US20110237326A1 - Data authentication method and data authentication system - Google Patents
Data authentication method and data authentication system Download PDFInfo
- Publication number
- US20110237326A1 US20110237326A1 US13/153,706 US201113153706A US2011237326A1 US 20110237326 A1 US20110237326 A1 US 20110237326A1 US 201113153706 A US201113153706 A US 201113153706A US 2011237326 A1 US2011237326 A1 US 2011237326A1
- Authority
- US
- United States
- Prior art keywords
- digest
- stored
- value
- digest value
- primary
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Definitions
- the technology herein relates to a data authentication method, and more particularly, to a data authentication method for authenticating data which is provided from an authentic source.
- Patent Document 1 Japanese Laid-Open Patent Publication No. 2006-74421 describes a technique of verifying the authenticity of program data stored in an information storage medium.
- the information storage medium stores content data and a content hash table.
- the content hash table is data including hash values (digest values) corresponding to respective pieces of data (subdivided content data) which are obtained by subdividing the content data.
- An information processing apparatus which reads the content data reads the subdivided content data and the digest value, and checks a hash value calculated from the subdivided content data against the read hash value. Thereby, the information processing apparatus can execute the hash value calculating process and the hash value checking process for each piece of subdivided content data. Therefore, the information processing apparatus, when reading a part of the content data, needs to perform the checking process only with respect to a part which is to be actually read out, whereby the authenticity of the content data can be efficiently verified.
- the information storage medium stores a content certificate which is obtained by using a digital signature to encrypt content hash values calculated from the content hash table.
- a content certificate which is obtained by using a digital signature to encrypt content hash values calculated from the content hash table.
- the information processing apparatus when verifying the authenticity of data in the information storage medium using the content certificate, calculates content hash values from the content hash table. Therefore, the information processing apparatus needs to read the whole content hash table into a memory. Therefore, as the data size of the content hash table increases, the capacity of the memory which should be provided in the information processing apparatus needs to be increased. Therefore, when it is difficult to provide a memory having a sufficiently large capacity (e.g., when the information processing apparatus is a mobile apparatus or the like), a memory capacity required for authentication may be insufficient. Note that it is contemplated that content data may be subdivided into larger data units so as to reduce the number of hash values, thereby reducing the data size of the content hash table. In this method, however, the efficiency of the checking process when a part of the content data is read is poor.
- example embodiments provide a data authentication method capable of efficiently performing the checking process and reducing a memory capacity required for authentication.
- a first aspect of certain example embodiments is directed to a method for use in an authentication apparatus (a game apparatus 10 ) for authenticating content data ( 1 ).
- the authentication apparatus can access a storage means storing the content data, a first digest table ( 2 ), a second digest table ( 3 ), and a digital signature ( 4 ).
- the first digest table includes primary digest values which are digest values corresponding to content data portions constituting the content data.
- the second digest table includes secondary digest values which are digest values corresponding to portions constituting the first digest table.
- the digital signature is generated from a secondary digest value included in the second digest table.
- the authentication method comprises a first reading step (S 11 ) and a first authentication step (S 12 to S 14 ).
- the first reading step reads out the second digest table and the digital signature from the storage means into a memory (RAM 24 ) of the authentication apparatus.
- the first authentication step verifies the authenticity of the content data using the digital signature read out into the memory and a secondary digest value included in the second digest table read out into the memory.
- the content data includes a plurality of content data portions.
- a primary digest value is calculated for each content data portion.
- the first digest table may include primary digest values corresponding to all the content data portions.
- data included in the second digest table e.g., all data included in the second digest table
- a predetermined operation e.g., a hash function is applied, etc.
- the digital signature may be data which is obtained by encrypting, using a predetermined private key, a digest value which has been obtained by applying a predetermined hash function to the data in the second digest table.
- the secondary digest values are calculated for respective groups each including a plurality of primary digest values.
- the authentication method further comprises a designation step (S 21 ), a first calculation step (S 24 ), a second authentication step (S 25 ), a second calculation step (S 27 ), and a third authentication step (S 28 ).
- the designation step designates a content data portion to be read out of the content data portions.
- the first calculation step calculates, from a group including a primary digest value corresponding to the designated content data portion, a secondary digest value corresponding to the group.
- the second authentication step verifies the authenticity of the content data by checking the secondary digest value calculated in the first calculation step against a secondary digest value corresponding to the group including the primary digest values corresponding to the designated content data portion.
- the second calculation step calculates, from the designated content data portion, a digest value of the content data portion, when authentication is successful in the second authentication step.
- the third authentication step verifies the authenticity of the content data by checking the digest value calculated in the second calculation step against the primary digest value corresponding to the designated content data portion.
- the authentication apparatus in response to determination of data to be read out of the data included in the content data (by a technique, such as random access or the like), the authentication apparatus may designate a content data portion including the data to be read out.
- the first authentication step may be executed after the authentication apparatus and the storage means become accessible and before the second authentication step is executed.
- a hash function for calculating a primary digest value from the content data portion may be the same as a hash function for calculating a secondary digest value from the first digest table portion.
- the digital signature may be generated based on a digest value corresponding to a plurality of secondary digest values included in the second digest table.
- a hash function for calculating the digest value has a higher security level than that of the hash function for calculating a primary digest value from the content data portion.
- a hash function has a high security level in the following cases:
- the hash function includes encryption (as compared to the hash function without encryption).
- a hash function for calculating a secondary digest value from a data portion of the first digest table may have a smaller processing amount for calculation of a digest value than that of a hash function for calculating a primary digest value from a data portion of the content data.
- the processing amount of calculation of a digest value is small in the following cases:
- the hash function includes encryption (as compared to the hash function without encryption).
- a hash function used in the first authentication step may have a higher security level than those of a hash function for calculating a secondary digest value from the first digest table portion and a hash function for calculating a primary digest value from the content data portion.
- An eighth aspect of certain example embodiments is directed to an authentication apparatus (game apparatus 10 ) for authenticating content data.
- the authentication apparatus can access a storage means (memory card 17 ) storing the content data, a first digest table including primary digest values which are digest values corresponding to content data portions constituting the content data, a second digest table including secondary digest values which are digest values corresponding to first digest table portions constituting the first digest table, and a digital signature generated from a secondary digest value included in the second digest table.
- the authentication apparatus comprises a reading means (a CPU core 21 for executing step S 11 , etc.; only step numbers are described in similar cases in this paragraph) and an authentication means (S 12 to S 14 ).
- the reading means reads out the second digest table and the digital signature from the storage means into a memory (RAM 24 ) of the authentication apparatus.
- the authentication means verifies the authenticity of the content data using the digital signature read out into the memory and a secondary digest value included in the second digest table read out into the memory.
- a ninth aspect of certain example embodiments is directed to a computer readable storage medium storing an authentication process program executed by a computer (CPU core 21 , etc.) of an authentication apparatus (game apparatus 10 ) for authenticating content data.
- the authentication apparatus can access a storage means storing the content data, a first digest table including primary digest values which are digest values corresponding to content data portions constituting the content data, a second digest table including secondary digest values which are digest values corresponding to first digest table portions constituting the first digest table, and a digital signature generated from a secondary digest value included in the second digest table.
- the authentication process program causes the computer to execute a reading step (S 11 ) and an authentication step (S 12 to S 14 ).
- the reading step reads out the second digest table and the digital signature from the storage means into a memory of the authentication apparatus.
- the authentication step verifies the authenticity of the content data using the digital signature read out into the memory and a secondary digest value included in the second digest table read out into the memory.
- a tenth aspect of certain example embodiments is directed to a data processing method for generating data to be stored into a storage means.
- the data processing method comprises a first calculation step (S 1 ), a second calculation step (S 2 ), a digital signature generating step (S 3 ), and a setting step (S 4 ).
- the first calculation step calculates primary digest values which are digest values corresponding to content data portions constituting content data.
- the second calculation step calculates secondary digest values which are digest values corresponding to first digest table portions constituting a first digest table including the primary digest values calculated in the first calculation step.
- the digital signature generating step generates a digital signature from a second digest table including the secondary digest values calculated in the second calculation step.
- the setting step sets the content data, the first digest table, the second digest table, and the digital signature as data to be stored into the storage means.
- An eleventh aspect of certain example embodiments is directed to a computer readable storage medium.
- the storage medium stores content data, a first digest table including primary digest values which are digest values corresponding to content data portions constituting the content data, a second digest table including secondary digest values which are digest values corresponding to first digest table portions constituting the first digest table, and a digital signature generated from the second digest table.
- authentication employing a digital signature is performed using the second digest table including digest values of the first digest table, but not the first digest table including digest values of content data.
- data to be read out in an authentication process using a digital signature is the second digest table which has a smaller data size than that of the first digest table. Therefore, a memory capacity required for authentication can be reduced as compared to the conventional art.
- the data structure used in the above-described aspects can be provided.
- the authentication apparatus confirms not only whether or not the second digest table is tampered, but also whether or not the first digest table and content data are tampered. Therefore, the authenticity of contents can be more correctly verified.
- the second and third authentication steps are executed.
- the second and third authentication steps are authentication processes which are performed based on the assumption that the second digest table is authentic. Therefore, by executing the second and third authentication steps after the first authentication step, authentication in the second and third authentication steps can be correctly performed.
- the possibility that the hash function is broken, so that content data is freely tampered, can be reduced as compared to the sixth aspect.
- the possibility that the hash function is broken, so that content data is freely tampered, can be reduced.
- the sixth aspect it is possible to reduce a processing amount of the second authentication step as compared to the fourth aspect.
- FIG. 1 is a diagram showing a data structure including content data which is to be subjected to an authentication method according to an embodiment
- FIG. 2 is a block diagram showing a configuration of a write apparatus for writing data of FIG. 1 into a memory card;
- FIG. 3 is a flowchart showing a process of writing the data of FIG. 1 into the memory card
- FIG. 4 is an external view of a game apparatus as an example of the authentication apparatus of this embodiment
- FIG. 5 is a diagram showing functional blocks of a game apparatus
- FIG. 6 is a diagram showing main data stored in a RAM 24 of the game apparatus
- FIG. 7 is a flowchart showing a first authentication process executed in the game apparatus.
- FIG. 8 is a flowchart showing second and third authentication processes executed in the game apparatus.
- FIG. 1 is a diagram showing a data structure including content data which is to be subjected to the authentication method of this embodiment.
- the data structure of FIG. 1 includes contents 1 , a first digest table 2 , a second digest table 3 , and a digital signature 4 .
- the data 1 to 4 of FIG. 1 may be provided in the form of a storage medium to the user for the contents 1 , or may be provided from a storage means on a server side via a network (e.g., the Internet, etc.) to a reproduction apparatus.
- a network e.g., the Internet, etc.
- the contents 1 are data which is to be provided to the user, such as a game program, video and/or audio data, text data, or the like.
- the contents 1 are a game program and data which is used in a game process executed by the game program.
- the contents 1 are divided into portions having a predetermined data size. A data read operation or the like is performed in units of the data portions (blocks).
- the first digest table 2 is data including digest values (hash values) for the respective data portions constituting the contents 1 .
- the digest values included in the first digest table 2 are also referred to as “primary digest values” so as to distinguish them from digest values included in the second digest table 3 .
- a primary digest value is calculated for each block of the contents 1 . Specifically, a primary digest value is obtained by applying a hash function to a data portion (one block) of the contents 1 .
- the primary digest values included in the first digest table 2 are divided into a plurality of groups. In FIG. 1 , four primary digest values enclosed with a solid line constitute one group. The number of primary digest values included in one group is any number of more than one.
- the second digest table 3 is data including digest values for the respective data portions constituting the first digest table 2 .
- the digest values included in the second digest table 3 are also referred to as “secondary digest value” so as to distinguish them from the digest values included in the first digest table 2 .
- a secondary digest value is calculated for each group in the first digest table 2 .
- a secondary digest value is obtained by applying a hash function to one group of primary digest values.
- a secondary digest value a is obtained by applying the hash function to a group of primary digest values A to D
- a secondary digest value b is obtained by applying the hash function to a group of primary digest values E to H.
