Abstract: A controller is provided with a controller key and a first controller identification information unique to the controller. The controller generates a controller unique key unique to a respective controller based on the controller key and the first controller identification information, and a second controller identification information based on the first controller identification information. A decryptor decrypts the encrypted medium device key using the controller unique key to obtain a medium device key. An authentication/key exchange process unit performs authentication/key exchange process with the host device through an interface unit using the medium device key and the medium device key certificate to establish the secure channel.

Abstract: A first data generation unit generates identification key information (FKey) that may be decrypted from the identification key information (IDKey) using key management information (FKB) read from an authenticatee. A decryption unit decrypts encrypted secret identification information (E-SecretID) using the identification key information (FKey) to generate secret identification information (SecretID). A second data generation unit generates a first session key (Skey) using the first key information (Hkey) and a random number. A one-way conversion unit performs a one-way conversion process on the secret identification information (SecretID) using the generated first session key (SKey) to generate first one-way conversion data (Oneway-ID).

Abstract: According to one embodiment, a authentication method comprising: generating a second key by the first key, the first key being stored in a memory and being prohibited from being read from outside; generating a session key by the second key; generating first authentication information, the secret identification information stored in a memory and being prohibited from being read from outside; transmitting encrypted secret identification information to an external device and receiving second authentication information from the external device, the encrypted secret identification information stored in a memory and readable, the second authentication information generated based on the encrypted secret identification information; and determining whether the first authentication information and the second authentication information match.

Abstract: A digital content protection method includes distributing, together with an encrypted content, an encrypted protected program key, a protected content key, and a protected code including an individual instruction code, at least some elements of which are designed according to a unique operation code specification for each content player or for each content player group.

Abstract: According to one embodiment, an authenticatee includes a memory configured to store a plurality of pieces of secret information XY and a plurality of pieces of secret information XYE which are created by encrypting the plurality of pieces of secret information XY, a generation module configured to generate a random number A, a generation module configured to generate a random number D which is composed of at least a part of the generated random number A and a random number B which is received, a calculating module configured to generate data C by executing a compression operation with respect to at least the random number D and the secret information XY loaded from the memory, a generation module configured to generate data ?, and a bit-by-bit addition module configured to calculate an result Z from the data ? to the data C.

Abstract: According to one embodiment, encrypted secret identification information (E-SecretID) and the key management information (FKB) are read from a memory device. Encrypted management key (E-FKey) is obtained using the key management information (FKB) and index information (k). The index information (k) and the encrypted management key (E-FKey) are transmitted to the semiconductor memory device. An index key (INK) is generated using the first key information (NKey) and the received index information (k). The encrypted management key (E-FKey) is decrypted using the index key (INK) to obtain management key (FKey), which is transmitted to the host device.

Abstract: A first data generation unit generates identification key information (FKey) that may be decrypted from the identification key information (IDKey) using key management information (FKB) read from an authenticatee. A decryption unit decrypts encrypted secret identification information (E-SecretID) using the identification key information (FKey) to generate secret identification information (SecretID). A second data generation unit generates a first session key (Skey) using the first key information (Hkey) and a random number. A one-way conversion unit performs a one-way conversion process on the secret identification information (SecretID) using the generated first session key (SKey) to generate first one-way conversion data (Oneway-ID).

Abstract: According to one embodiment, a method for authenticating a device, wherein the device holds secret identification information, encrypted secret identification information, and key management information, and an authenticator holds an identification key, the method includes reading, by the authenticator, the encrypted secret identification information and the key management information from the device, and obtaining, by the authenticator, a family key by using the key management information, the family key being capable of being decrypted with the identification key. The method further includes obtaining, by the authenticator, the secret identification information by decrypting the encrypted secret identification information with the family key.

Abstract: A controller is provided with a controller key and a first controller identification information unique to the controller. The controller generates a controller unique key unique to a respective controller based on the controller key and the first controller identification information, and a second controller identification information based on the first controller identification information. A decryptor decrypts the encrypted medium device key using the controller unique key to obtain a medium device key. An authentication/key exchange process unit performs authentication/key exchange process with the host device through an interface unit using the medium device key and the medium device key certificate to establish the secure channel.

Abstract: According to one embodiment, an authenticatee includes, a memory configured to store secret information XYmain, XYsub, and secret information XYmainE, XYsubE, a generation module configured to generate a random number A, a generation module configured to generate a random number D which is composed of at least a part of the generated random number A and a random number B which is received, a generation module configured to generate secret information XY based on the secret information XYmain, XYsub loaded from the memory, a calculating module configured to generate data C by executing a compression calculated operation with respect to at least a part of the random number D and the secret information XY, a generation module configured to generate data ?, and a bit-by-bit addition module configured to calculate an calculated result Z from the data ? and the data C.

Abstract: According to one embodiment, each memory chip included in a memory package includes a first storage unit that stores therein first information that is n-bit information and is a comparison target of a chip address, and is used for identifying its own memory chip, a second storage unit that stores therein second information for determining an effective bit of the n-bit first information, and a control unit that determines an effective bit of the n-bit first information and an effective bit of the chip address based on the second information.

