。 - アプリケーションプログラムを保護する保護制御モジュールと、前記保護制御モジュールの改ざんを監視する複数の検知モジュールとを管理する管理装置を構成する集積回路であって、
暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵を生成する分散鍵生成手段と、
生成した複数の前記分散鍵を、それぞれ、複数の前記検知モジュールに出力する出力手段と
を備えることを特徴とする集積回路。 - アプリケーションプログラムを保護し、複数の検知モジュールにより改ざんを監視される保護制御モジュールにおいて用いられる制御方法であって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
各検知モジュールにより、前記分散鍵が内部に記憶され、
前記制御方法は、
複数の前記検知モジュールからそれぞれ前記分散鍵を取得する取得ステップと、
取得した複数の前記分散鍵を統合して、前記復号鍵を復元する復元ステップと、
前記復元ステップにより復元された前記復号鍵を用いて、暗号化された前記アプリケーションプログラムを復号する復号ステップと、
前記復号ステップによる復号が終了した後、前記復号鍵を消去する消去ステップと
を含むことを特徴とする制御方法。 - アプリケーションプログラムを保護し、複数の検知モジュールにより改ざんを監視される保護制御モジュールにおいて用いられる制御用のコンピュータプログラムを記録しているコンピュータ読取可能な記録媒体であって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
各検知モジュールにより、前記分散鍵が内部に記憶され、
コンピュータである前記保護制御モジュールに、
複数の前記検知モジュールからそれぞれ前記分散鍵を取得する取得ステップと、
取得した複数の前記分散鍵を統合して、前記復号鍵を復元する復元ステップと、
前記復元ステップにより復元された前記復号鍵を用いて、暗号化された前記アプリケーションプログラムを復号する復号ステップと、
前記復号ステップによる復号が終了した後、前記復号鍵を消去する消去ステップと
を実行させるためのコンピュータプログラムを記録している記録媒体。 - アプリケーションプログラムを保護し、複数の検知モジュールにより改ざんを監視される保護制御モジュールにおいて用いられる制御用のコンピュータプログラムであって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
各検知モジュールにより、前記分散鍵が内部に記憶され、
コンピュータである前記保護制御モジュールに、
複数の前記検知モジュールからそれぞれ前記分散鍵を取得する取得ステップと、
取得した複数の前記分散鍵を統合して、前記復号鍵を復元する復元ステップと、
前記復元ステップにより復元された前記復号鍵を用いて、暗号化された前記アプリケーションプログラムを復号する復号ステップと、
前記復号ステップによる復号が終了した後、前記復号鍵を消去する消去ステップと
を実行させるためのコンピュータプログラム。 - アプリケーションプログラムを保護し、複数の検知モジュールにより改ざんを監視される保護制御モジュールを構成する集積回路であって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵を分解して、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
各検知モジュールにより、前記分散鍵が内部に記憶され、
前記集積回路は、
複数の前記検知モジュールからそれぞれ前記分散鍵を取得する取得手段と、
取得した複数の前記分散鍵を統合して、前記復号鍵を復元する復元手段と、
前記復元手段により復元された前記復号鍵を用いて、暗号化された前記アプリケーションプログラムを復号する復号手段と、
前記復号手段による復号が終了した後、前記復号鍵を消去する消去手段と
を備えることを特徴とする集積回路。 - アプリケーションプログラムを保護する保護制御モジュールに対して、改ざんを監視する複数の検知モジュールのうちの一の検知モジュールにおいて用いられる方法であって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵が分解され、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
前記方法は、
前記分散鍵を取得する取得ステップと、
取得した前記分散鍵を記憶させる記憶ステップと、
前記保護制御モジュールに対して、前記分散鍵を出力する出力ステップと
を含むことを特徴とする方法。 - アプリケーションプログラムを保護する保護制御モジュールに対して、改ざんを監視する複数の検知モジュールのうちの一の検知モジュールにおいて用いられるコンピュータプログラムを記録しているコンピュータ読取可能な記録媒体であって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵が分解され、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
コンピュータである前記検知モジュールに、
前記分散鍵を取得する取得ステップと、
取得した前記分散鍵を記憶させる記憶ステップと、
前記保護制御モジュールに対して、前記分散鍵を出力する出力ステップと
を実行させるためのコンピュータプログラムを記録している記録媒体。 - アプリケーションプログラムを保護する保護制御モジュールに対して、改ざんを監視する複数の検知モジュールのうちの一の検知モジュールにおいて用いられるコンピュータプログラムであって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵が分解され、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
コンピュータである前記検知モジュールに、
前記分散鍵を取得する取得ステップと、
取得した前記分散鍵を記憶させる記憶ステップと、
前記保護制御モジュールに対して、前記分散鍵を出力する出力ステップと
を実行させるためのコンピュータプログラム。 - アプリケーションプログラムを保護する保護制御モジュールに対して、改ざんを監視する複数の検知モジュールのうちの一の検知モジュールを構成する集積回路であって、
管理装置により、暗号化された前記アプリケーションプログラムを復号するための復号鍵が分解され、複数の分散鍵が生成され、生成された複数の前記分散鍵が、それぞれ、複数の前記検知モジュールに出力され、
前記集積回路は、
前記分散鍵を取得する取得手段と、
取得した前記分散鍵を記憶する記憶手段と、
前記保護制御モジュールに対して、前記分散鍵を出力する出力手段と
を備えることを特徴とする集積回路。
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/643,671 US9311487B2 (en) | 2011-03-15 | 2012-03-01 | Tampering monitoring system, management device, protection control module, and detection module |