- the digital signature 4 is data of a digital signature which is generated from the second digest table 3 .
- the digital signature 4 is data which is obtained by applying a predetermined hash function to the secondary digest values included in the second digest table 3 to obtain a digest value and encrypting the digest value using a public key encryption scheme.
- authentication of the contents 1 is to verify that the contents 1 is data provided from an authentic source, i.e., that the contents 1 is not tampered by a party other than authentic sources.
- An authentication process for the contents 1 includes three steps, i.e., first to third authentication processes.
- the first authentication process is a process of verifying the authenticity of the second digest table 3 using the second digest table 3 and the digital signature 4 .
- authentication is performed by checking a digest value calculated from the second digest table 3 against a digest value obtained by decrypting the digital signature 4 .
- the second authentication process is a process of verifying the authenticity of one group included in the first digest table 2 .
- the third authentication process is a process of verifying the authenticity of one block included in the contents 1 .
- authentication is performed by checking a digest value calculated from one block in the contents 1 against a primary digest value included in the first digest table 2 .
- the data size of the contents 1 is a 256 MB (Mega Bytes)
- a digest unit (a data size to which a hash function is applied) is 2 KB
- the data size of a digest value is 16 B.
- the data size of the first digest table 2 is 2 MB according to expression (1) below.
- the digest unit is 2 KB and the data size of a digest value is 16 B.
- the data size of the second digest table 3 is 16 KB according to expression (2) below.
- the digest unit or the data size of a digest value can be arbitrarily determined both when a primary digest value is calculated from the contents 1 and when a secondary digest is calculated from the first digest table 2 . Therefore, by changing the digest unit or the data size of a digest value as appropriate, the data size of the second digest table 3 can be changed as appropriate.
- an authentication apparatus reads out only one group in the first digest table 2 into a memory, while the whole second digest table 3 needs to be read out into a memory (the first to third authentication processes will be described below).
- a memory area having the data size of the second digest table 3 i.e., 16 KB, may be provided for the authentication process.
- a memory area of 2 MB needs to be provided for the authentication process.
- a memory area required for the authentication process can be significantly reduced as compared to the conventional art.
- the size of a memory area required for the authentication process can be adjusted in consideration of random accessibility and memory capacity.
- contents to be provided to the content user are a game program
- the data 1 to 4 of FIG. 1 to be provided to the user are stored in a memory card
- the game program is read out from the memory card into a mobile game apparatus before execution.
- FIG. 2 is a block diagram showing a configuration of a write apparatus for writing the data of FIG. 1 into a memory card.
- the write apparatus 6 comprises a storage section 7 , a control section 8 , and a write section 9 .
- the write apparatus 6 is provided at a provider of the contents 1 .
- the storage section 7 of FIG. 2 stores the contents 1 , a hash function for calculating a digest value, and an encryption key used for generating a digital signature.
- the control section 8 uses data stored in the storage section 7 to generate the first and second digest tables 2 and 3 and the digital signature 4 .
- the write section 9 can access a memory card 17 which is an exemplary storage medium, and writes data into the memory card 17 in accordance with an instruction from the control section 8 .
- FIG. 3 is a flowchart showing a process of writing the data of FIG. 1 into the memory card 17 .
- the process of FIG. 3 is executed by the control section 8 of the write apparatus 6 .
- Note that the process of FIG. 3 is typically executed by the control section 8 executing a predetermined data generating program.
- step S 1 of FIG. 3 the control section 8 generates the first digest table 2 from the contents 1 stored in the storage section 7 . Specifically, a plurality of primary digest values included in the first digest table 2 are calculated. As described above, a primary digest value is calculated for each block included in the contents 1 . Specifically, the control section 8 applies to a hash function to the blocks in the contents 1 to calculate the primary digest values corresponding to the respective blocks. Note that the hash function used for calculating the primary digest value is referred to as a first hash function. The first hash function is stored in the storage section 7 . The primary digest values calculated in step S 1 are stored as the first digest table 2 in the storage section 7 .
- step S 2 the control section 8 generates the second digest table 3 from the first digest table 2 calculated in step S 1 . Specifically, a plurality of secondary digest values included in the second digest table 3 are calculated. As described above, a secondary digest value is calculated for each group included in the first digest table 2 . Specifically, the control section 8 applies a hash function to the groups in the first digest table 2 to calculate a plurality of secondary digest values corresponding to the respective groups. Note that the hash function used for calculating the secondary digest value is referred to as a second hash function. The second hash function is stored in the storage section 7 . In this embodiment, the first hash function and the second hash function are the same. More specifically, in this embodiment, MD-5 (Message Digest 5) is used as the first and second hash functions. The secondary digest values calculated in step S 2 are stored as the second digest table 3 in the storage section 7 .
- MD-5 Message Digest 5
- step S 3 the control section 8 generates the digital signature 4 from the second digest table 3 .
- the control section 8 applies a predetermined hash function for generating a digital signature to the second digest table 3 to calculate a digest value of the second digest table 3 .
- the digital signature generating hash function is different from the first and second hash functions. Specifically, SHA-1 (Secure Hash Algorithm 1) is used as the digital signature generating hash function.
- the control section 8 encrypts the calculated digest value using a private key to generate the digital signature 4 .
- the private key is an encryption key which is paired with a public key which is used by a game apparatus which uses the contents 1 (game program), and is stored in the storage section 7 .
- the digital signature 4 thus generated is stored into the storage section 7 .
- step S 4 along with the contents 1 , the first digest table 2 , the second digest table 3 and the digital signature 4 generated in steps S 1 to S 3 are written into the memory card 17 .
- the control section 8 instructs the write section 9 to write the data 1 to 4 into the memory card 17 .
- the write section 9 writes the data 1 to 4 into the memory card 17 in accordance with this instruction.
- the memory card 17 includes a ROM 17 a and a RAM 17 b (see FIG. 5 ).
- the data 1 to 4 are written into the ROM 17 a .
- the memory card 17 in which the data 1 to 4 are written by steps S 1 to S 4 is provided from a content provider to a content user.
- the content user inserts the memory card 17 into a game apparatus 10 shown in FIG. 4 to use the contents (game program) 1 of the memory card 17 .
- FIG. 4 is an external view of a game apparatus as an example of the authentication apparatus of this embodiment.
- the game apparatus 10 comprises a first LCD (Liquid Crystal Display) 11 and a second LCD 12 as a display means, a housing 13 , an operation switch section 14 , and a touch panel 15 .
- the memory card 17 is detachably attached to the game apparatus 10 .
- the housing 13 includes an upper housing 13 a and a lower housing 13 b .
- the first LCD 11 is housed in the upper housing 13 a
- the second LCD 12 is housed in the lower housing 13 b .
- the first LCD 11 and the second LCD 12 both has a resolution of 256 dots ⁇ 192 dots.
- LCDs are used as the display devices in the embodiment, any display device may be used, including a display device which employs, for example, EL (Electro Luminescence: electric field light emission), or the like.
- the display device may have any resolution.
- Sound holes 18 a and 18 b through sound is emitted out from a pair of loudspeakers 30 a and 30 b are formed in the upper housing 13 a.
- the lower housing 13 b is provided with a slot through which the memory card 17 is inserted.
- a cross switch 14 a In the lower housing 13 b , a cross switch 14 a , a start switch 14 b , a select switch 14 c , an A-button 14 d , a B-button 14 e , an X-button 14 f , a Y-button 14 g , an L-button 14 L, and an R-button 14 R (collectively referred to as an operation switch section 14 ) are provided as input devices.
- a touch panel 15 is attached onto a screen of the second LCD 12 .
- the lower housing 13 b is also provided with sound holes 33 a around the second LCD 12 .
- a microphone 33 is provided in the vicinity of the sound holes 33 a and inside the lower housing 13 b .
- the microphone 33 converts sound entering through the sound holes 33 a from the outside of the lower housing 13 b , into an electrical signal (audio signal).
- the lower housing 13 b is also provided with a power button 19 , and a slot into which a stick 16 is inserted.
- the touch panel 15 may be of any type including, for example, a resistance film type, an optical (infrared) type, an electrostatic capacitance coupling type, and the like.
- the touch panel 15 has a function of outputting coordinate data corresponding to a touch position where the stick 16 touches a surface of the touch panel 15 .
- a pen stylus pen
- a finger can be used instead of the stick 16 so as to operate the touch panel 15 .
- the touch panel 15 has the same resolution (detection precision) as that of the second LCD 12 , i.e., 256 dots ⁇ 192 dots. Note that the touch panel 15 and the second LCD 12 do not need to have the same resolution.
- a CPU core 21 is provided on an electronic circuit board 20 which is housed in the housing 13 .
- a connector 23 an input/output interface circuit (denoted as an I/F circuit in FIG. 2 ) 25 , a first GPU (Graphics Processing Unit) 26 , a second GPU 27 , a RAM 24 , and an LCD controller 31 are connected via a bus 22 to the CPU core 21 .
- the memory card 17 is detachably connected to the connector 23 .
- the memory card 17 comprises the ROM 17 a which stores the data 1 to 4 of FIG. 1 and the RAM 17 b which stores rewritable backup data.
- the game program (contents 1 ) stored in the ROM 17 a of the memory card 17 is loaded into the RAM 24 , and the game program loaded in the RAM 24 is executed by the CPU core 21 .
- the RAM 24 stores temporary data obtained by the CPU core 21 executing the game program, data for generating a game image, and the like.
- the operation switch section 14 , the touch panel 15 , the right loudspeaker 30 a , the left loudspeaker 30 b , and the microphone 33 are connected to the I/F circuit 25 .
- the right loudspeaker 30 a and the left loudspeaker 30 b are provided inside under the sound holes 18 a and 18 b , respectively.
- the CPU core 21 outputs audio data (sound source) stored in the RAM 24 or the like from the I/F circuit 25 via an A/D conversion circuit (not shown), an amplifier (not shown) and the like to the loudspeakers 30 a and 30 b .
- the loudspeakers 30 a and 30 b output sound represented by the audio data. Audio data indicating audio input to the microphone 33 is stored via the I/F circuit 25 to the RAM 24 .
- a first VRAM (Video RAM) 28 is connected to the first GPU 26
- a second VRAM 29 is connected to the second GPU 27 .
- the first GPU 26 generates a first game image based on data for generating a game image, the data being stored in the RAM 24 , and draws the first game image into the first VRAM 28 , in accordance with an instruction from the CPU core 21 .
- the second GPU 27 generates a second game image and draws the second game image into the second VRAM 29 , in accordance with an instruction from the CPU core 21 .
- the first VRAM 28 and the second VRAM 29 are connected to the LCD controller 31 .
- the LCD controller 31 includes a register 32 .
- the register 32 stores a value of 0 or 1 in accordance with an instruction from the CPU core 21 .
- the LCD controller 31 outputs the first game image drawn in the first VRAM 28 to the first LCD 11 , and outputs the second game image drawn in the second VRAM 29 to the second LCD 12 .
- the above-described configuration of the game apparatus 10 is only for illustrative purposes.
- the authentication apparatus can be implemented by any computer system which reproduces and/or executes the contents 1 .
- FIG. 6 is a diagram showing main data stored in the RAM 24 of the game apparatus 10 .
- the RAM 24 includes an authentication program storage area 41 , a content storage area 42 , a first hash function storage area 43 , a second hash function storage area 44 , and a digital signature generation data storage area 45 .
- the authentication program storage area 41 is used to store an authentication program for executing the authentication process with respect to the contents 1 .
- the authentication program is previously stored, but is not a program obtained from the memory card 17 .
- the content storage area 42 is used to store a part of the contents 1 stored in the memory card 17 .
- the game apparatus 10 reads out a required data portion of the contents 1 as appropriate into the content storage area 42 , and executes a game process using the read data portion.
- the first hash function storage area 43 is used to store the first hash function.
- the second hash function storage area 44 is used to store the second hash function.
- the data of the first and second hash function is previously stored as with the authentication program. Note that, when the first hash function and the second hash function are the same hash function, only one of the first and second hash function storage areas 43 and 44 may be provided.
- the digital signature generation data storage area 45 is used to store data required for authentication using the digital signature 4 , i.e., the data of the digital signature generating hash function and the public key.