Abstract: According to one embodiment, an information processing apparatus includes a nonvolatile semiconductor memory and a processor. The nonvolatile semiconductor memory stores identification information. The processor controls an application which executes authentication processing for authenticating validation of the identification information stored in the nonvolatile semiconductor memory. The processor executes the application to read the identification information from the nonvolatile semiconductor memory, and to execute the authentication processing for determining whether or not the identification information is authentic. When the identification information is authentic, the processor continues at least some processes of the application, and when the identification information is inauthentic, the processor ends at least some processes of the application.

Abstract: According to one embodiment, a device includes a memory area being used to store a first key (NKey), unique secret identification information (SecretID), and encrypted secret identification information (E-SecretID), the encrypted secret identification information (E-SecretID) being generated by encrypting the secret identification information (SecretID), the first key (NKey) and the secret identification information (SecretID) being prohibited from being read from outside, the encrypted secret identification information (E-SecretID) being readable from outside; a data generator configured to generate a session key (SKey) by using a second key (HKey), the second key (HKey) being generated based on the first key (NKey); and a one-way function processor configured to generate an authentication information by processing the secret identification information (SecretID) with the session key (SKey) in one-way function operation.

Abstract: According to one embodiment, a memory being used to store a host identification key, a host constant (HC), and a first key, the first key being generated based on the host constant (HC); a first generator configured to decrypt a family key block read from an external device with the host identification key to generate a family key; a second generator configured to decrypt encrypted secret identification information read from the external device with the family key to generate a secret identification information; a third generator configured to generate a random number; a fourth generator configured to generate a session key by using the first key and the random number; a fifth generator configured to generate a first authentication information by processing the secret identification information with the session key in one-way function operation.

Abstract: According to one embodiment, encrypted secret identification information (E-SecretID) and the key management information (FKB) are read from a memory device. Encrypted management key (E-FKey) is obtained using the key management information (FKB) and index information (k). The index information (k) and the encrypted management key (E-FKey) are transmitted to the semiconductor memory device. An index key (INK) is generated using the first key information (NKey) and the received index information (k). The encrypted management key (E-FKey) is decrypted using the index key (INK) to obtain management key (FKey), which is transmitted to the host device.

Abstract: According to one embodiment, a storage system includes a host device and a secure storage. The host device and the secure storage produce a bus key which is shared only by the host device and the secure storage by authentication processing, and which is used for encoding processing. The host device produces a message authentication code including a message which can be stored in the secure storage based on the bus key, and sends the produced message authentication code to the secure storage. The secure storage stores the message included in the message authentication code in accordance with instructions of the host device. The host device verifies whether the message stored in the secure storage is intended contents.

Abstract: According to one embodiment, an authentication method includes generating, by the memory, first authentication information by calculating secret identification information with a memory session key in one-way function operation, transmitting encrypted secret identification information, a family key block, and the first authentication information to a host, and generating, by the host, second authentication information by calculating the secret identification information generated by decrypting the encrypted secret identification information with the host session key in one-way function operation. The method further includes comparing, by the host, the first authentication information with the second authentication information.

Abstract: A security system includes a controller manufacturer, a key issuer, and a medium manufacturer. The controller manufacturer writes a controller key Kc and a controller unique ID (IDcu) in the controller at the time of manufacturing the controller, and transmits the controller key Kc to the key issuer. The key issuer generates a medium device key Kmd_i and a medium device key certificate Certmedia, and encrypts the medium device key Kmd_i using the controller key Kc to generate encrypted medium device key Enc(Kc, Kmd_i). The medium manufacturer decrypts the encrypted medium device key Enc(Kc, Kmd_i) received from the key issuer, using the controller key Kc in the controller, and encrypts the medium device key Kmd_i obtained by decryption using a controller unique key Kcu generated from the controller unique ID (IDcu) in the controller, and then store it in a memory.

Abstract: For authentication of the host device, the memory device is configured to output the encrypted second key information (FKB) to the host device, output the encrypted identification information (E-SecretID) to the host device, generate third third key information (Hkey) using information (HC) received from the host device and the first key information, generate a session key (Skey) using a random number (RN) received from the host device, and the third key information, generate authentication information (Oneway-ID) by performing a one-way conversion process on the identification information, using the session key, and output the authentication information (Oneway-ID) to the host device.

Abstract: A first data generation unit generates identification key information (FKey) that may be decrypted from the identification key information (IDKey) using key management information (FKB) read from an authenticatee. A decryption unit decrypts encrypted secret identification information (E-SecretID) using the identification key information (FKey) to generate secret identification information (SecretID). A second data generation unit generates a first session key (Skey) using the first key information (Hkey) and a random number. A one-way conversion unit performs a one-way conversion process on the secret identification information (SecretID) using the generated first session key (SKey) to generate first one-way conversion data (Oneway-ID).