JP2013504541A JP5960678B2 (ja) | 2011-03-15 | 2012-03-01 | 改ざん監視システム、管理装置、保護制御モジュール及び検知モジュール |
CN201280001316.1A CN102893284B (zh) | 2011-03-15 | 2012-03-01 | 篡改监视***、管理装置、保护控制模组及检测模组 |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2011056045 | 2011-03-15 | ||
JP2011-056045 | 2011-03-15 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2012124270A1 true WO2012124270A1 (ja) | 2012-09-20 |
Family
ID=46830363
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2012/001399 WO2012124270A1 (ja) | 2011-03-15 | 2012-03-01 | 改ざん監視システム、管理装置、保護制御モジュール及び検知モジュール |
Country Status (4)
Country | Link |
---|---|
US (1) | US9311487B2 (ja) |
JP (1) | JP5960678B2 (ja) |
CN (1) | CN102893284B (ja) |
WO (1) | WO2012124270A1 (ja) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017024804A1 (zh) * | 2015-08-12 | 2017-02-16 | 腾讯科技(深圳)有限公司 | 一种数据加密方法、解密方法、装置和*** |
CN109711164A (zh) * | 2017-10-26 | 2019-05-03 | 京瓷办公信息***株式会社 | 信息处理装置和篡改检测方法 |
Families Citing this family (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103312494A (zh) * | 2012-03-14 | 2013-09-18 | 中国人民银行印制科学技术研究所 | 数据分散存储方法、数据还原方法及数据卡 |
US9166958B2 (en) * | 2012-07-17 | 2015-10-20 | Texas Instruments Incorporated | ID-based control unit-key fob pairing |
US9049011B1 (en) * | 2012-08-15 | 2015-06-02 | Washington State University | Secure key storage and distribution |
US11100234B2 (en) * | 2014-06-13 | 2021-08-24 | Hitachi Systems, Ltd. | Work recording apparatus, system, program, and method preventing confidential information leaks |
GB2513260B (en) * | 2014-06-27 | 2018-06-13 | PQ Solutions Ltd | System and method for quorum-based data recovery |
US9639687B2 (en) * | 2014-11-18 | 2017-05-02 | Cloudfare, Inc. | Multiply-encrypting data requiring multiple keys for decryption |
US10681078B2 (en) | 2016-06-10 | 2020-06-09 | Sophos Limited | Key throttling to mitigate unauthorized file access |
US10650154B2 (en) | 2016-02-12 | 2020-05-12 | Sophos Limited | Process-level control of encrypted content |
US10791097B2 (en) | 2016-04-14 | 2020-09-29 | Sophos Limited | Portable encryption format |
US10263966B2 (en) | 2016-04-14 | 2019-04-16 | Sophos Limited | Perimeter enforcement of encryption rules |
US9984248B2 (en) | 2016-02-12 | 2018-05-29 | Sophos Limited | Behavioral-based control of access to encrypted content by a process |
US10628597B2 (en) | 2016-04-14 | 2020-04-21 | Sophos Limited | Just-in-time encryption |
US10686827B2 (en) | 2016-04-14 | 2020-06-16 | Sophos Limited | Intermediate encryption for exposed content |
CN106603243B (zh) * | 2016-04-08 | 2020-06-16 | 数安时代科技股份有限公司 | 数字签名的私钥处理方法和装置 |
GB2551983B (en) | 2016-06-30 | 2020-03-04 | Sophos Ltd | Perimeter encryption |
US10819719B2 (en) * | 2016-10-11 | 2020-10-27 | General Electric Company | Systems and methods for protecting a physical asset against a threat |
US10311217B2 (en) * | 2016-12-09 | 2019-06-04 | Microsoft Technology Licensing, Llc | Application piracy prevention with secure enclave protection of automatically modularized functions |
GB201705621D0 (en) * | 2017-04-07 | 2017-05-24 | Nchain Holdings Ltd | Computer-implemented system and method |
JP6584487B2 (ja) * | 2017-12-20 | 2019-10-02 | キヤノン株式会社 | 情報処理装置、その制御方法およびプログラム |