- the public key is paired with the encryption key stored in the write apparatus 6 . Note that the data required for authentication using the digital signature 4 is previously stored as with the authentication program.
- the RAM 24 is used to store various data (described below) used for the authentication process in addition to the data stored in the storage areas 41 to 45 .
- the authentication process includes an authentication process (first authentication process) executed when the memory card 17 is attached to the game apparatus 10 , and processes (second and third authentication processes) executed when the game apparatus 10 reads out the data of the contents 1 from the memory card 17 .
- first authentication process is executed in response to attachment of the memory card 17 to the game apparatus 10 .
- second and third authentication processes are executed when the game apparatus 10 reads out the data of the contents 1 from the memory card 17 .
- FIG. 7 is a flowchart showing the first authentication process executed in the game apparatus 10 .
- the first authentication process of FIG. 7 is executed in response to attachment of the memory card 17 to the game apparatus 10 .
- the first authentication process is executed independently of whether or not the contents 1 stored in the memory card 17 are provided by an authentic provider. Note that the game apparatus 10 does not read out the contents 1 until reading of the contents 1 is permitted in the first authentication process.
- step S 11 of FIG. 7 the CPU core 21 reads out the second digest table 3 and the digital signature 4 from the memory card 17 attached to the game apparatus 10 into the RAM 24 .
- steps S 12 to S 16 executed after step S 11 , the first authentication process, i.e., an authentication process for the contents 1 using the second digest table 3 and the digital signature 4 , is performed.
- step S 12 the CPU core 21 decrypts the read digital signature 4 to generate a digest value.
- the digital signature 4 is decrypted using the data of the public key stored in the digital signature generation data storage area 45 .
- step S 13 a digest value is calculated from the read second digest table 3 .
- the digest value is calculated by applying a digital signature generating hash function to the second digest table 3 .
- the digital signature generating hash function is stored in the digital signature generation data storage area 45 . Note that, in another embodiment, the processes of steps S 12 and S 13 may be executed in any order or in parallel.
- step S 14 the CPU core 21 determines whether or not the digest value generated in step S 12 is equal to the digest value generated in step S 13 . When these two digest values are equal to each other, it is determined that authentication is successful in the first authentication process, and a process of step S 15 is executed. On the other hand, when the two digest values are not equal to each other, it is determined that authentication is not successful in the first authentication process, and a process of step S 16 is executed.
- step S 15 reading of the contents 1 (execution of the game process) is permitted, and the CPU core 21 ends the first authentication process of FIG. 7 . Thereby, in step S 15 and later, the game process which uses the contents 1 is executed. In step S 15 , the authenticity of the contents 1 is verified by the first authentication process. Note that, in this embodiment, even when the authenticity of the contents 1 is verified by the first authentication process, the authenticity of the contents 1 may not be verified in the second authentication process and the third authentication process which are executed after the first authentication process.
- step S 16 reading of the contents 1 (execution of the game process) is forbidden. In this case, the game program included in the contents 1 cannot be executed, and therefore, the CPU core 21 ends the process of FIG. 7 .
- the CPU core 21 may display a message indicating that the contents 1 in the memory card 17 are not authentic (e.g., “this memory card cannot be used”, etc.) on the screen of the first LCD 11 or the second LCD 12 .
- the CPU core 21 may delete the digest value calculated from the second digest table 3 and the data of the digital signature 4 from the RAM 24 . Also, in this embodiment, the second digest table 3 is held in the RAM 24 since the second digest table 3 is used in the second authentication process described below.
- the CPU core 21 proceeds to perform a game process by performing a process of reading out and executing the game program included in the contents 1 , a process of reading out game data (image data, sound data, etc.) included in the contents 1 , or the like.
- data of the contents 1 is read out on a block-by-block basis into the game apparatus 10 .
- the second authentication process and the third authentication process are executed.
- the second authentication process and the third authentication process will be described in detail.
- FIG. 8 is a flowchart showing the second and third authentication processes executed in the game apparatus 10 .
- the second and third authentication processes of FIG. 8 are executed in response to reading of one block from the contents 1 by the game apparatus 10 . Note that the game apparatus 10 does not use the contents 1 , i.e., the game process based on the contents 1 is not executed, until the use of the contents 1 is permitted in the second and third authentication processes.
- step S 21 shown in FIG. 8 the CPU core 21 designates a block to be read out of the data portions (content data portions) of the contents 1 .
- a content data portion to be read out is determined by the game process which has been so far executed.
- a block including a content data portion to be first read out is previously determined.
- the CPU core 21 designates the previously determined block.
- steps S 22 to S 25 after step S 21 the second authentication process is executed.
- the second authentication process of the groups included in the first digest table 2 , the authenticity of primary digest values included in a group corresponding to the block designated by the step S 21 is verified.
- step S 22 the CPU core 21 designates a group corresponding to the block designated by step S 21 . Specifically, a group including primary digest values corresponding to a content data portion included in the block is designated. For example, when a block A shown in FIG. 1 is designated, a group including primary digest values A to D is designated as a group corresponding to the block A.
- step 23 the CPU core 21 reads out the primary digest values of the designated group from the memory card 17 .
- the data thus read out is stored into the RAM 24 .
- step S 23 the data of a group which has been stored in the RAM 24 by the previous step S 23 is overwritten with the data of a new group in the RAM 24 .
- the RAM 24 may have a storage area having a capacity corresponding to one group, as a storage area for the first digest table 2 .
- step S 24 the primary digest values of the designated group are used to calculate a secondary digest value corresponding to the group.
- the secondary digest value is calculated by applying the second hash function to the primary digest values included in the designated group.
- the second hash function is stored in the second hash function storage area 44 .
- step S 25 the CPU core 21 determines whether or not the secondary digest value calculated in step S 24 is equal to a secondary digest value corresponding to the designated group.
- the latter secondary digest value is obtained from the second digest table 3 which has already been read out into the RAM 24 in step S 11 of FIG. 7 .
- the secondary digest value corresponding to the group is the secondary digest value a of FIG. 1 .
- the third authentication process is executed in steps S 26 to S 29 .
- the authenticity of the block designated by step S 21 of the blocks included in the contents 1 is verified.
- step S 26 the CPU core 21 reads out the designated block (a content data portion included in the block) from the memory card 17 .
- the data thus read out is stored into the content storage area 42 of the RAM 24 .
- the content storage area 42 may be capable of storing at least one block of the contents 1
- the content storage area 42 may be capable of storing a plurality of blocks (e.g., two blocks) of the contents 1 .
- a primary digest value corresponding to the designated block is calculated.
- the digest value is calculated by applying the first hash function to the content data portion included in the designated block.
- the first hash function is stored in the first hash function storage area 43 .
- step S 28 the CPU core 21 determines whether or not the primary digest value calculated by step S 27 is equal to a primary digest value corresponding to the designated block. Note that the latter primary digest value is obtained from the first digest table 2 which has already been read out into the RAM 24 in step S 23 . When these two digest values are equal to each other, it is determined that authentication is successful in the third authentication process, and a process of step S 29 is executed. On the other hand, when the two digest values are not equal to each other, it is determined that authentication is not successful in the third authentication process, and a process of step S 30 is executed.
- step S 29 the CPU core 21 permits the use of the read block, and executes a process based on the block.
- the read block is a game program
- the CPU core 21 executes the game program to execute a game process.
- the contents 1 may be encrypted on, for example, a block-by-block basis.
- the encrypted data of the contents 1 is decrypted in step S 29 (or step S 26 ).
- step S 29 the CPU core 21 ends the process of FIG. 8 . Thereafter, when the contents 1 need to be read in a game process, the process of FIG. 8 is executed again. The process of FIG. 8 is executed every time a block of the contents 1 is read out.
- the first and second digest tables 2 and 3 stored in the memory card 17 may be encrypted as with the contents 1 .
- the CPU core 21 decrypts the first digest table 2 in step S 23 .
- the CPU core 21 decrypts the second digest table 3 in step S 11 .
- the data 1 to 3 may be encrypted using different schemes or keys.
- step S 30 the use of the contents 1 is forbidden, so that the CPU core 21 ends the process of FIG. 8 .
- a message indicating that the contents 1 of the memory card 17 are not authentic may be displayed on the screen of the first LCD 11 or the second LCD 12 in step S 30 as in step S 16 .
- the CPU core 21 suspends a game process even during execution of the game process.
- the second and third authentication processes may not be performed for data of the contents 1 which has already been stored in the content storage area 42 .
- the CPU core 21 may determine whether or not a block designated by step S 21 has already been stored in the content storage area 42 , before the process of step S 22 .
- the processes of steps S 22 to S 28 are skipped and the process of step S 29 may be executed.
- the digital signature generating hash function may be preferably a hash function which is stronger than the first and second hash functions (more difficult to break, i.e., a higher level of security). This is because the digital signature generating hash function is used only once when the memory card 17 is attached, and therefore, a function in which an importance is put on security is preferably employed as the digital signature generating hash function.
- the security level of a hash function is determined, depending on the number of bits in the process of calculating a digest value, the number of bits of a digest value, whether or not a digest value is encrypted, or the like.
- a hash function having a relatively large number of bits in the digest value calculating process or a relatively large number of bits of a digest value is stronger than a hash function having a relatively smaller one.
- a hash function with encryption (a hash function with a key) is considered to be stronger than the hash function without encryption.
- the first hash function and the second hash function are the same.
- the first hash function and the second hash function may be different from each other so as to reduce the processing amounts of the second authentication process and the third authentication process.
- the second hash function a hash function having a smaller processing amount for calculating a digest value than that of the first hash function is preferably used.
- a hash function stronger than the second hash function is preferably used.
- SHA-1 may be used as the first hash function
- MD-5 may be used as the second hash function.
- the digital signature generating hash function is preferably stronger than the first and second hash functions, and therefore, for example, SHA-256 is used as the digital signature generating hash function.
- a reason why a hash function stronger than the second hash function is used as the first hash function is that the contents 1 are more easily tampered when the first hash function is broken than when the second hash function is broken.
- the first hash function indicates a relationship between the contents 1 and the primary digest values. Therefore, when the first hash function is broken, the contents 1 can be directly tampered. However, even when the second hash function is broken, the contents 1 cannot be directly tampered. Therefore, when the processing amount of either the second authentication process or the third authentication process is desired to be reduced, it is preferably to reduce the security level of the second hash function.
- the data structure of FIG. 1 which is stored in a storage medium, such as a memory card or the like, is provided to the content user.
- the data structure of FIG. 1 may be provided to the content user via communication on a network.
- a network may include a system in which an authentication apparatus (e.g., the game apparatus 10 ) can communicate via a network with a server apparatus storing the data structure.
- an authentication apparatus e.g., the game apparatus 10
- a server apparatus storing the data structure.
- the operation of the authentication apparatus in this system is similar to that of the above-described embodiment, except that a process of receiving data from the server apparatus is performed instead of the process of reading out data from a memory card.
- Certain example embodiments may include, for example, a system which provides a game program to the user, a game apparatus which is used in the system, and the like, for the purpose of efficiently performing the checking process, reducing a memory capacity required for authentication, or the like.
Abstract
A storage means which can be accessed by an authentication apparatus stores content data, a first digest table including primary digest values corresponding to a plurality of data portions constituting the content data, a second digest table including secondary digest values corresponding to a plurality of data portions of the first digest table, and a digital signature generated from the second digest table. In a first reading step, the second digest table and the digital signature are read out from the storage means into a memory of the authentication apparatus. In a first authentication step, the authenticity of the content data is verified using the digital signature read out into the memory and the second digest table read out into the memory.
Description
- This application is a Continuation Application of U.S. application Ser. No. 11/802,983, filed May 29, 2007 which claims priority to Japanese Patent Application No. 2006-189696, filed Jul. 10, 2006, each of which are incorporated herein by reference.
- The technology herein relates to a data authentication method, and more particularly, to a data authentication method for authenticating data which is provided from an authentic source.
