Abstract: A memory system includes a non-volatile memory and a memory controller. The memory controller is configured to perform write, read, and erase operations in accordance with write commands, read commands, and erase commands, respectively, from a host, and receive, from the host, time information indicating times when the write, read, and erase commands have been transmitted from or issued by the host. The memory controller is further configured to generate, from the received time information, history data including a value representing a busy state of the memory system with respect to each time range in a predetermined time period, and perform a maintenance operation with respect to the non-volatile memory upon time at which a command received from the host has been transmitted from or issued by the host falling in one or more of the time ranges corresponding to values smaller than the other of the time ranges.

Abstract: According to one embodiment, the memory system includes a memory and a memory controller. After the memory controller determines that a plurality of first commands including addresses have been received from a host device in a first sequence, when a plurality of second commands including addresses are received from the host device in a second sequence, the memory controller stores the addresses included in the plurality of the second commands in a memory; converts the address stored in the memory into a first password; and restricts or does not restrict execution of the first command and the second command from the host device after the memory system is started up, and removes the restriction of the execution or restricts the execution of the first command and the second command from the host device after the first password is matched with a predetermined second password.

Abstract: According to one embodiment, the memory system includes a memory and a memory controller. After the memory controller determines that a plurality of first commands including addresses have been received from a host device in a first sequence, when a plurality of second commands including addresses are received from the host device in a second sequence, the memory controller stores the addresses included in the plurality of the second commands in a memory; converts the address stored in the memory into a first password; and restricts or does not restrict execution of the first command and the second command from the host device after the memory system is started up, and removes the restriction of the execution or restricts the execution of the first command and the second command from the host device after the first password is matched with a predetermined second password.

Abstract: According to one embodiment, an information recording device includes a memory and a controller. The memory includes a secret recording section. The secret recording section includes a first area and a second area. The controller is configured to control the memory. The controller is configured to permit access to the first area in a case where a first authentication process related to the secret recording section is performed and configured to permit access to the second area in a case where a second authentication process related to the secret recording section is performed.

Abstract: According to one embodiment, an information processing apparatus includes a nonvolatile semiconductor memory and a processor. The nonvolatile semiconductor memory stores identification information. The processor controls an application which executes authentication processing for authenticating validation of the identification information stored in the nonvolatile semiconductor memory. The processor executes the application to read the identification information from the nonvolatile semiconductor memory, and to execute the authentication processing for determining whether or not the identification information is authentic. When the identification information is authentic, the processor continues at least some processes of the application, and when the identification information is inauthentic, the processor ends at least some processes of the application.

Abstract: According to one embodiment, a storage system includes a host device, 2 storing medium. The secure storing medium includes: a memory provided with a protected first storing region which stores secret information sent from the host device, and a second storing region which stores encoded contents; and a controller which carries out authentication processing for accessing the first storing region. The host device and the secure storing medium produce a bus key which is shared only by the host device and the secure storing medium by authentication processing, and which is used for encoding processing when information of the first storing region is sent and received between the host device and the secure storing medium. The host device has the capability to request the secure storing medium to send a status.

Abstract: According to one embodiment, a memory chip, which is connected to a controller that controls reading and writing of data in response to a request from an external device, includes: a memory including a special area that is a predetermined data storage area; a key storage unit that stores therein a second key that corresponds to a first key used by the external device to convert the data; a converting unit that receives, from the controller, data to be written into the special area and generates converted data by converting the data to be written using the second key; and a writing unit that writes the converted data into the special area.

Abstract: According to one embodiment, a device includes a semiconductor memory and a controller. The semiconductor memory includes first and second areas which are accessible from an outside. The controller controls the semiconductor memory. The device includes an unlocked state where accessing the first area is allowed, and a locked state where the accessing the first area is prohibited. The device is capable of holding one or more user key in the device. The device includes a function of configuration operation to register, change, and delete the user key in the semiconductor memory.

Abstract: A security system includes a controller manufacturer, a key issuer, and a medium manufacturer. The controller manufacturer writes a controller key Kc and a controller unique ID (IDcu) in the controller at the time of manufacturing the controller, and transmits the controller key Kc to the key issuer. The key issuer generates a medium device key Kmd_i and a medium device key certificate Certmedia, and encrypts the medium device key Kmd_i using the controller key Kc to generate encrypted medium device key Enc (Kc, Kmd_i). The medium manufacturer decrypts the encrypted medium device key Enc (Kc, Kmd_i) received from the key issuer, using the controller key Kc in the controller, and encrypts the medium device key Kmd_i obtained by decryption using a controller unique key Kcu generated from the controller unique ID (IDcu) in the controller, and then store it in a memory.

Abstract: A first data generation unit generates identification key information (FKey) that may be decrypted from the identification key information (IDKey) using key management information (FKB) read from an authenticatee. A decryption unit decrypts encrypted secret identification information (E-SecretID) using the identification key information (FKey) to generate secret identification information (SecretID). A second data generation unit generates a first session key (Skey) using the first key information (Hkey) and a random number. A one-way conversion unit performs a one-way conversion process on the secret identification information (SecretID) using the generated first session key (SKey) to generate first one-way conversion data (Oneway-ID).

