Data processing system, memory device, data processing unit, and ...
US007409554B2
(12) Ulllted States Patent
(10) Patent N0.:
Ishibashi et a]. (54)
(45) Date of Patent:
DATA PROCESSING SYSTEM, MEMORY
(58)
713/173, 175, 176, 156, 157, 159; 726/9,
DATA PROCESSING METHOD AND PROGRAM
726/10, 20
See application ?le for complete search history. (56)
(75) Inventors: Yoshihito Ishibashi, Tokyo (JP); Susumu Kusakabe, Tokyo (JP); Hideaki Watanabe, Tokyo (JP)
References Cited US. PATENT DOCUMENTS 4,855,578 A 4,912,310 A
(73) Assignee: Sony Corporation (JP) Notice:
Aug. 5, 2008
Field of Classi?cation Search ............... .. 713/ 172,
DEVICE, DATA PROCESSING UNIT, AND
(*)
US 7,409,554 B2
8/1989 Hirokawa et a1. 3/1990 Uemura et 31.
6,005,942 A *
12/1999
6,112,985 A 6,317,832 B1* 7,046,810 B2 * 7,058,804 B1*
Subject to any disclaimer, the term of this patent is extended or adjusted under 35
U.S.C. 154(b) by 743 days.
Chan et al. ................ .. 713/187
9/2000 Weinlaender 11/2001 5/2006 6/2006
Everett et al. ............. .. 713/172 Takada et al. ............. .. 380/284 Akashika et al. .......... .. 713/156
FOREIGN PATENT DOCUMENTS
(21) Appl. N0.:
10/311,766
(22) PcT Filed:
Apr. 17,2002
(86)
PCT No.:
PCT/JP02/03805
* cited by examiner
ยง 371 (0)0), (2), (4) Date:
May 21, 2003
Assistant ExamineriBeemnet W Dada
EP FR JP JP
0 440 800 Al 2 661996 61-110266 Al 2000-276568 A1
8/1991 ll/l99l 5/1986 10/2000
Primary ExamineriKimyen Vu (74) Attorney, Agent, or FirmiLemer, David, Littenberg,
(87)
PCT Pub. No.: WO02/089048
KrumholZ & Mentlik, LLP
PCT Pub. Date: Nov. 7, 2002
(57)
(65)
To provide an improved management structure of memory devices storing service-use applications. A card for a memory
Prior Publication Data US 2004/0006695 A1
Jan. 8, 2004
device applied to use various services is provided as one child card or more corresponding to each of the services, a parent
Foreign Application Priority Data
(30)
Apr. 23, 2001 Aug. 20, 2001
(JP)
........................... .. 2001-123890
(JP)
........................... .. 2001-249588
card-stores data for child-card issue management, and the child-card issue processing is executed based on the parent card, such as parent card authentication. An issue certi?cate
having a parent-card digital signature is stored in the child card, the issue certi?cate contains a service code and a child card identi?cation, and thus it becomes possible to con?rm a
(51) Int.Cl. H04L 9/00 (52)
ABSTRACT
(2006.01)
service set in the child cardbased on the issue certi?cate as the
us. c1. ..................... .. 713/175;713/156;713/157;
parent-card signature data.
713/159; 713/172; 713/173; 713/176; 726/9; 34 Claims, 25 Drawing Sheets
726/10; 726/20
303 PARENT 301
CARD
5
305
PARENT-CARD 3" INTERFACE
H LD- ARD
PARENT CARD CA1
|CSSIUE c
(EEC 0R RSA)
APPLICATION
312
@ CHECK GENERATION HISTORY @ GENERATE ISSUE CERTIFICATE (D SAVE GENERATION HISTORY
OPERATION PROCESSING MEANS
G) MUTUAL AUTHENTICATION BETWEEN PARENT CARD
304
AND PKI
@ REVOCATION VALIDATION @ MUTUAL AUTHENTICATION BETWEEN CHILD CARD
4.
AND PKI
Q) SEND CHILD-CARD ID AND SERVICE CODE To PARENT CARD
CHILD CARD 306
302 S
UPPER APPLICATION
(FOR EXAMPLE. IN CHILD CARD CA2
(Ecc OR RSA)
TH CASE OF COMMUTER'S TICKET CARD, A COMMUTER'S GENER N
@ SAVE ISSUE CERTIFICATE
(D RECEIVE ISSUE CERTIFICATE sEND ISSUE CERTIFICATE @ To CHILD cARD
CHILD-CARD
INTERFACE
313
DB SERVER
0N REVOCATI MANAGEMENT
US. Patent
Aug. 5, 2008
Sheet 1 0f 25
US 7,409,554 B2
NE
2;
N$595
02 _ .