- Patent Document 1 (Japanese Laid-Open Patent Publication No. 2006-74421) describes a technique of verifying the authenticity of program data stored in an information storage medium. In this technique, the information storage medium stores content data and a content hash table. The content hash table is data including hash values (digest values) corresponding to respective pieces of data (subdivided content data) which are obtained by subdividing the content data. An information processing apparatus which reads the content data reads the subdivided content data and the digest value, and checks a hash value calculated from the subdivided content data against the read hash value. Thereby, the information processing apparatus can execute the hash value calculating process and the hash value checking process for each piece of subdivided content data. Therefore, the information processing apparatus, when reading a part of the content data, needs to perform the checking process only with respect to a part which is to be actually read out, whereby the authenticity of the content data can be efficiently verified.
- Note that the information storage medium stores a content certificate which is obtained by using a digital signature to encrypt content hash values calculated from the content hash table. By performing the checking process using the content certificate, even when the content data and the corresponding hash values are tampered, the authenticity of the content data can be correctly verified. Specifically, by checking a content hash value obtained by decrypting the content certificate against a content hash value obtained from the content hash table read from the information storage medium, the authenticity of the content data can be verified.
- In
Patent Document 1, the information processing apparatus, when verifying the authenticity of data in the information storage medium using the content certificate, calculates content hash values from the content hash table. Therefore, the information processing apparatus needs to read the whole content hash table into a memory. Therefore, as the data size of the content hash table increases, the capacity of the memory which should be provided in the information processing apparatus needs to be increased. Therefore, when it is difficult to provide a memory having a sufficiently large capacity (e.g., when the information processing apparatus is a mobile apparatus or the like), a memory capacity required for authentication may be insufficient. Note that it is contemplated that content data may be subdivided into larger data units so as to reduce the number of hash values, thereby reducing the data size of the content hash table. In this method, however, the efficiency of the checking process when a part of the content data is read is poor. - Therefore, example embodiments provide a data authentication method capable of efficiently performing the checking process and reducing a memory capacity required for authentication.
- Certain example embodiments may have the following features. Note that reference numerals, additional descriptions and the like inside parentheses in this section indicate correspondence to embodiments described below for the sake of easy understanding, and are not limiting.
- A first aspect of certain example embodiments is directed to a method for use in an authentication apparatus (a game apparatus 10) for authenticating content data (1). The authentication apparatus can access a storage means storing the content data, a first digest table (2), a second digest table (3), and a digital signature (4). The first digest table includes primary digest values which are digest values corresponding to content data portions constituting the content data. The second digest table includes secondary digest values which are digest values corresponding to portions constituting the first digest table. The digital signature is generated from a secondary digest value included in the second digest table. The authentication method comprises a first reading step (S11) and a first authentication step (S12 to S14). The first reading step reads out the second digest table and the digital signature from the storage means into a memory (RAM 24) of the authentication apparatus. The first authentication step verifies the authenticity of the content data using the digital signature read out into the memory and a secondary digest value included in the second digest table read out into the memory.
- Note that, in the first aspect, the content data includes a plurality of content data portions. A primary digest value is calculated for each content data portion. The first digest table may include primary digest values corresponding to all the content data portions. When the digital signature is generated, data included in the second digest table (e.g., all data included in the second digest table) is subjected to a predetermined operation (a hash function is applied, etc.), for example. For example, the digital signature may be data which is obtained by encrypting, using a predetermined private key, a digest value which has been obtained by applying a predetermined hash function to the data in the second digest table. In this case, in the first authentication step, it may be determined whether or not the data generated by performing the predetermined operation with respect to the data included in the second digest table, matches data obtained by decrypting the digital signature using a public key corresponding to the private key.
- In a second aspect based on the frist aspect, the secondary digest values are calculated for respective groups each including a plurality of primary digest values. The authentication method further comprises a designation step (S21), a first calculation step (S24), a second authentication step (S25), a second calculation step (S27), and a third authentication step (S28). The designation step designates a content data portion to be read out of the content data portions. The first calculation step calculates, from a group including a primary digest value corresponding to the designated content data portion, a secondary digest value corresponding to the group. The second authentication step verifies the authenticity of the content data by checking the secondary digest value calculated in the first calculation step against a secondary digest value corresponding to the group including the primary digest values corresponding to the designated content data portion. The second calculation step calculates, from the designated content data portion, a digest value of the content data portion, when authentication is successful in the second authentication step. The third authentication step verifies the authenticity of the content data by checking the digest value calculated in the second calculation step against the primary digest value corresponding to the designated content data portion.
- Note that, in the second aspect, in the designation step, in response to determination of data to be read out of the data included in the content data (by a technique, such as random access or the like), the authentication apparatus may designate a content data portion including the data to be read out.
- A third aspect based on the second aspect, the first authentication step may be executed after the authentication apparatus and the storage means become accessible and before the second authentication step is executed.
- A fourth aspect based on the second aspect, a hash function for calculating a primary digest value from the content data portion may be the same as a hash function for calculating a secondary digest value from the first digest table portion.
- A fifth aspect based on the fourth aspect, the digital signature may be generated based on a digest value corresponding to a plurality of secondary digest values included in the second digest table. In this case, a hash function for calculating the digest value has a higher security level than that of the hash function for calculating a primary digest value from the content data portion.
- Note that, in the fifth aspect, a hash function has a high security level in the following cases:
- (a) the number of bits in a process of calculating a hash value in the hash function is relatively large;
- (b) the number of bits of a hash value as a calculation of the hash function is relatively large; and
- (c) the hash function includes encryption (as compared to the hash function without encryption).
- A sixth aspect based on the second aspect, a hash function for calculating a secondary digest value from a data portion of the first digest table may have a smaller processing amount for calculation of a digest value than that of a hash function for calculating a primary digest value from a data portion of the content data.
- Note that, in the sixth aspect, the processing amount of calculation of a digest value is small in the following cases:
- (a) the number of bits in a process of calculating a hash value in the hash function is relatively large;
- (b) the number of bits of a hash value as a calculation of the hash function is relatively large; and
- (c) the hash function includes encryption (as compared to the hash function without encryption).
- A seventh aspect based on the first aspect, a hash function used in the first authentication step may have a higher security level than those of a hash function for calculating a secondary digest value from the first digest table portion and a hash function for calculating a primary digest value from the content data portion.
- An eighth aspect of certain example embodiments is directed to an authentication apparatus (game apparatus 10) for authenticating content data. The authentication apparatus can access a storage means (memory card 17) storing the content data, a first digest table including primary digest values which are digest values corresponding to content data portions constituting the content data, a second digest table including secondary digest values which are digest values corresponding to first digest table portions constituting the first digest table, and a digital signature generated from a secondary digest value included in the second digest table. The authentication apparatus comprises a reading means (a
CPU core 21 for executing step S11, etc.; only step numbers are described in similar cases in this paragraph) and an authentication means (S12 to S14). The reading means reads out the second digest table and the digital signature from the storage means into a memory (RAM 24) of the authentication apparatus. The authentication means verifies the authenticity of the content data using the digital signature read out into the memory and a secondary digest value included in the second digest table read out into the memory. - A ninth aspect of certain example embodiments is directed to a computer readable storage medium storing an authentication process program executed by a computer (
CPU core 21, etc.) of an authentication apparatus (game apparatus 10) for authenticating content data. The authentication apparatus can access a storage means storing the content data, a first digest table including primary digest values which are digest values corresponding to content data portions constituting the content data, a second digest table including secondary digest values which are digest values corresponding to first digest table portions constituting the first digest table, and a digital signature generated from a secondary digest value included in the second digest table. The authentication process program causes the computer to execute a reading step (S11) and an authentication step (S12 to S14). The reading step reads out the second digest table and the digital signature from the storage means into a memory of the authentication apparatus. The authentication step verifies the authenticity of the content data using the digital signature read out into the memory and a secondary digest value included in the second digest table read out into the memory. - A tenth aspect of certain example embodiments is directed to a data processing method for generating data to be stored into a storage means. The data processing method comprises a first calculation step (S1), a second calculation step (S2), a digital signature generating step (S3), and a setting step (S4). The first calculation step calculates primary digest values which are digest values corresponding to content data portions constituting content data. The second calculation step calculates secondary digest values which are digest values corresponding to first digest table portions constituting a first digest table including the primary digest values calculated in the first calculation step. The digital signature generating step generates a digital signature from a second digest table including the secondary digest values calculated in the second calculation step. The setting step sets the content data, the first digest table, the second digest table, and the digital signature as data to be stored into the storage means.
- An eleventh aspect of certain example embodiments is directed to a computer readable storage medium. The storage medium stores content data, a first digest table including primary digest values which are digest values corresponding to content data portions constituting the content data, a second digest table including secondary digest values which are digest values corresponding to first digest table portions constituting the first digest table, and a digital signature generated from the second digest table.
- According to the first and eighth to eleventh aspects, authentication employing a digital signature is performed using the second digest table including digest values of the first digest table, but not the first digest table including digest values of content data. In other words, data to be read out in an authentication process using a digital signature is the second digest table which has a smaller data size than that of the first digest table. Therefore, a memory capacity required for authentication can be reduced as compared to the conventional art. Also, according to the tenth and eleventh aspects, the data structure used in the above-described aspects can be provided.
- According to the second aspect, the authentication apparatus confirms not only whether or not the second digest table is tampered, but also whether or not the first digest table and content data are tampered. Therefore, the authenticity of contents can be more correctly verified.
- According to the third aspect, after the authenticity of the second digest table is authenticated in the first authentication step, the second and third authentication steps are executed. The second and third authentication steps are authentication processes which are performed based on the assumption that the second digest table is authentic. Therefore, by executing the second and third authentication steps after the first authentication step, authentication in the second and third authentication steps can be correctly performed.
- According to the fourth aspect, by causing a hash function for calculating a primary digest value and a hash function for calculating a secondary digest value to be the same, the possibility that the hash function is broken, so that content data is freely tampered, can be reduced as compared to the sixth aspect.
- According to the fifth and seventh aspects, by increasing the security level of a hash function used for a digital signature, the possibility that the hash function is broken, so that content data is freely tampered, can be reduced.
- According to the sixth aspect, it is possible to reduce a processing amount of the second authentication step as compared to the fourth aspect.
- These and other objects, features, aspects and advantages of certain example embodiments will become more apparent from the following detailed description when taken in conjunction with the accompanying drawings.