CN108155989B (zh) * | 2017-12-28 | 2020-11-03 | 贵州玛迩比特通信科技有限公司 | 一种多用户认证方法及*** |
US11330438B2 (en) * | 2018-05-14 | 2022-05-10 | Ppip, Llc | Active base providing local man-in-the-middle firewall |
US11284257B2 (en) * | 2018-05-14 | 2022-03-22 | Ppip, Llc | Validation engine |
KR102083757B1 (ko) | 2019-05-17 | 2020-03-02 | 김성완 | 블록체인 네트워크를 구성하는 노드 장치 및 그 노드 장치의 동작 방법 |
JP7318490B2 (ja) * | 2019-11-01 | 2023-08-01 | 富士通株式会社 | 暗号処理システム及び暗号処理方法 |
US11941109B2 (en) * | 2021-12-21 | 2024-03-26 | Cyberark Software Ltd. | Customizable and dynamically mutable operating systems |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH11205304A (ja) * | 1998-01-09 | 1999-07-30 | Nippon Chemicon Corp | プログラムの不正使用防止方法 |
JP2004341152A (ja) * | 2003-05-15 | 2004-12-02 | Oki Electric Ind Co Ltd | 秘密分散方法、秘密分散システム、及び分散演算装置 |
JP2005184134A (ja) * | 2003-12-16 | 2005-07-07 | Murata Mach Ltd | 電子署名方法とそのプログラム及び装置 |
WO2010092832A1 (ja) * | 2009-02-16 | 2010-08-19 | パナソニック株式会社 | 不正モジュール特定装置、情報処理装置、不正モジュール特定方法、不正モジュール特定プログラム、集積回路、不正モジュール無効化システム、および不正モジュール無効化方法 |
Family Cites Families (37)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020013898A1 (en) * | 1997-06-04 | 2002-01-31 | Sudia Frank W. | Method and apparatus for roaming use of cryptographic values |
US5825880A (en) * | 1994-01-13 | 1998-10-20 | Sudia; Frank W. | Multi-step digital signature method and system |
FR2793050B1 (fr) * | 1999-04-28 | 2001-08-17 | Fingerprint | Procede pour securiser un logiciel d'utilisation a partir d'une unite de traitement et de memorisation d'un secret et systeme en faisant application |
US20070271191A1 (en) * | 2000-03-09 | 2007-11-22 | Andres Torrubia-Saez | Method and apparatus for secure distribution of software |
US6965994B1 (en) * | 2001-01-30 | 2005-11-15 | Microsoft Corporation | Security mechanism for computer processing modules |
WO2002103960A2 (en) * | 2001-06-14 | 2002-12-27 | Okena, Inc. | Stateful distributed event processing and adaptive security |
US7428751B2 (en) * | 2002-12-05 | 2008-09-23 | Microsoft Corporation | Secure recovery in a serverless distributed file system |
JP2004234645A (ja) * | 2003-01-10 | 2004-08-19 | Canon Inc | 画像形成装置の監視装置、該監視装置による制御方法、及び該制御方法を実行するプログラム、並びに管理装置、該管理装置による制御方法、及び該制御方法を実行するプログラム |
US8225290B2 (en) * | 2003-02-11 | 2012-07-17 | V. i. Laboratories, Inc. | Systems and methods for regulating execution of computer software |
JP4292835B2 (ja) * | 2003-03-13 | 2009-07-08 | 沖電気工業株式会社 | 秘密再構成方法、分散秘密再構成装置、及び秘密再構成システム |
CN102982065B (zh) * | 2003-09-15 | 2016-09-21 | 起元科技有限公司 | 数据处理方法、数据处理装置及计算机可读存储介质 |
JP4335707B2 (ja) * | 2004-02-06 | 2009-09-30 | Necエレクトロニクス株式会社 | プログラム改竄検出装置、及びプログラム改竄検出プログラムおよびプログラム改竄検出方法 |
US7831838B2 (en) * | 2004-03-05 | 2010-11-09 | Microsoft Corporation | Portion-level in-memory module authentication |
ES2363517T3 (es) * | 2004-04-02 | 2011-08-08 | Panasonic Corporation | Sistema de detección de contenido no autorizado. |
US20090249085A1 (en) * | 2004-06-29 | 2009-10-01 | Nagracard S.A. | Security module and personalization method for such a security module |
WO2006003632A2 (en) | 2004-07-02 | 2006-01-12 | Philips Intellectual Property & Standards Gmbh | Security unit and method for protecting data |