65 E .01 _,E
5 m351%
Q:m:EN:.
Ex255.$2526wwa. 5E 5 \โ
F525%
mm:0.550
E5
US. Patent
Aug. 5, 2008
Sheet 2 0f 25
US 7,409,554 B2
FIG. 2 200
S 202 COMMUNICATION llF
MEMORY PART
206
(EEPROM) 201
ENCRYPTION
205
PROCESSING PART
CPU
RAM
204
ROM
203
US. Patent
Aug. 5, 2008
Sheet 5 0f 25
US 7,409,554 B2
FIG. 5 VERSION NUMBER
CERTIFICATE SERIAL-NUMBER (SN) SIGNATURE ALGORITHM IDENTIFICATION FIELD: ALGORITHM AND PARAMETER
NAME OF ISSUE AUTHORITY (CERTIFICATE AUTHORITY) CERTIFICATE VALIDATED DATE FIELD: START DATE & TIME, END DATE & TIME
PUBLIC KEY CERTIFICATE USER IDENTIFICATION (ID) USER PUBLIC KEY OPTION AREA
ISSUE AUTHORITY (CERTIFICATE AUTHORITY) SIGNATURE
US. Patent
Aug. 5,2008
US 7,409,554 B2
Sheet 6 0f 25
FIG. 6
CHI LD-CARD ISSUE APPLICATION USER INFORMATION
PRIVATE KEY K(SI)
PUBLIC KEY K(pI) PUBLIC KEY CERTIFICATE C(I) CAI PUBLIC KEY CERTIFICATE C(CAI) CHILD-CARD ISSUE HISTORY SERVICE CODE 0x01
NUMBER OF TIMES 0
UPPER LIMIT 1
0x02
0
1
0x03
0
2
US. Patent
Aug. 5, 2008
Sheet 8 0f 25
US 7,409,554 B2
LET p BE CHARACTERISTIC, a AND b
x
BE COEFFICIENTS OF ELLIPTIC CURvE,
5โ
ELLIPTIC CURvE BE y2 = x3 + ax + b,
G BE BASE POINT, r BE ORDER OF G, M BE MESSAGE, KS BE PRIVATE KEY. G AND KSXG BE PUBLIC KEY V
CALCULATE f= HaSh(M)
x52
V
GENERATEU BY RANDOM NUMBER
โ'53
GENERATOR WHERE o < u < r
(12) Ulllted States Patent
(10) Patent N0.:
Ishibashi et a]. (54)
(45) Date of Patent:
DATA PROCESSING SYSTEM, MEMORY
(58)
713/173, 175, 176, 156, 157, 159; 726/9,
DATA PROCESSING METHOD AND PROGRAM
726/10, 20
See application ?le for complete search history. (56)
(75) Inventors: Yoshihito Ishibashi, Tokyo (JP); Susumu Kusakabe, Tokyo (JP); Hideaki Watanabe, Tokyo (JP)
References Cited US. PATENT DOCUMENTS 4,855,578 A 4,912,310 A
(73) Assignee: Sony Corporation (JP) Notice:
Aug. 5, 2008
Field of Classi?cation Search ............... .. 713/ 172,
DEVICE, DATA PROCESSING UNIT, AND
(*)
US 7,409,554 B2
8/1989 Hirokawa et a1. 3/1990 Uemura et 31.
6,005,942 A *
12/1999
6,112,985 A 6,317,832 B1* 7,046,810 B2 * 7,058,804 B1*
Subject to any disclaimer, the term of this patent is extended or adjusted under 35
U.S.C. 154(b) by 743 days.
Chan et al. ................ .. 713/187
9/2000 Weinlaender 11/2001 5/2006 6/2006
Everett et al. ............. .. 713/172 Takada et al. ............. .. 380/284 Akashika et al. .......... .. 713/156
FOREIGN PATENT DOCUMENTS
(21) Appl. N0.:
10/311,766
(22) PcT Filed:
Apr. 17,2002
(86)
PCT No.:
PCT/JP02/03805
* cited by examiner
ยง 371 (0)0), (2), (4) Date:
May 21, 2003
Assistant ExamineriBeemnet W Dada
EP FR JP JP
0 440 800 Al 2 661996 61-110266 Al 2000-276568 A1
8/1991 ll/l99l 5/1986 10/2000
Primary ExamineriKimyen Vu (74) Attorney, Agent, or FirmiLemer, David, Littenberg,
(87)
PCT Pub. No.: WO02/089048
KrumholZ & Mentlik, LLP
PCT Pub. Date: Nov. 7, 2002
(57)
(65)
To provide an improved management structure of memory devices storing service-use applications. A card for a memory
Prior Publication Data US 2004/0006695 A1
Jan. 8, 2004
device applied to use various services is provided as one child card or more corresponding to each of the services, a parent
Foreign Application Priority Data
(30)
Apr. 23, 2001 Aug. 20, 2001
(JP)
........................... .. 2001-123890
(JP)
........................... .. 2001-249588
card-stores data for child-card issue management, and the child-card issue processing is executed based on the parent card, such as parent card authentication. An issue certi?cate
having a parent-card digital signature is stored in the child card, the issue certi?cate contains a service code and a child card identi?cation, and thus it becomes possible to con?rm a
(51) Int.Cl. H04L 9/00 (52)
ABSTRACT
(2006.01)
service set in the child cardbased on the issue certi?cate as the
us. c1. ..................... .. 713/175;713/156;713/157;
parent-card signature data.