-
FIG. 1 is a diagram showing a data structure including content data which is to be subjected to an authentication method according to an embodiment; -
FIG. 2 is a block diagram showing a configuration of a write apparatus for writing data ofFIG. 1 into a memory card; -
FIG. 3 is a flowchart showing a process of writing the data ofFIG. 1 into the memory card; -
FIG. 4 is an external view of a game apparatus as an example of the authentication apparatus of this embodiment; -
FIG. 5 is a diagram showing functional blocks of a game apparatus; -
FIG. 6 is a diagram showing main data stored in aRAM 24 of the game apparatus; -
FIG. 7 is a flowchart showing a first authentication process executed in the game apparatus; and -
FIG. 8 is a flowchart showing second and third authentication processes executed in the game apparatus. - (1) Outline
- Firstly, an outline of an authentication method according to an embodiment will be described with reference to
FIG. 1 .FIG. 1 is a diagram showing a data structure including content data which is to be subjected to the authentication method of this embodiment. The data structure ofFIG. 1 includescontents 1, a first digest table 2, a second digest table 3, and adigital signature 4. Thedata 1 to 4 ofFIG. 1 may be provided in the form of a storage medium to the user for thecontents 1, or may be provided from a storage means on a server side via a network (e.g., the Internet, etc.) to a reproduction apparatus. - The
contents 1 are data which is to be provided to the user, such as a game program, video and/or audio data, text data, or the like. In an example described below, thecontents 1 are a game program and data which is used in a game process executed by the game program. In this embodiment, thecontents 1 are divided into portions having a predetermined data size. A data read operation or the like is performed in units of the data portions (blocks). - The first digest table 2 is data including digest values (hash values) for the respective data portions constituting the
contents 1. In this embodiment, the digest values included in the first digest table 2 are also referred to as “primary digest values” so as to distinguish them from digest values included in the second digest table 3. A primary digest value is calculated for each block of thecontents 1. Specifically, a primary digest value is obtained by applying a hash function to a data portion (one block) of thecontents 1. The primary digest values included in the first digest table 2 are divided into a plurality of groups. InFIG. 1 , four primary digest values enclosed with a solid line constitute one group. The number of primary digest values included in one group is any number of more than one. - The second digest table 3 is data including digest values for the respective data portions constituting the first digest table 2. In this embodiment, the digest values included in the second digest table 3 are also referred to as “secondary digest value” so as to distinguish them from the digest values included in the first digest table 2. A secondary digest value is calculated for each group in the first digest table 2. Specifically, a secondary digest value is obtained by applying a hash function to one group of primary digest values. In
FIG. 1 , a secondary digest value a is obtained by applying the hash function to a group of primary digest values A to D, and a secondary digest value b is obtained by applying the hash function to a group of primary digest values E to H. - The
digital signature 4 is data of a digital signature which is generated from the second digest table 3. Specifically, thedigital signature 4 is data which is obtained by applying a predetermined hash function to the secondary digest values included in the second digest table 3 to obtain a digest value and encrypting the digest value using a public key encryption scheme. - Next, an outline of a content authentication method when the data structure of
FIG. 1 is employed will be described. Note that authentication of thecontents 1 is to verify that thecontents 1 is data provided from an authentic source, i.e., that thecontents 1 is not tampered by a party other than authentic sources. An authentication process for thecontents 1 includes three steps, i.e., first to third authentication processes. The first authentication process is a process of verifying the authenticity of the second digest table 3 using the second digest table 3 and thedigital signature 4. Specifically, in the first authentication process, authentication is performed by checking a digest value calculated from the second digest table 3 against a digest value obtained by decrypting thedigital signature 4. The second authentication process is a process of verifying the authenticity of one group included in the first digest table 2. Specifically, in the second authentication process, authentication is performed by checking a digest value calculated from the first digest table 2 against a secondary digest value included in the second digest table 3. The third authentication process is a process of verifying the authenticity of one block included in thecontents 1. In the third authentication process, authentication is performed by checking a digest value calculated from one block in thecontents 1 against a primary digest value included in the first digest table 2. - In the first to third authentication processes, not all data in the first digest table 2 needs to be simultaneously read out into a memory. This is because, in the second authentication process, only one group included in the first digest table 2 is authenticated. Therefore, in this embodiment, a memory area required for the authentication process can be reduced as compared to when all data in the first digest table 2 is simultaneously read out into a memory as in the conventional art.
- For example, it is assumed that the data size of the
contents 1 is a 256 MB (Mega Bytes), a digest unit (a data size to which a hash function is applied) is 2 KB, and the data size of a digest value is 16 B. In this case, the data size of the first digest table 2 is 2 MB according to expression (1) below. -
(256 [MB]/2 [KB])×16 [B]=2 [MB] (1) - Also, when a secondary digest value is calculated from a group in the first digest table 2, it is assumed that the digest unit is 2 KB and the data size of a digest value is 16 B. In this case, the data size of the second digest table 3 is 16 KB according to expression (2) below.
-
2 [MB]/2 [KB]×16 [B]=16 [KB] (2) - Note that, when the digest unit or the data size of a digest value can be arbitrarily determined both when a primary digest value is calculated from the
contents 1 and when a secondary digest is calculated from the first digest table 2. Therefore, by changing the digest unit or the data size of a digest value as appropriate, the data size of the second digest table 3 can be changed as appropriate. Here, in this embodiment, an authentication apparatus reads out only one group in the first digest table 2 into a memory, while the whole second digest table 3 needs to be read out into a memory (the first to third authentication processes will be described below). In other words, a memory area having the data size of the second digest table 3, i.e., 16 KB, may be provided for the authentication process. In contrast to this, in conventional methods, since the whole first digest table 2 needs to be read out, a memory area of 2 MB needs to be provided for the authentication process. As described above, according to this embodiment, a memory area required for the authentication process can be significantly reduced as compared to the conventional art. In addition, by adjusting the data size of the second digest table 3, the size of a memory area required for the authentication process can be adjusted in consideration of random accessibility and memory capacity. - Hereinafter, the processes of this embodiment will be described in detail. Note that it is hereinafter assumed that contents to be provided to the content user are a game program, the
data 1 to 4 ofFIG. 1 to be provided to the user are stored in a memory card, and the game program is read out from the memory card into a mobile game apparatus before execution. - (2) Data Generating Process by Content Provider
- Firstly, a process of generating the data structure of
FIG. 1 will be described in detail with reference toFIGS. 2 and 3 .FIG. 2 is a block diagram showing a configuration of a write apparatus for writing the data ofFIG. 1 into a memory card. InFIG. 2 , thewrite apparatus 6 comprises a storage section 7, acontrol section 8, and awrite section 9. Thewrite apparatus 6 is provided at a provider of thecontents 1. - The storage section 7 of
FIG. 2 stores thecontents 1, a hash function for calculating a digest value, and an encryption key used for generating a digital signature. Thecontrol section 8 uses data stored in the storage section 7 to generate the first and second digest tables 2 and 3 and thedigital signature 4. Thewrite section 9 can access amemory card 17 which is an exemplary storage medium, and writes data into thememory card 17 in accordance with an instruction from thecontrol section 8. -
FIG. 3 is a flowchart showing a process of writing the data ofFIG. 1 into thememory card 17. The process ofFIG. 3 is executed by thecontrol section 8 of thewrite apparatus 6. Note that the process ofFIG. 3 is typically executed by thecontrol section 8 executing a predetermined data generating program. - In step S1 of
FIG. 3 , thecontrol section 8 generates the first digest table 2 from thecontents 1 stored in the storage section 7. Specifically, a plurality of primary digest values included in the first digest table 2 are calculated. As described above, a primary digest value is calculated for each block included in thecontents 1. Specifically, thecontrol section 8 applies to a hash function to the blocks in thecontents 1 to calculate the primary digest values corresponding to the respective blocks. Note that the hash function used for calculating the primary digest value is referred to as a first hash function. The first hash function is stored in the storage section 7. The primary digest values calculated in step S1 are stored as the first digest table 2 in the storage section 7. - In step S2, the
control section 8 generates the second digest table 3 from the first digest table 2 calculated in step S1. Specifically, a plurality of secondary digest values included in the second digest table 3 are calculated. As described above, a secondary digest value is calculated for each group included in the first digest table 2. Specifically, thecontrol section 8 applies a hash function to the groups in the first digest table 2 to calculate a plurality of secondary digest values corresponding to the respective groups. Note that the hash function used for calculating the secondary digest value is referred to as a second hash function. The second hash function is stored in the storage section 7. In this embodiment, the first hash function and the second hash function are the same. More specifically, in this embodiment, MD-5 (Message Digest 5) is used as the first and second hash functions. The secondary digest values calculated in step S2 are stored as the second digest table 3 in the storage section 7. - In step S3, the
control section 8 generates thedigital signature 4 from the second digest table 3. Specifically, initially, thecontrol section 8 applies a predetermined hash function for generating a digital signature to the second digest table 3 to calculate a digest value of the second digest table 3. In this embodiment, the digital signature generating hash function is different from the first and second hash functions. Specifically, SHA-1 (Secure Hash Algorithm 1) is used as the digital signature generating hash function. Further, thecontrol section 8 encrypts the calculated digest value using a private key to generate thedigital signature 4. The private key is an encryption key which is paired with a public key which is used by a game apparatus which uses the contents 1 (game program), and is stored in the storage section 7. Thedigital signature 4 thus generated is stored into the storage section 7. - In step S4, along with the
contents 1, the first digest table 2, the second digest table 3 and thedigital signature 4 generated in steps S1 to S3 are written into thememory card 17. Specifically, thecontrol section 8 instructs thewrite section 9 to write thedata 1 to 4 into thememory card 17. Thewrite section 9 writes thedata 1 to 4 into thememory card 17 in accordance with this instruction. Note that thememory card 17 includes aROM 17 a and aRAM 17 b (seeFIG. 5 ). Thedata 1 to 4 are written into theROM 17 a. After step S4, thecontrol section 8 ends the process ofFIG. 3 . - In this embodiment, the
memory card 17 in which thedata 1 to 4 are written by steps S1 to S4 is provided from a content provider to a content user. The content user inserts thememory card 17 into agame apparatus 10 shown inFIG. 4 to use the contents (game program) 1 of thememory card 17. - (3) Authentication Process by Content User
- Next, an authentication process of the
contents 1 performed by the content user will be described in detail with reference toFIGS. 4 to 8 .FIG. 4 is an external view of a game apparatus as an example of the authentication apparatus of this embodiment. InFIG. 1 , thegame apparatus 10 comprises a first LCD (Liquid Crystal Display) 11 and asecond LCD 12 as a display means, ahousing 13, anoperation switch section 14, and atouch panel 15. Thememory card 17 is detachably attached to thegame apparatus 10. - The
housing 13 includes anupper housing 13 a and alower housing 13 b. Thefirst LCD 11 is housed in theupper housing 13 a, while thesecond LCD 12 is housed in thelower housing 13 b. Thefirst LCD 11 and thesecond LCD 12 both has a resolution of 256 dots×192 dots. Although LCDs are used as the display devices in the embodiment, any display device may be used, including a display device which employs, for example, EL (Electro Luminescence: electric field light emission), or the like. The display device may have any resolution. - Sound holes 18 a and 18 b through sound is emitted out from a pair of
loudspeakers upper housing 13 a. - The
lower housing 13 b is provided with a slot through which thememory card 17 is inserted. In thelower housing 13 b, across switch 14 a, astart switch 14 b, aselect switch 14 c, an A-button 14 d, a B-button 14 e, an X-button 14 f, a Y-button 14 g, an L-button 14L, and an R-button 14R (collectively referred to as an operation switch section 14) are provided as input devices. As an additional input device, atouch panel 15 is attached onto a screen of thesecond LCD 12. Thelower housing 13 b is also provided withsound holes 33 a around thesecond LCD 12. Amicrophone 33 is provided in the vicinity of the sound holes 33 a and inside thelower housing 13 b. Themicrophone 33 converts sound entering through the sound holes 33 a from the outside of thelower housing 13 b, into an electrical signal (audio signal). Thelower housing 13 b is also provided with apower button 19, and a slot into which astick 16 is inserted. - The
touch panel 15 may be of any type including, for example, a resistance film type, an optical (infrared) type, an electrostatic capacitance coupling type, and the like. Thetouch panel 15 has a function of outputting coordinate data corresponding to a touch position where thestick 16 touches a surface of thetouch panel 15. Although it is hereinafter assumed that a player operates thetouch panel 15 using thestick 16, a pen (stylus pen) or a finger can be used instead of thestick 16 so as to operate thetouch panel 15. In this embodiment, thetouch panel 15 has the same resolution (detection precision) as that of thesecond LCD 12, i.e., 256 dots×192 dots. Note that thetouch panel 15 and thesecond LCD 12 do not need to have the same resolution. - Next, an internal structure of the
game apparatus 10 will be described with reference toFIG. 5 . InFIG. 5 , aCPU core 21 is provided on anelectronic circuit board 20 which is housed in thehousing 13. Aconnector 23, an input/output interface circuit (denoted as an I/F circuit inFIG. 2 ) 25, a first GPU (Graphics Processing Unit) 26, asecond GPU 27, aRAM 24, and anLCD controller 31 are connected via abus 22 to theCPU core 21. Thememory card 17 is detachably connected to theconnector 23. Thememory card 17 comprises theROM 17 a which stores thedata 1 to 4 ofFIG. 1 and theRAM 17 b which stores rewritable backup data. The game program (contents 1) stored in theROM 17 a of thememory card 17 is loaded into theRAM 24, and the game program loaded in theRAM 24 is executed by theCPU core 21. In addition to the game program, theRAM 24 stores temporary data obtained by theCPU core 21 executing the game program, data for generating a game image, and the like. - The
operation switch section 14, thetouch panel 15, theright loudspeaker 30 a, theleft loudspeaker 30 b, and themicrophone 33 are connected to the I/F circuit 25. Theright loudspeaker 30 a and theleft loudspeaker 30 b are provided inside under the sound holes 18 a and 18 b, respectively. TheCPU core 21 outputs audio data (sound source) stored in theRAM 24 or the like from the I/F circuit 25 via an A/D conversion circuit (not shown), an amplifier (not shown) and the like to theloudspeakers loudspeakers microphone 33 is stored via the I/F circuit 25 to theRAM 24. - A first VRAM (Video RAM) 28 is connected to the