US7661135B2 (en) * | 2004-08-10 | 2010-02-09 | International Business Machines Corporation | Apparatus, system, and method for gathering trace data indicative of resource activity |
JP4562464B2 (ja) * | 2004-09-07 | 2010-10-13 | 富士通株式会社 | 情報処理装置 |
JP4496061B2 (ja) * | 2004-11-11 | 2010-07-07 | パナソニック株式会社 | 機密情報処理装置 |
WO2006129654A1 (ja) * | 2005-06-01 | 2006-12-07 | Matsushita Electric Industrial Co., Ltd. | 電子機器、更新サーバ装置、鍵更新装置 |
EP1811412A1 (en) | 2005-08-04 | 2007-07-25 | Intelligent Wave Inc. | Computer control method using externally connected device and computer control system |
US7509528B2 (en) * | 2006-03-10 | 2009-03-24 | Alcatel Lucent | Transaction bundling for improved redundancy |
JP5214474B2 (ja) | 2007-02-16 | 2013-06-19 | パナソニック株式会社 | 分散情報配布装置、保持装置、認証局装置及びシステム |
US8861734B2 (en) * | 2007-08-22 | 2014-10-14 | Nec Corporation | Secret information distribution system, method, program, and transmission system |
JP5201716B2 (ja) * | 2007-09-28 | 2013-06-05 | 東芝ソリューション株式会社 | 暗号モジュール配信システム、暗号管理サーバ装置、暗号処理装置、クライアント装置、暗号管理プログラム、暗号処理プログラム、およびクライアントプログラム |
EP2232760B1 (en) * | 2007-11-26 | 2019-01-16 | Koolspan, Inc. | System for and method of cryptographic provisioning |
US8483386B2 (en) * | 2007-12-12 | 2013-07-09 | Nec Corporation | Share generation apparatus, reconstruction apparatus, verification apparatus, and secret sharing system |
CN101236590B (zh) * | 2008-03-07 | 2010-11-03 | 北京邮电大学 | 一种基于门限密码体制的软件分割保护的实现方法 |
US8464347B2 (en) * | 2008-03-28 | 2013-06-11 | Panasonic Corporation | Software updating apparatus, software updating system, alteration verification method and alteration verification program |
US8381298B2 (en) * | 2008-06-30 | 2013-02-19 | Microsoft Corporation | Malware detention for suspected malware |
US20100162005A1 (en) * | 2008-12-23 | 2010-06-24 | David Dodgson | Storage communities of interest using cryptographic splitting |
US20100154053A1 (en) * | 2008-12-17 | 2010-06-17 | David Dodgson | Storage security using cryptographic splitting |
CN101739531A (zh) | 2008-11-24 | 2010-06-16 | 英属开曼群岛商康帝国际科技股份有限公司 | 使用多重密钥表单来加强数据加密的方法与*** |
US20100325431A1 (en) * | 2009-06-19 | 2010-12-23 | Joseph Martin Mordetsky | Feature-Specific Keys for Executable Code |
JP5582143B2 (ja) * | 2009-06-19 | 2014-09-03 | 日本電気株式会社 | 秘密情報分散システム,秘密情報分散方法及びプログラム |
US8438401B2 (en) * | 2009-09-22 | 2013-05-07 | Raytheon BBN Technologies, Corp. | Device and method for securely storing data |
US8861717B2 (en) * | 2009-12-22 | 2014-10-14 | Nec Corporation | Verification device, secret information restoration device, verification method, program, and secret sharing system |
-
2012
- 2012-03-01 US US13/643,671 patent/US9311487B2/en active Active
- 2012-03-01 JP JP2013504541A patent/JP5960678B2/ja active Active
- 2012-03-01 WO PCT/JP2012/001399 patent/WO2012124270A1/ja active Application Filing
- 2012-03-01 CN CN201280001316.1A patent/CN102893284B/zh active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH11205304A (ja) * | 1998-01-09 | 1999-07-30 | Nippon Chemicon Corp | プログラムの不正使用防止方法 |
JP2004341152A (ja) * | 2003-05-15 | 2004-12-02 | Oki Electric Ind Co Ltd | 秘密分散方法、秘密分散システム、及び分散演算装置 |