713/159; 713/172; 713/173; 713/176; 726/9; 34 Claims, 25 Drawing Sheets
726/10; 726/20
303 PARENT 301
CARD
5
305
PARENT-CARD 3" INTERFACE
H LD- ARD
PARENT CARD CA1
|CSSIUE c
(EEC 0R RSA)
APPLICATION
312
@ CHECK GENERATION HISTORY @ GENERATE ISSUE CERTIFICATE (D SAVE GENERATION HISTORY
OPERATION PROCESSING MEANS
G) MUTUAL AUTHENTICATION BETWEEN PARENT CARD
304
AND PKI
@ REVOCATION VALIDATION @ MUTUAL AUTHENTICATION BETWEEN CHILD CARD
4.
AND PKI
Q) SEND CHILD-CARD ID AND SERVICE CODE To PARENT CARD
CHILD CARD 306
302 S
UPPER APPLICATION
(FOR EXAMPLE. IN CHILD CARD CA2
(Ecc OR RSA)
TH CASE OF COMMUTER'S TICKET CARD, A COMMUTER'S GENER N
@ SAVE ISSUE CERTIFICATE
(D RECEIVE ISSUE CERTIFICATE sEND ISSUE CERTIFICATE @ To CHILD cARD
CHILD-CARD
INTERFACE
313
DB SERVER
0N REVOCATI MANAGEMENT
US. Patent
Aug. 5, 2008
Sheet 1 0f 25
US 7,409,554 B2
NE
2;
N$595
02 _ .
65 E .01 _,E
5 m351%
Q:m:EN:.
Ex255.$2526wwa. 5E 5 \โ
F525%
mm:0.550
E5
US. Patent
Aug. 5, 2008
Sheet 2 0f 25
US 7,409,554 B2
FIG. 2 200
S 202 COMMUNICATION llF
MEMORY PART
206
(EEPROM) 201
ENCRYPTION
205
PROCESSING PART
CPU
RAM
204
ROM
203
US. Patent
Aug. 5, 2008
Sheet 5 0f 25
US 7,409,554 B2
FIG. 5 VERSION NUMBER
CERTIFICATE SERIAL-NUMBER (SN) SIGNATURE ALGORITHM IDENTIFICATION FIELD: ALGORITHM AND PARAMETER
NAME OF ISSUE AUTHORITY (CERTIFICATE AUTHORITY) CERTIFICATE VALIDATED DATE FIELD: START DATE & TIME, END DATE & TIME
PUBLIC KEY CERTIFICATE USER IDENTIFICATION (ID) USER PUBLIC KEY OPTION AREA
ISSUE AUTHORITY (CERTIFICATE AUTHORITY) SIGNATURE
US. Patent
Aug. 5,2008
US 7,409,554 B2
Sheet 6 0f 25
FIG. 6
CHI LD-CARD ISSUE APPLICATION USER INFORMATION
PRIVATE KEY K(SI)
PUBLIC KEY K(pI) PUBLIC KEY CERTIFICATE C(I) CAI PUBLIC KEY CERTIFICATE C(CAI) CHILD-CARD ISSUE HISTORY SERVICE CODE 0x01
NUMBER OF TIMES 0
UPPER LIMIT 1
0x02
0
1
0x03
0
2
US. Patent
Aug. 5, 2008
Sheet 8 0f 25
US 7,409,554 B2
LET p BE CHARACTERISTIC, a AND b
x
BE COEFFICIENTS OF ELLIPTIC CURvE,
5โ
ELLIPTIC CURvE BE y2 = x3 + ax + b,
G BE BASE POINT, r BE ORDER OF G, M BE MESSAGE, KS BE PRIVATE KEY. G AND KSXG BE PUBLIC KEY V
CALCULATE f= HaSh(M)
x52
V
GENERATEU BY RANDOM NUMBER
โ'53
GENERATOR WHERE o < u < r