first GPU 26, and asecond VRAM 29 is connected to thesecond GPU 27. Thefirst GPU 26 generates a first game image based on data for generating a game image, the data being stored in theRAM 24, and draws the first game image into thefirst VRAM 28, in accordance with an instruction from theCPU core 21. Similarly, thesecond GPU 27 generates a second game image and draws the second game image into thesecond VRAM 29, in accordance with an instruction from theCPU core 21. Thefirst VRAM 28 and thesecond VRAM 29 are connected to theLCD controller 31. - The
LCD controller 31 includes aregister 32. Theregister 32 stores a value of 0 or 1 in accordance with an instruction from theCPU core 21. When the value of theregister 32 is 0, theLCD controller 31 outputs the first game image drawn in thefirst VRAM 28 to thefirst LCD 11, and outputs the second game image drawn in thesecond VRAM 29 to thesecond LCD 12. - The above-described configuration of the
game apparatus 10 is only for illustrative purposes. The authentication apparatus can be implemented by any computer system which reproduces and/or executes thecontents 1. - Hereinafter, an authentication process performed by the
game apparatus 10 will be described in detail.FIG. 6 is a diagram showing main data stored in theRAM 24 of thegame apparatus 10. InFIG. 6 , theRAM 24 includes an authenticationprogram storage area 41, acontent storage area 42, a first hashfunction storage area 43, a second hashfunction storage area 44, and a digital signature generationdata storage area 45. - The authentication
program storage area 41 is used to store an authentication program for executing the authentication process with respect to thecontents 1. The authentication program is previously stored, but is not a program obtained from thememory card 17. - The
content storage area 42 is used to store a part of thecontents 1 stored in thememory card 17. Thegame apparatus 10 reads out a required data portion of thecontents 1 as appropriate into thecontent storage area 42, and executes a game process using the read data portion. - The first hash
function storage area 43 is used to store the first hash function. The second hashfunction storage area 44 is used to store the second hash function. The data of the first and second hash function is previously stored as with the authentication program. Note that, when the first hash function and the second hash function are the same hash function, only one of the first and second hashfunction storage areas - The digital signature generation
data storage area 45 is used to store data required for authentication using thedigital signature 4, i.e., the data of the digital signature generating hash function and the public key. The public key is paired with the encryption key stored in thewrite apparatus 6. Note that the data required for authentication using thedigital signature 4 is previously stored as with the authentication program. - Note that the
RAM 24 is used to store various data (described below) used for the authentication process in addition to the data stored in thestorage areas 41 to 45. - Next, the authentication process will be described in detail. In this embodiment, the authentication process includes an authentication process (first authentication process) executed when the
memory card 17 is attached to thegame apparatus 10, and processes (second and third authentication processes) executed when thegame apparatus 10 reads out the data of thecontents 1 from thememory card 17. Specifically, the first authentication process is executed in response to attachment of thememory card 17 to thegame apparatus 10. The second and third authentication processes are executed when thegame apparatus 10 reads out the data of thecontents 1 from thememory card 17. -
FIG. 7 is a flowchart showing the first authentication process executed in thegame apparatus 10. The first authentication process ofFIG. 7 is executed in response to attachment of thememory card 17 to thegame apparatus 10. The first authentication process is executed independently of whether or not thecontents 1 stored in thememory card 17 are provided by an authentic provider. Note that thegame apparatus 10 does not read out thecontents 1 until reading of thecontents 1 is permitted in the first authentication process. - In step S11 of
FIG. 7 , theCPU core 21 reads out the second digest table 3 and thedigital signature 4 from thememory card 17 attached to thegame apparatus 10 into theRAM 24. In steps S12 to S16 executed after step S11, the first authentication process, i.e., an authentication process for thecontents 1 using the second digest table 3 and thedigital signature 4, is performed. - In the following step S12, the
CPU core 21 decrypts the readdigital signature 4 to generate a digest value. Thedigital signature 4 is decrypted using the data of the public key stored in the digital signature generationdata storage area 45. Further, in step S13, a digest value is calculated from the read second digest table 3. The digest value is calculated by applying a digital signature generating hash function to the second digest table 3. The digital signature generating hash function is stored in the digital signature generationdata storage area 45. Note that, in another embodiment, the processes of steps S12 and S13 may be executed in any order or in parallel. - In step S14, the
CPU core 21 determines whether or not the digest value generated in step S12 is equal to the digest value generated in step S13. When these two digest values are equal to each other, it is determined that authentication is successful in the first authentication process, and a process of step S15 is executed. On the other hand, when the two digest values are not equal to each other, it is determined that authentication is not successful in the first authentication process, and a process of step S16 is executed. - In step S15, reading of the contents 1 (execution of the game process) is permitted, and the
CPU core 21 ends the first authentication process ofFIG. 7 . Thereby, in step S15 and later, the game process which uses thecontents 1 is executed. In step S15, the authenticity of thecontents 1 is verified by the first authentication process. Note that, in this embodiment, even when the authenticity of thecontents 1 is verified by the first authentication process, the authenticity of thecontents 1 may not be verified in the second authentication process and the third authentication process which are executed after the first authentication process. - On the other hand, in step S16, reading of the contents 1 (execution of the game process) is forbidden. In this case, the game program included in the
contents 1 cannot be executed, and therefore, theCPU core 21 ends the process ofFIG. 7 . Note that, in step S16, theCPU core 21 may display a message indicating that thecontents 1 in thememory card 17 are not authentic (e.g., “this memory card cannot be used”, etc.) on the screen of thefirst LCD 11 or thesecond LCD 12. - Note that, after the end of the first authentication process of
FIG. 7 , theCPU core 21 may delete the digest value calculated from the second digest table 3 and the data of thedigital signature 4 from theRAM 24. Also, in this embodiment, the second digest table 3 is held in theRAM 24 since the second digest table 3 is used in the second authentication process described below. - In the first authentication process, when the authenticity of the
contents 1 is verified, theCPU core 21 proceeds to perform a game process by performing a process of reading out and executing the game program included in thecontents 1, a process of reading out game data (image data, sound data, etc.) included in thecontents 1, or the like. Here, data of thecontents 1 is read out on a block-by-block basis into thegame apparatus 10. When one block of data portion is read out from thecontents 1, the second authentication process and the third authentication process are executed. Hereinafter, the second authentication process and the third authentication process will be described in detail. -
FIG. 8 is a flowchart showing the second and third authentication processes executed in thegame apparatus 10. The second and third authentication processes ofFIG. 8 are executed in response to reading of one block from thecontents 1 by thegame apparatus 10. Note that thegame apparatus 10 does not use thecontents 1, i.e., the game process based on thecontents 1 is not executed, until the use of thecontents 1 is permitted in the second and third authentication processes. - In step S21 shown in
FIG. 8 , theCPU core 21 designates a block to be read out of the data portions (content data portions) of thecontents 1. Note that a content data portion to be read out is determined by the game process which has been so far executed. Of the blocks in thecontents 1, a block including a content data portion to be first read out is previously determined. When thegame apparatus 10 first reads out thecontents 1, theCPU core 21 designates the previously determined block. - In steps S22 to S25 after step S21, the second authentication process is executed. In the second authentication process, of the groups included in the first digest table 2, the authenticity of primary digest values included in a group corresponding to the block designated by the step S21 is verified.
- In step S22, the
CPU core 21 designates a group corresponding to the block designated by step S21. Specifically, a group including primary digest values corresponding to a content data portion included in the block is designated. For example, when a block A shown inFIG. 1 is designated, a group including primary digest values A to D is designated as a group corresponding to the block A. - In the following
step 23, theCPU core 21 reads out the primary digest values of the designated group from thememory card 17. The data thus read out is stored into theRAM 24. Note that, in step S23, the data of a group which has been stored in theRAM 24 by the previous step S23 is overwritten with the data of a new group in theRAM 24. In other words, only the data of the latest group is stored in theRAM 24, and therefore, theRAM 24 may have a storage area having a capacity corresponding to one group, as a storage area for the first digest table 2. - Further, in step S24, the primary digest values of the designated group are used to calculate a secondary digest value corresponding to the group. The secondary digest value is calculated by applying the second hash function to the primary digest values included in the designated group. The second hash function is stored in the second hash
function storage area 44. - In step S25, the
CPU core 21 determines whether or not the secondary digest value calculated in step S24 is equal to a secondary digest value corresponding to the designated group. Note that the latter secondary digest value is obtained from the second digest table 3 which has already been read out into theRAM 24 in step S11 ofFIG. 7 . For example, when the group including the primary digest values A to D ofFIG. 1 has been designated, the secondary digest value corresponding to the group is the secondary digest value a ofFIG. 1 . When it is determined in step S25 that these two digest values are equal to each other, it is determined that authentication is successful in the second authentication process, and a process of step S26 is executed. On the other hand, when the two digest values are not equal to each other, it is determined that authentication is not successful in the second authentication process, and a process of step S30 is executed. - When authentication is successful in the second authentication process, the third authentication process is executed in steps S26 to S29. In the third authentication process, the authenticity of the block designated by step S21 of the blocks included in the
contents 1 is verified. - In step S26, the
CPU core 21 reads out the designated block (a content data portion included in the block) from thememory card 17. The data thus read out is stored into thecontent storage area 42 of theRAM 24. Although thecontent storage area 42 may be capable of storing at least one block of thecontents 1, thecontent storage area 42 may be capable of storing a plurality of blocks (e.g., two blocks) of thecontents 1. - In the following step S27, a primary digest value corresponding to the designated block is calculated. The digest value is calculated by applying the first hash function to the content data portion included in the designated block. The first hash function is stored in the first hash
function storage area 43. - In step S28, the
CPU core 21 determines whether or not the primary digest value calculated by step S27 is equal to a primary digest value corresponding to the designated block. Note that the latter primary digest value is obtained from the first digest table 2 which has already been read out into theRAM 24 in step S23. When these two digest values are equal to each other, it is determined that authentication is successful in the third authentication process, and a process of step S29 is executed. On the other hand, when the two digest values are not equal to each other, it is determined that authentication is not successful in the third authentication process, and a process of step S30 is executed. - In step S29, the
CPU core 21 permits the use of the read block, and executes a process based on the block. For example, if the read block is a game program, theCPU core 21 executes the game program to execute a game process. Note that, in this embodiment, thecontents 1 may be encrypted on, for example, a block-by-block basis. When thecontents 1 are encrypted, the encrypted data of thecontents 1 is decrypted in step S29 (or step S26). After step S29, theCPU core 21 ends the process ofFIG. 8 . Thereafter, when thecontents 1 need to be read in a game process, the process ofFIG. 8 is executed again. The process ofFIG. 8 is executed every time a block of thecontents 1 is read out. - Note that, in another embodiment, the first and second digest tables 2 and 3 stored in the
memory card 17 may be encrypted as with thecontents 1. In this case, theCPU core 21 decrypts the first digest table 2 in step S23. Also, theCPU core 21 decrypts the second digest table 3 in step S11. Thedata 1 to 3 may be encrypted using different schemes or keys. - On the other hand, in step S30, the use of the
contents 1 is forbidden, so that theCPU core 21 ends the process ofFIG. 8 . Note that a message indicating that thecontents 1 of thememory card 17 are not authentic may be displayed on the screen of thefirst LCD 11 or thesecond LCD 12 in step S30 as in step S16. In addition, after step S30, theCPU core 21 suspends a game process even during execution of the game process. - As described above, according to this embodiment, in the first to third authentication processes, not the whole first digest table 2 needs to be read out into the
RAM 24, and the second digest table 3 and only one group of the first digest table 2 need to be read out for the purpose of authentication. Therefore, a memory area required for the authentication process can be reduced as compared to conventional methods, in which the whole first digest table 2 is read out. - Note that, when the
content storage area 42 can store data of a plurality of blocks of thecontents 1, the second and third authentication processes may not be performed for data of thecontents 1 which has already been stored in thecontent storage area 42. Specifically, in the process ofFIG. 8 , theCPU core 21 may determine whether or not a block designated by step S21 has already been stored in thecontent storage area 42, before the process of step S22. When the block has already been stored, the processes of steps S22 to S28 are skipped and the process of step S29 may be executed. - Note that, in the above-described embodiment, the digital signature generating hash function may be preferably a hash function which is stronger than the first and second hash functions (more difficult to break, i.e., a higher level of security). This is because the digital signature generating hash function is used only once when the
memory card 17 is attached, and therefore, a function in which an importance is put on security is preferably employed as the digital signature generating hash function. Note that the security level of a hash function is determined, depending on the number of bits in the process of calculating a digest value, the number of bits of a digest value, whether or not a digest value is encrypted, or the like. Specifically, a hash function having a relatively large number of bits in the digest value calculating process or a relatively large number of bits of a digest value, is stronger than a hash function having a relatively smaller one. Also, a hash function with encryption (a hash function with a key) is considered to be stronger than the hash function without encryption. - In the above-described embodiment, it is assumed that the first hash function and the second hash function are the same. In another embodiment, the first hash function and the second hash function may be different from each other so as to reduce the processing amounts of the second authentication process and the third authentication process. In this case, as the second hash function, a hash function having a smaller processing amount for calculating a digest value than that of the first hash function is preferably used. In other words, as the first hash function, a hash function stronger than the second hash function is preferably used. For example, in another embodiment, SHA-1 may be used as the first hash function, while MD-5 may be used as the second hash function. Note that, in this case, the digital signature generating hash function is preferably stronger than the first and second hash functions, and therefore, for example, SHA-256 is used as the digital signature generating hash function.
