Abstract: A system including a secure LSI 1 establishes a communication path to/from a server 3 (UD1), and receives a common key-encrypted program generated by encryption with a common key and transmitted from the server 3 (UD6 and UD7). The received common key-encrypted program is decrypted to generate a raw program, and the raw program is re-encrypted with an inherent key to newly generate an inherent key-encrypted program, which is stored in an external memory.

Abstract: A secure LSI device 1 includes an encryption section 2 for encrypting a program, and an external I/F 50 for inputting/outputting a program or data from/to an external memory 100. In the encryption section 2, the operation of a private key arithmetic processing section 20 is prohibited with respect to a sequence whose execution is determined by a key-generation/update sequencer 30 to be impermissible. In the external I/F 50, a program processing section 51 and a data processing section 55 are structured independently from each other.

Abstract: In a gear transmission apparatus including a shared gear in which two rows of internal teeth are formed on an inner circumference of a common gear main body so as to be adjacent to each other in an axial direction, the internal teeth of each of the rows are meshed with an external gear to configure a transmission mechanism for each of the rows, the internal teeth of each of the rows are inclined with respect to the axial direction such that each of inner end portions thereof in the axial direction is further deviated to a normal rotation direction, which is a rotation direction in which a frequency in use of the shared gear is high, than each of outer end portions in the axial direction, oil drainage holes are provided between the internal teeth, and oil drainage grooves are provided on bottom lands of the internal teeth.

Abstract: In a target apparatus which stores at least one piece of domain key information in a first area and a plurality of pieces of content key information each associated with any one of the domain key information in a second area, a method for generating data for detecting tampering of the content key information. The method comprises the steps of encrypting the content key information associated with one of the domain key information using a chain encryption technique; extracting data at predetermined positions in the encrypted content key information, concatenating the pieces of data extracted at the predetermined positions in the encrypted content key information to obtain concatenated data, performing a hash calculation with respect to the concatenated data to obtain a hash value, storing check values corresponding to the data at the predetermined positions in plain text, in the target apparatus, and storing the hash value in the target apparatus.

Abstract: An image forming apparatus includes a suction unit; a pressure unit configured to pressurize the inside of a supply channel extending from a liquid container to a recording head at a pressurizing position along the supply channel; an opening and closing unit configured to open and close the supply channel at a position downstream of the pressurizing position; and a control unit configured to cap a nozzle surface with a cap and suction ink from nozzles with the suction unit, to move the cap away from the nozzle surface after pressurizing the inside of the supply channel with the pressure unit to a pressure greater than or equal to atmospheric pressure, to wipe the nozzle surface with a wiping part after closing the supply channel with the opening and closing unit, and to open the supply channel with the opening and closing unit after wiping the nozzle surface.

Abstract: In a target apparatus which stores at least one piece of domain key information in a first area and a plurality of pieces of content key information each associated with any one of the domain key information in a second area, a method for generating data for detecting tampering of the content key information. The method comprises the steps of encrypting the content key information associated with one of the domain key information using a chain encryption technique, extracting data at predetermined positions in the encrypted content key information, concatenating the pieces of data extracted at the predetermined positions in the encrypted content key information to obtain concatenated data, performing a hash calculation with respect to the concatenated data to obtain a hash value, storing check values corresponding to the data at the predetermined positions in plain text, in the target apparatus, and storing the hash value in the target apparatus.

Abstract: An development environment of a high security level is provided for a key-installed system. Development of a program for a system having an LSI device which includes a secure memory is performed by providing another LSI device having the same structure and setting the provided LSI device to a development mode which is different from a product operation mode. Alternatively, the provided LSI device is set to an administrator mode to perform development and encryption of a key-generation program. The LSI device is set to a key-generation mode to execute the encrypted key-generation program, thereby generating various keys.

Abstract: An image-forming apparatus includes a head unit configured to include line-type recording heads for ejecting ink droplets, a transport mechanism disposed facing the recording head and configured to transport a sheet, a maintain-recovery mechanism disposed downstream from the transport mechanism in a direction in which the sheet is transported and configured to maintain and recover the line type recording heads, and a head drive mechanism configured to move the head unit between a position facing the transport mechanism and a position facing the maintain-recovery mechanism in the direction in which the sheet is transported.

Abstract: A system including a secure LSI 1 establishes a communication path to/from a server 3 (UD1), and receives a common key-encrypted program generated by encryption with a common key and transmitted from the server 3 (UD6 and UD7). The received common key-encrypted program is decrypted to generate a raw program, and the raw program is re-encrypted with an inherent key to newly generate an inherent key-encrypted program, which is stored in an external memory.

Abstract: To make the strict management of the security information possible, in a security information packaging system 120 which comprises a storing portion 120a for storing first encrypted security information EDK(MK)/address obtained by encrypting final security information DK by using internal security information MK and second encrypted security information EMK(CK)/address obtained by encrypting the internal security information MK by using converted security information CK, and an LSI 120b, the LSI 120b includes a seed generating portion 131 for storing a first constant IDfuse/address containing address information and serving as a generation source of a conversion seed and a second constant IDtst serving as a generation source of a conversion seed for testing and a third constant Const and then outputting either the conversion seed or the conversion seed for testing in response to a test signal.