JP2005184134A (ja) * | 2003-12-16 | 2005-07-07 | Murata Mach Ltd | 電子署名方法とそのプログラム及び装置 |
WO2010092832A1 (ja) * | 2009-02-16 | 2010-08-19 | パナソニック株式会社 | 不正モジュール特定装置、情報処理装置、不正モジュール特定方法、不正モジュール特定プログラム、集積回路、不正モジュール無効化システム、および不正モジュール無効化方法 |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017024804A1 (zh) * | 2015-08-12 | 2017-02-16 | 腾讯科技(深圳)有限公司 | 一种数据加密方法、解密方法、装置和*** |
CN106452770A (zh) * | 2015-08-12 | 2017-02-22 | 深圳市腾讯计算机***有限公司 | 一种数据加密方法、解密方法、装置和*** |
US10659226B2 (en) | 2015-08-12 | 2020-05-19 | Tencent Technology (Shenzhen) Company Limited | Data encryption method, decryption method, apparatus, and system |
CN109711164A (zh) * | 2017-10-26 | 2019-05-03 | 京瓷办公信息***株式会社 | 信息处理装置和篡改检测方法 |
CN109711164B (zh) * | 2017-10-26 | 2023-05-02 | 京瓷办公信息***株式会社 | 信息处理装置和篡改检测方法 |
Also Published As
Publication number | Publication date |
---|---|
US20130039491A1 (en) | 2013-02-14 |
CN102893284B (zh) | 2016-07-06 |
JP5960678B2 (ja) | 2016-08-02 |
CN102893284A (zh) | 2013-01-23 |
JPWO2012124270A1 (ja) | 2014-07-17 |
US9311487B2 (en) | 2016-04-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5960678B2 (ja) | 改ざん監視システム、管理装置、保護制御モジュール及び検知モジュール | |
CN102271037B (zh) | 基于在线密钥的密钥保护装置 | |
US7886355B2 (en) | Subsidy lock enabled handset device with asymmetric verification unlocking control and method thereof | |
US8464347B2 (en) | Software updating apparatus, software updating system, alteration verification method and alteration verification program | |
US8769312B2 (en) | Tampering monitoring system, protection control module, and detection module | |
US7877604B2 (en) | Proof of execution using random function | |
US8281115B2 (en) | Security method using self-generated encryption key, and security apparatus using the same | |
US8683214B2 (en) | Method and device that verifies application program modules | |
JP5097130B2 (ja) | 情報端末、セキュリティデバイス、データ保護方法及びデータ保護プログラム | |
US20050283662A1 (en) | Secure data backup and recovery | |
Barker | Framework for Designing Cryptographic Key Management Systems | |
WO2011152065A1 (ja) | コントローラ、制御方法、コンピュータプログラム、プログラム記録媒体、記録装置及び記録装置の製造方法 | |
US8745735B2 (en) | Monitoring system, program-executing device, monitoring program, recording medium and integrated circuit | |
CN108833440B (zh) | 一种基于区块链的网络安全审计***及网络安全审计方法 | |
JP5052287B2 (ja) | ロボット不正使用防止装置およびロボット不正使用防止方法 | |
CN112332975A (zh) | 物联网设备安全通信方法及*** | |
CN101166096B (zh) | 基于公开密钥加密的数据存储和数据检索 | |
CN105468940A (zh) | 软件保护方法及装置 | |
CN110659506A (zh) | 基于密钥刷新对存储器进行重放保护 | |
JPWO2015045172A1 (ja) | 情報処理装置及び情報処理方法 | |
JPWO2008093690A1 (ja) | 分散情報生成装置、復元装置、復元結果検証装置、秘密情報分散システム、方法およびプログラム | |
CN109784072B (zh) | 一种安全文件管理方法和*** | |
JP2009284231A (ja) | 鍵生成装置、鍵生成方法及び鍵生成プログラム、並びに、電子機器 | |
JP4791971B2 (ja) | データ再生方法及びデータ処理装置 | |
CN117914499A (zh) | 证书申请和验证方法、装置、设备以及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 201280001316.1 Country of ref document: CN |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2013504541 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 13643671 Country of ref document: US |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 12757815 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 12757815 Country of ref document: EP Kind code of ref document: A1 |