- A reason why a hash function stronger than the second hash function is used as the first hash function is that the
contents 1 are more easily tampered when the first hash function is broken than when the second hash function is broken. The first hash function indicates a relationship between thecontents 1 and the primary digest values. Therefore, when the first hash function is broken, thecontents 1 can be directly tampered. However, even when the second hash function is broken, thecontents 1 cannot be directly tampered. Therefore, when the processing amount of either the second authentication process or the third authentication process is desired to be reduced, it is preferably to reduce the security level of the second hash function. - It has been described in the embodiment above that the data structure of
FIG. 1 , which is stored in a storage medium, such as a memory card or the like, is provided to the content user. In another embodiment, the data structure ofFIG. 1 may be provided to the content user via communication on a network. For example, in certain example embodiments may include a system in which an authentication apparatus (e.g., the game apparatus 10) can communicate via a network with a server apparatus storing the data structure. Note that the operation of the authentication apparatus in this system is similar to that of the above-described embodiment, except that a process of receiving data from the server apparatus is performed instead of the process of reading out data from a memory card. - Certain example embodiments may include, for example, a system which provides a game program to the user, a game apparatus which is used in the system, and the like, for the purpose of efficiently performing the checking process, reducing a memory capacity required for authentication, or the like.
- While the invention has been described in detail, the foregoing description is in all aspects illustrative and not restrictive. It is understood that numerous other modifications and variations can be devised without departing from the scope of the invention.
Claims (19)
1. A non-transitory computer readable storage medium for, in use, being accessed by an information processing system of the type including at least one user input device, at least one processor, and a random access memory operatively coupled to the processor, said processor, in use, transferring at least some data and/or instructions stored on the storage medium into the random access memory, said storage medium storing digital data readable by the information processing system, the digital data comprising:
at least first and second content portions for, in use, being loaded into said random access memory to provide random accessibility thereof;
a primary digest table comprising at least first and second stored primary digest values, the first primary digest value comprising a hash transformation of the first content portion, the second primary digest value comprising a hash transformation of the second content portion, said first and second primary digest values for, in use, being compared against calculated values to authenticate said first and second content portions;
a secondary digest table that includes at least one secondary digest value comprising a hash transformation of at least the first and second primary digest values, said secondary digest value, in use, verifying the authenticity of content portions not necessarily yet loaded into said random access memory by comparison with a value calculated from said first and second primary digest values; and
a digital signature generated from at least a portion of the secondary digest table, the digital signature being configured to assert the authenticity of the secondary digest table.
2. The medium of claim 1 , wherein the secondary digest table includes another stored secondary digest value.
3. The medium of claim 1 , wherein the at least first content portion includes at least some program instructions.
4. The medium of claim 1 , wherein the digital signature is further configured to assert the authenticity of the secondary digest table before the stored secondary digest value, in use, verifies the authenticity of the content portions.
5. The medium of claim 1 , wherein the digital signature is further configured to be removed from the memory after authenticity of the secondary digest table has been verified.
6. The medium of claim 1 , wherein the first and second stored primary digest values are, in use, communicated to the information processing system and loaded into the random access memory.
7. The medium of claim 1 , wherein the medium is included in a server computing system and the first and second content portions are configured to be communicated from the server computing system through a computer network to the information processing system.
8. A portable authentication apparatus configured to be read by a portable computer system that includes at least one input device, at least one processor, at least one display device, and a memory that is communicably connected to the at least one processor, the apparatus comprising:
at least first and second program segments, the at least first and second program segments configured to be communicated via a random access method to the portable computer system such that the first and second program segments are loaded into the memory to be accessible by the at least one processor for execution, the first and second program segments being authenticated before display on the display device and/or execution on the at least one processor;
a first digest table that includes at least first and second stored primary digest values, the first stored primary digest value based at least in part on a transformation of the first program segment, the second stored primary digest value based at least in part on a transformation of the second program segment, the stored first and second primary digest values configured to be communicated to the portable computer system to be compared against calculated first and second primary digest values in order to authenticate the first and second program segments;
a secondary digest table that includes at least one stored secondary digest value that is based at least in part on a transformation of at least the first and second stored primary digest values, the stored secondary digest value set to be communicated to the portable computing system to at least verify the authenticity of the yet to be communicated first and second program segments by an assertion against a calculated secondary digest value that is based at least in part on the first and second stored primary digest values; and
a digital signature generated from at least a portion of the secondary digest table, the digital signature configured to be communicated to the portable computing system to assert the authenticity of the secondary digest table.
9. The apparatus of claim 8 , wherein the first and/or second program segments include program instructions that, in use, are set to executed by the at least one processor.
10. The apparatus of claim 8 , wherein, in response to connection of the portable authentication apparatus to the portable computer system, the digital signature is set to be loaded into the memory.
11. The apparatus of claim 10 , wherein the digital signature is further configured to assert the authenticity of the secondary digest table before the at least one stored secondary digest value is, in use, used to verify the authenticity of the yet to be communicated first and second program segments.
12. A portable memory card that is configured to be placed into a housing of a portable computer system that includes at least one user input device, at least one processor, at least one display device, and a memory storage that is operablely connected to the at least one processor, the card comprising:
at least one program segment that is configured to be communicated to the computer system and loaded into the memory storage at a first time period;
at least one stored primary digest value that is included in a primary digest table, the at least one stored primary digest value based at least in part on a transformation of the at least one program segment, the at least one stored primary digest value to be, in use, communicated to the computer system and loaded into the memory storage at a second time period that is before the first time period, the at least one stored primary digest value to be compared against a calculated primary digest value that is based at least in part on the at least one program segment;
at least one stored secondary digest value that is included in a secondary digest table, the at least one stored secondary digest value being based at least in part on a transformation of the at least one stored primary digest value, the at least one stored secondary digest value to be, in use, communicated to the portable computer system at a third time period that is before the second time period, the at least one stored secondary digest value configured to be asserted against a calculated secondary digest value that is based at least in part on the at least one store primary digest value before the first time period; and
a digital signature that is generated from at least the at least one stored secondary digest value, the digital signature being communicated to the portable computer system to assert the authenticity of the secondary digest table.
13. The card of claim 12 , wherein the at least one program segment is configured to be authenticated before: display on the at least one display device and/or execution by the at least one processor.
14. The card of claim 12 , wherein the at least one program segment includes at least some program instructions.
15. The card of claim 12 , wherein the digital signature is configured to be deleted from the memory after the second time period.
16. The card of claim 12 , wherein the at least one program segment includes program content.
17. The card of claim 12 , wherein the at least one program segment is configured to determine other program segments of the memory card to be communicated to the portable computer system.
18. A portable memory card that is configured to be detachably attached to a portable game device having first and second displays, first and second graphics processors, a central processor, and random access memory, the at lease one of the first and second displays including a touch panel, the first and second graphics processors configured to communicate with the first and second displays, the central processor configured to read data from the random access memory for execution thereof, the portable memory card comprising:
at least first and second program segments, the at least first and second program segments configured to be communicated to the portable computer system such that the first and second program segments are loaded into the random access memory to be accessible central processor for execution, the first and second program segments, in use, being authenticated before execution by the central processor;
a first digest table that includes at least first and second stored primary digest values, the first stored primary digest value based at least in part on a transformation of the first program segment, the second stored primary digest value based at least in part on a transformation of the second program segment, the stored first and second primary digest values configured to be communicated to the portable game device to be compared against calculated first and second primary digest values in order to authenticate the first and second program segments;
a secondary digest table that includes at least one stored secondary digest value that is based at least in part on a transformation of at least the first and second stored primary digest values, the stored secondary digest value set to be communicated to the portable game device to at least verify the authenticity of the yet to be communicated first and second program segments by an assertion against a calculated secondary digest value that is based at least in part on the first and second stored primary digest values; and
a digital signature generated from at least a portion of the secondary digest table, the digital signature configured to be communicated to the portable game device to assert the authenticity of the secondary digest table.
19. A data authentication system comprising:
a portable memory card that includes:
at least one program segment of a computer program;
at least one stored primary digest value that is included a primary digest table, the at least one stored primary digest value based at least in part on a transformation of the at least one program segment;
at least one stored secondary digest value that is included in a secondary digest table, the at least one stored secondary digest value being based at least in part on a transformation of the at least one stored primary digest value;
a digital signature that is generated from at least the at least one stored secondary digest value;
a portable game device that includes:
a housing;
random access memory;
at least one processor that is communicably connected to the random access memory, the at least one processor configured to:
load the secondary digest table and digital signature from the portable memory card into the random access memory;
perform a first verification by comparing a value calculated from the secondary digest table to a value derived from the digital signature;
perform a second verification, after the first verification, that includes 1) loading the at least one stored primary digest value and 2) comparing the at least one stored secondary digest value to a calculated value that is based at least in part on the at least one stored primary digest value;
perform a third verification, after the second verification, that includes 1) loading the at least one program segment and 2) comparing the at least one stored primary digest value to a calculated value that is based at least in part on a transformation of the at least one program segment.