Abstract: A system including a secure LSI 1 establishes a communication path to/from a server 3 (UD1), and receives a common key-encrypted program generated by encryption with a common key and transmitted from the server 3 (UD6 and UD7). The received common key-encrypted program is decrypted to generate a raw program, and the raw program is re-encrypted with an inherent key to newly generate an inherent key-encrypted program, which is stored in an external memory.

Abstract: A system including a secure LSI 1 establishes a communication path to/from a server 3 (UD1), and receives a common key-encrypted program generated by encryption with a common key and transmitted from the server 3 (UD6 and UD7). The received common key-encrypted program is decrypted to generate a raw program, and the raw program is re-encrypted with an inherent key to newly generate an inherent key-encrypted program, which is stored in an external memory.

Abstract: A confidential information processing device performs a cryptographic operation on first input data and second input data. A first cryptographic operation circuit includes: a first register for holding first information; and a first cryptographic operation unit. A first pseudo-cryptographic operation circuit includes a second register for holding second information. A first arbitration circuit causes the first cryptographic operation unit to perform the cryptographic operation on the first input data using the first information held in the first register, when a cryptographic operation request for the first input data is made to the first cryptographic operation circuit, and causes the first cryptographic operation unit to perform the cryptographic operation on the second input data using the second information held in the second register, when a cryptographic operation request for the second input data is made to the first pseudo-cryptographic operation circuit.

Abstract: An development environment of a high security level is provided for a key-installed system. Development of a program for a system having an LSI device which includes a secure memory is performed by providing another LSI device having the same structure and setting the provided LSI device to a development mode which is different from a product operation mode. Alternatively, the provided LSI device is set to an administrator mode to perform development and encryption of a key-generation program. The LSI device is set to a key-generation mode to execute the encrypted key-generation program, thereby generating various keys.

Abstract: A DMA controller is connected by a bus to a plurality of master devices and a plurality of slave devices, and performs a data transfer between slave devices which are specified as a source and a destination of the data transfer by a transfer condition received from any of the plurality of master devices. Each of the plurality of master devices and the plurality of slave devices has a rank used for judging data transfer permissibility. The DMA controller enables the data transfer if the data transfer is judged to be permitted as a result of a comparison between a rank of the master device and a rank of any of the specified slave devices, and disables the data transfer if the data transfer is judged to be prohibited.

Abstract: A domain key is used to perform chaining decryption with respect to encrypted content key information (ST203-1), and first data is extracted (ST203-2). The extracted first data is compared with partial-check data (ST203-4). The first data as it is encrypted is extracted from the m pieces of encrypted content key information (ST203-6), and a predetermined operation is executed with respect to concatenated data including m extracted check values to generate second data (ST203-8). The second data is compared with whole-check data included in domain key information (ST203-11). If the first data matches the partial-check data (ST203-5) and the second data matches the whole-check data (ST203-12), it is determined that there is not tampering.

Abstract: The confidential information processing device according to the present invention includes: a stream analysis unit which determines the target data by analyzing the data stream; a cryptographic computation unit which holds a context including a key used for the cryptographic computation, an initial value, and intermediate information during cryptographic computation, and perform the cryptographic computation using the context that is being held; a context storage unit which stores a plurality of the contexts; a correspondence table storage unit which stores a correspondence table which indicates the number of cryptographic computations to be performed for the data stream and a context to be used for each of the cryptographic computations; a context control unit which, when the context held in the cryptographic computation unit does not match the context to be used indicated in the correspondence table, saves the context held in the cryptographic computation unit to the context storage unit and restore the con

Abstract: A secure LSI device 1 includes an encryption section 2 for encrypting a program, and an external I/F 50 for inputting/outputting a program or data from/to an external memory 100. In the encryption section 2, the operation of a private key arithmetic processing section 20 is prohibited with respect to a sequence whose execution is determined by a key-generation/update sequencer 30 to be impermissible. In the external I/F 50, a program processing section 51 and a data processing section 55 are structured independently from each other.

Abstract: A secure LSI device 1 includes an encryption section 2 for encrypting a program, and an external I/F 50 for inputting/outputting a program or data from/to an external memory 100. In the encryption section 2, the operation of a private key arithmetic processing section 20 is prohibited with respect to a sequence whose execution is determined by a key-generation/update sequencer 30 to be impermissible. In the external I/F 50, a program processing section 51 and a data processing section 55 are structured independently from each other.

Abstract: A secret information processing apparatus including: a control unit 102 storing access control levels assigned to resources in the apparatus and used as a standard in judging whether to permit an access to any resource from any external apparatus; a secret information storage unit 105 storing an update target program; and an internal CPU 103 that performs an update process for updating the update target program if an update request is received. The control unit 102 determines whether to permit accesses to the resources from the external apparatus, in accordance with the access control levels. The internal CPU 103 changes, during the update process, access control levels of resources, which are to be accessed by the update unit during the update process and whose access control levels indicate that accesses are permitted, to levels indicating that accesses are not permitted.