Abstract: To reduce a load on a user terminal imposed when verifying signature data and at the same time reduce a load on a server, a signature key matrix KM includes a plurality of signature keys Ki-j arranged in a matrix structure of m rows and n columns, and is stored in a signature key matrix database 21. A correspondence relationship between a signature key set CK which is an aggregate of any signature keys selected from the n columns respectively and a user terminal 30 is stored in a correspondence relationship information database 22. A signature data generating unit 24 generates signature data having a matrix structure by encrypting a content digest D generated based on content data C by n number of signature keys included in the signature key matrix KM.

Abstract: A recording device configured to store content data in an encrypted manner, the recording device comprises a memory unit which stores various data, and a controller which controls the memory unit. The controller possesses a controller key and unique identification information, and is configured to generate a controller-unique key unique for each controller in accordance with the controller key and the identification information. The memory unit stores an MKB generated by encrypting a medium key with a device key set that is a collection of a plurality of device keys, an encrypted device key set generated by encrypting the device key set with the controller-unique key, and a device-key-set index which uniquely identifies the device key set.

Abstract: A first data generation unit generates identification key information (FKey) that may be decrypted from the identification key information (IDKey) using key management information (FKB) read from an authenticatee. A decryption unit decrypts encrypted secret identification information (E-SecretID) using the identification key information (FKey) to generate secret identification information (SecretID). A second data generation unit generates a first session key (Skey) using the first key information (Hkey) and a random number. A one-way conversion unit performs a one-way conversion process on the secret identification information (SecretID) using the generated first session key (SKey) to generate first one-way conversion data (Oneway-ID).

Abstract: According to one embodiment, a memory chip, which is connected to a controller that controls reading and writing of data in response to a request from an external device, includes: a memory including a special area that is a predetermined data storage area; a key storage unit that stores therein a second key that corresponds to a first key used by the external device to convert the data; a converting unit that receives, from the controller, data to be written into the special area and generates converted data by converting the data to be written using the second key; and a writing unit that writes the converted data into the special area.

Abstract: According to one embodiment, a method for authenticating a device, wherein the device holds secret identification information, encrypted secret identification information, and key management information, and an authenticator holds an identification key, the method includes reading, by the authenticator, the encrypted secret identification information and the key management information from the device, and obtaining, by the authenticator, a family key by using the key management information, the family key being capable of being decrypted with the identification key. The method further includes obtaining, by the authenticator, the secret identification information by decrypting the encrypted secret identification information with the family key.

Abstract: A recording device configured to store content data in an encrypted manner, the recording device comprises a memory unit which stores various data, and a controller which controls the memory unit. The controller possesses a controller key and unique identification information, and is configured to generate a controller-unique key unique for each controller in accordance with the controller key and the identification information. The memory unit stores an MKB generated by encrypting a medium key with a device key set that is a collection of a plurality of device keys, an encrypted device key set generated by encrypting the device key set with the controller-unique key, and a device-key-set index which uniquely identifies the device key set.

Abstract: According to one embodiment, a memory chip, which is connected to a controller that controls reading and writing of data in response to a request from an external device, includes: a memory including a special area that is a predetermined data storage area; a key storage unit that stores therein a second key that corresponds to a first key used by the external device to convert the data; a converting unit that receives, from the controller, data to be written into the special area and generates converted data by converting the data to be written using the second key; and a writing unit that writes the converted data into the special area.

Abstract: According to one embodiment, a non-transitory medium, a controller, a memory, an extension function section, and an extension register. The controller controls the non-transitory medium. The memory which is serving as a work area is connected to the controller. The extension function section is controlled by the controller. The extension register which is provided on the memory is provided with a certain block length capable of defining an extension function of the extension function section. The controller processes a first command to write header data of a command to operate the extension function section to the extension function section through the extension register, and a second command to read header data of a response from the extension function section through the extension register.

Abstract: According to one embodiment, an information processing apparatus includes a nonvolatile semiconductor memory and a processor. The nonvolatile semiconductor memory stores identification information. The processor controls an application which executes authentication processing for authenticating validation of the identification information stored in the nonvolatile semiconductor memory. The processor executes the application to read the identification information from the nonvolatile semiconductor memory, and to execute the authentication processing for determining whether or not the identification information is authentic. When the identification information is authentic, the processor continues at least some processes of the application, and when the identification information is inauthentic, the processor ends at least some processes of the application.

Abstract: According to one embodiment, a storage system includes a host device and a secure storage. The host device and the secure storage produce a bus key which is shared only by the host device and the secure storage by authentication processing, and which is used for encoding processing. The host device produces a message authentication code including a message which can be stored in the secure storage based on the bus key, and sends the produced message authentication code to the secure storage. The secure storage stores the message included in the message authentication code in accordance with instructions of the host device. The host device verifies whether the message stored in the secure storage is intended contents.