execute the at least one program segment after the third verification.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/153,706 US20110237326A1 (en) | 2006-07-10 | 2011-06-06 | Data authentication method and data authentication system |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2006189696A JP5002205B2 (en) | 2006-07-10 | 2006-07-10 | Data authentication method and data authentication system |
JP2006-189696 | 2006-07-10 | ||
US11/802,983 US7979719B2 (en) | 2006-07-10 | 2007-05-29 | Data authentication method and data authentication system |
US13/153,706 US20110237326A1 (en) | 2006-07-10 | 2011-06-06 | Data authentication method and data authentication system |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/802,983 Continuation US7979719B2 (en) | 2006-07-10 | 2007-05-29 | Data authentication method and data authentication system |
Publications (1)
Publication Number | Publication Date |
---|---|
US20110237326A1 true US20110237326A1 (en) | 2011-09-29 |
Family
ID=38920353
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/802,983 Active 2030-04-07 US7979719B2 (en) | 2006-07-10 | 2007-05-29 | Data authentication method and data authentication system |
US13/153,706 Abandoned US20110237326A1 (en) | 2006-07-10 | 2011-06-06 | Data authentication method and data authentication system |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/802,983 Active 2030-04-07 US7979719B2 (en) | 2006-07-10 | 2007-05-29 | Data authentication method and data authentication system |
Country Status (2)
Country | Link |
---|---|
US (2) | US7979719B2 (en) |
JP (1) | JP5002205B2 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20110050394A1 (en) * | 2009-08-27 | 2011-03-03 | Symbol Technologies, Inc. | Systems and methods for pressure-based authentication of an input on a touch screen |
US20130058477A1 (en) * | 2011-09-05 | 2013-03-07 | Sony Corporation | Information processing device, information processing system, information processing method, and program |
US20140115342A1 (en) * | 2004-09-02 | 2014-04-24 | Sony Corporation | Information processing apparatus, information storage medium, content management system, data processing method, and computer program |
US9018030B2 (en) | 2008-03-20 | 2015-04-28 | Symbol Technologies, Inc. | Transparent force sensor and method of fabrication |
US20150334113A1 (en) * | 2014-05-16 | 2015-11-19 | The Boeing Company | Vehicle Data Delivery |
CN111614805A (en) * | 2019-02-25 | 2020-09-01 | 三星电子株式会社 | Electronic device |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
IL149759A (en) * | 2002-05-20 | 2009-07-20 | Eyal Cohen | Method and system for protecting digital media from illegal copying |
JP5013109B2 (en) * | 2008-04-01 | 2012-08-29 | ブラザー工業株式会社 | Wireless tag communication device |
DE102010002472A1 (en) * | 2010-03-01 | 2011-09-01 | Robert Bosch Gmbh | Method for verifying a memory block of a non-volatile memory |
WO2012120818A1 (en) * | 2011-03-10 | 2012-09-13 | パナソニック株式会社 | Content delivery system, content delivery subsystem and reproduction device |
JP2015125533A (en) * | 2013-12-26 | 2015-07-06 | 株式会社メガチップス | Information processing system, communication device, and storage device |
JP2017156938A (en) * | 2016-03-01 | 2017-09-07 | ヤンマー株式会社 | Terminal device and software rewriting program |
US11216591B1 (en) * | 2019-06-12 | 2022-01-04 | Xilinx, Inc. | Incremental authentication for memory constrained systems |
US20220020019A1 (en) * | 2020-07-20 | 2022-01-20 | Jiangsu Aowei Holdings Co., Ltd. | Smart Contract-Based Electronic Contract Forensics Method and System |
Citations (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4795890A (en) * | 1987-02-02 | 1989-01-03 | Light Signatures, Inc. | Device authentication system for on and off line use |
US5177342A (en) * | 1990-11-09 | 1993-01-05 | Visa International Service Association | Transaction approval system |
US5291399A (en) * | 1990-07-27 | 1994-03-01 | Executone Information Systems, Inc. | Method and apparatus for accessing a portable personal database as for a hospital environment |
US20030084298A1 (en) * | 2001-10-25 | 2003-05-01 | Messerges Thomas S. | Method for efficient hashing of digital content |
US20040064703A1 (en) * | 2002-09-13 | 2004-04-01 | Fujitsu Limited | Access control technique using cryptographic technology |
US20050066169A1 (en) * | 2003-09-18 | 2005-03-24 | Perry Kiehtreiber | Method and apparatus for incremental code signing |
US20060277415A1 (en) * | 2003-09-10 | 2006-12-07 | Staring Antonius A M | Content protection method and system |
US7308508B1 (en) * | 1999-07-13 | 2007-12-11 | Sony Corporation | Distribution contents forming method, contents distributing method and apparatus, and code converting method |
US7436440B2 (en) * | 2002-09-24 | 2008-10-14 | Canon Kabushiki Kaisha | Image processing apparatus and method for describing recorded attribute information using tags, and program for implementing the method |
US7496756B2 (en) * | 2001-09-11 | 2009-02-24 | Sony Corporation | Content usage-right management system and management method |
US7900060B2 (en) * | 2006-02-17 | 2011-03-01 | Vudu, Inc. | Method and system for securing a disk key |
US7921137B2 (en) * | 2005-07-18 | 2011-04-05 | Sap Ag | Methods and systems for providing semantic primitives |
US7958364B2 (en) * | 2007-08-09 | 2011-06-07 | Hong Fu Jin Precision Industry (Shenzhen) Co., Ltd. | System and method for digitally signing electronic documents |
US8006298B1 (en) * | 2006-07-11 | 2011-08-23 | Sprint Communications Company L.P. | Fraud detection system and method |
US8055308B2 (en) * | 2003-09-30 | 2011-11-08 | General Motors Llc | Method and system for responding to digital vehicle requests |
US8195819B1 (en) * | 2009-07-13 | 2012-06-05 | Sprint Communications Company L.P. | Application single sign on leveraging virtual local area network identifier |
US8239686B1 (en) * | 2006-04-27 | 2012-08-07 | Vudu, Inc. | Method and system for protecting against the execution of unauthorized software |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0972374A1 (en) * | 1998-02-04 | 2000-01-19 | Sun Microsystems, Inc. | Method and apparatus for efficient authentication and integrity checking using hierarchical hashing |
CN101329714B (en) * | 2004-04-02 | 2015-06-17 | 松下电器产业株式会社 | Unauthorized content detection system |
JP4576936B2 (en) | 2004-09-02 | 2010-11-10 | ソニー株式会社 | Information processing apparatus, information recording medium, content management system, data processing method, and computer program |
-
2006
- 2006-07-10 JP JP2006189696A patent/JP5002205B2/en active Active
-
2007
- 2007-05-29 US US11/802,983 patent/US7979719B2/en active Active
-
2011
- 2011-06-06 US US13/153,706 patent/US20110237326A1/en not_active Abandoned
Patent Citations (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4795890A (en) * | 1987-02-02 | 1989-01-03 | Light Signatures, Inc. | Device authentication system for on and off line use |
US5291399A (en) * | 1990-07-27 | 1994-03-01 | Executone Information Systems, Inc. | Method and apparatus for accessing a portable personal database as for a hospital environment |
US5177342A (en) * | 1990-11-09 | 1993-01-05 | Visa International Service Association | Transaction approval system |
US20080028101A1 (en) * | 1999-07-13 | 2008-01-31 | Sony Corporation | Distribution contents forming method, contents distributing method and apparatus, and code converting method |
US7653752B2 (en) * | 1999-07-13 | 2010-01-26 | Sony Corporation | Distribution contents forming method, contents distributing method and apparatus, and code converting method |
US7308508B1 (en) * | 1999-07-13 | 2007-12-11 | Sony Corporation | Distribution contents forming method, contents distributing method and apparatus, and code converting method |
US7496756B2 (en) * | 2001-09-11 | 2009-02-24 | Sony Corporation | Content usage-right management system and management method |
US20030084298A1 (en) * | 2001-10-25 | 2003-05-01 | Messerges Thomas S. | Method for efficient hashing of digital content |
US20040064703A1 (en) * | 2002-09-13 | 2004-04-01 | Fujitsu Limited | Access control technique using cryptographic technology |
US7436440B2 (en) * | 2002-09-24 | 2008-10-14 | Canon Kabushiki Kaisha | Image processing apparatus and method for describing recorded attribute information using tags, and program for implementing the method |
US20060277415A1 (en) * | 2003-09-10 | 2006-12-07 | Staring Antonius A M | Content protection method and system |
US20050066169A1 (en) * | 2003-09-18 | 2005-03-24 | Perry Kiehtreiber | Method and apparatus for incremental code signing |
US8055308B2 (en) * | 2003-09-30 | 2011-11-08 | General Motors Llc | Method and system for responding to digital vehicle requests |
US7921137B2 (en) * | 2005-07-18 | 2011-04-05 | Sap Ag | Methods and systems for providing semantic primitives |
US7900060B2 (en) * | 2006-02-17 | 2011-03-01 | Vudu, Inc. | Method and system for securing a disk key |
US8239686B1 (en) * | 2006-04-27 | 2012-08-07 | Vudu, Inc. | Method and system for protecting against the execution of unauthorized software |
US8006298B1 (en) * | 2006-07-11 | 2011-08-23 | Sprint Communications Company L.P. | Fraud detection system and method |
US7958364B2 (en) * | 2007-08-09 | 2011-06-07 | Hong Fu Jin Precision Industry (Shenzhen) Co., Ltd. | System and method for digitally signing electronic documents |
US8195819B1 (en) * | 2009-07-13 | 2012-06-05 | Sprint Communications Company L.P. | Application single sign on leveraging virtual local area network identifier |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20140115342A1 (en) * | 2004-09-02 | 2014-04-24 | Sony Corporation | Information processing apparatus, information storage medium, content management system, data processing method, and computer program |
US9037867B2 (en) * | 2004-09-02 | 2015-05-19 | Sony Corporation | Information processing apparatus, information storage medium, content management system, data processing method, and computer program |
US9018030B2 (en) | 2008-03-20 | 2015-04-28 | Symbol Technologies, Inc. | Transparent force sensor and method of fabrication |
US20110050394A1 (en) * | 2009-08-27 | 2011-03-03 | Symbol Technologies, Inc. | Systems and methods for pressure-based authentication of an input on a touch screen |
US8988191B2 (en) * | 2009-08-27 | 2015-03-24 | Symbol Technologies, Inc. | Systems and methods for pressure-based authentication of an input on a touch screen |
US20130058477A1 (en) * | 2011-09-05 | 2013-03-07 | Sony Corporation | Information processing device, information processing system, information processing method, and program |
US8908860B2 (en) * | 2011-09-05 | 2014-12-09 | Sony Corporation | Information processing device, system, and method, including hash value replacement processing and signature verification processing as part of encrypted content playback propriety determination processing |
US20150334113A1 (en) * | 2014-05-16 | 2015-11-19 | The Boeing Company | Vehicle Data Delivery |
US9407635B2 (en) * | 2014-05-16 | 2016-08-02 | The Boeing Company | Vehicle data delivery |
CN111614805A (en) * | 2019-02-25 | 2020-09-01 | 三星电子株式会社 | Electronic device |
US11137798B2 (en) * | 2019-02-25 | 2021-10-05 | Samsung Electronics Co., Ltd. | Electronic device |
US11940840B2 (en) | 2019-02-25 | 2024-03-26 | Samsung Electronics Co., Ltd. | Electronic device |
Also Published As
Publication number | Publication date |
---|---|
JP2008022074A (en) | 2008-01-31 |
US20080010462A1 (en) | 2008-01-10 |
US7979719B2 (en) | 2011-07-12 |
JP5002205B2 (en) | 2012-08-15 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7979719B2 (en) | Data authentication method and data authentication system | |
US8191129B2 (en) | Apparatus and method for processing digital rights object | |
EP2082199B1 (en) | A data storage device and method | |
TW514844B (en) | Data processing system, storage device, data processing method and program providing media | |
TW514845B (en) | Data storage regenerator and data storage processing method and program providing media | |
US9075957B2 (en) | Backing up digital content that is stored in a secured storage device | |
US20110283362A1 (en) | data storage device and method | |
US8245307B1 (en) | Providing secure access to a secret | |
JP2006121689A (en) | Method for sharing and generating system key in drm system, and its device | |
US20060155651A1 (en) | Device and method for digital rights management | |
WO2006004130B1 (en) | Data management method, program thereof, and program recording medium | |
US20100205434A1 (en) | Download security system | |
JPWO2003013054A1 (en) | Apparatus and method for generating data for detecting tampering of encrypted data with processing | |
KR20120007012A (en) | Memory device and method for adaptive protection of content | |
US10956540B2 (en) | Unified digital rights management for heterogenous computing platforms | |
JP5315422B2 (en) | Data authentication method and data authentication system | |
JP5085778B1 (en) | Information processing apparatus, activation control method, and program | |
US9176897B2 (en) | Writing area security system | |
KR101167458B1 (en) | Digital content management methods and systems | |
AU2005263103B2 (en) | Apparatus and method for processing digital rights object | |
JP5023621B2 (en) | Content management system | |
CN106611108B (en) | Optical disk copyright protection method | |
CN114244565B (en) | Key distribution method, device, equipment and storage medium | |
JP2018166714A (en) | Connection control system | |
WO2010109560A1 (en) | Semiconductor memory, computer machine connected with semiconductor memory, and data processing method of same |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |