`
`United States Patent
`
`Kimura
`
`
`
`19)
`
`
`
`[54] PORTABLE SECURE SEMICONDUCTOR
`
`
`
`
`MEMORYDEVICE
`
`
`
`[75]
`
`Inventor:
`
`
`
`[73] Assignee:
`
`
`
`
`[56}
`
`
`
`
`
`
`Masatoshi Kimura, Itami, Japan
`
`
`
`Mitsubishi Denki Kabushiki Kaisha,
`
`
`Tokyo, Japan
`
`
`
`
`[21] Appl. No.: 498,848
`
`
`
`
`[22] Filed:
`Mar, 26, 1990
`[30]
`Foreign Application Priority Data
`
`
`
`
`
`
`
`
`
`
`Mar. 31, 1989 [JP]
`Japan oa.ccssscccsscssssssssessreseseee 1-77979
`
`
`
`
`
`Mar. 31, 1989 [JP]
`Japan oo.scscecccscsssssssessessseeree 1-77980
`
`
`
`
`[ST]
`Int, C15 oe cceesseteceeeeeees G11B 23/28
`[82] U.S. CU, occ eceeeeesesesecseeseceseeenenees 380/3; 380/23;
`
`
`
`
`
`
`380/25; 380/19; 235/380
`
`
`
`
`
`
`
`[58] Field of Search ............. 380/3, 23, 25, 49;
`
`
`
`
`
`235/380, 441, 382, 379, 492, 487
`
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`
`
`4,007,355
`2/1977 Moreno...eeccseceeeeeeeeeneees 235/61
`
`
`
`4,092,524
`5/1978 Moreno............
`we 235/419
`
`
`
`
`4,102,493
`6/1978 MOTeN0......cecscecesseteneteeee 235/419
`
`
`
`4,697,072 9/1987 Kawana ....ccccccccsesseeeessee 235/380
`
`
`
`3/1988 Kawanaetal.
`4,734,569
`we 235/487
`
`
`
`
`
`5/1988 Kawamnar ......cccccnceceeeeees 235/380
`4,746,788
`
`
`
`4,780,602 10/1988 Kawanaet al. oes 235/380
`
`
`
`
`
`4,794,236 12/1988 Kawanaet al. cece 235/441
`
`
`
`
`
`1/1989 Hara oc ccscssecsscrsstesteeeeteres 235/380
`4,797,542
`
`
`
`7/1989 Hara et al.
`4,845,351
`. 235/492
`
`
`
`
`
`4/1991 Kawana.......
`5,010,237
`we 235/379
`
`
`
`6/1992 Claus et al. cc cecceceeceeees 235/382
`5,120,939
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`200
`a7a.
`
`US005237609A
`
`{11] Patent Number:
`
`
`
`[45] Date of Patent:
`
`
`
`
`
`
`5,237,609
`
`
`Aug. 17, 1993
`
`
`
`FOREIGN PATENT DOCUMENTS
`
`
`
`
`
`
`0114522
`8/1984 European Pat. Off.
`
`
`
`
`0216298 4/1987 European Pat. Off.
`
`
`
`
`0286094 10/1988 European Pat. Off.
`2503423 10/1982 France .
`
`
`
`
`
`
`3/1978 Japan .
`53-6491
`
`
`
`
`2154344 9/1985 United Kingdom .
`
`
`
`
`
`.
`.
`.
`
`
`
`
`
`
`Primary Examiner—David Cain
`
`
`
`
`
`
`Attorney, Agent, or Firm—Leydig, Voit & Mayer
`
`[57]
`ABSTRACT
`
`
`
`
`
`
`
`A portable semiconductor memory device for interfac-
`
`
`
`
`
`
`
`ing with and exchanging information with an external
`
`
`
`
`
`
`terminal, said portable device having a security function
`
`
`
`
`
`
`
`
`for controlling access to a main memory. The main
`
`
`
`
`
`
`
`
`memory is adapted to exchange data with the external
`
`
`
`
`
`
`
`
`terminal by means of an interface bus which includes
`
`
`
`
`
`
`
`
`data lines, address lines and control lines. Access con-
`
`
`
`
`
`
`
`
`
`trols means in the portable unit is utilized to control
`
`
`
`
`
`
`
`
`
`access to the main memory. Theunit also has a security
`
`
`
`
`
`
`memory comprising two sections. One section stores
`
`
`
`
`
`
`
`
`
`enciphered data which is read out to the external termi-
`
`
`
`
`
`
`
`
`
`
`nal, deciphered and returned to the unit as the first
`
`
`
`
`
`
`
`
`
`element used in a comparison. The secondsection ofthe
`
`
`
`
`
`security memory stores internal identification informa-
`tion. The two elementsof identification information are
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`provided to a comparator means which enables access
`
`
`
`
`
`
`
`
`
`
`
`to the main memoryvia the interface bus after a match
`is detected.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`33 Claims, 6 Drawing Sheets
`
`
`
`100
`A
`
`EXTERNAL TERMINAL UNIT
`
`
`
`
`
`|
`
`_
`
`la
`7!
`\ [ea9
`
`shUhre NAtey
`[PI
`ls
`
`|peae: o~
`é
`SECTION
`=al
`CIRCUIT _MEMORY
`
`
`
`
`
`
`
`
`
`
`
`
`
`MAIN
`
`TERMINAL
`
`STORAGE
`
`
`
`
`
`
`
`
`
`
`MEMORY
`
`O
`
`
`
`CONTROL
`
`i
`
`|
`aI
`1
`
`v |
`5a
`——— 7/7=|
`ee|
`NG
`32
`/
`
`
`KEYBOARD CONTROL|7 SECURITY
`
`2 ~eSS
`
`Page 1 of 20
`
`Unified Patents Exhibit 1006
`
`Page 1 of 20
`
`Unified Patents Exhibit 1006
`
`

`

`
`U.S. Patent
`
`
`
`
`
`Aug. 17, 1993
`
`
`
`Sheet 1 of 6
`
`
`
`
`
`
`5,237,609
`
`
`
`ALIYNDAS
`
`
`
`O14
`
`
`
`002
`
`fc
`
`Page 2 of 20
`
`AYOWAWLIADYID
`
` ALIUNDSGUVOEAS»[a8 LINA
`“JOYN.LNODHyEAV1dSIG
`IWNYSLX3a=IWNINMSL
`
`OSIMls
`
`
`
`Page 2 of 20
`
`
`
`

`

`
`U.S. Patent
`
`
`
`
`
`Aug. 17, 1993
`
`
`
`Sheet 2 of 6
`
`
`
`
`
`
`5,237,609
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`1LINDYID
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`qNOLLOaTas
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 3 of 20
`
`Page 3 of 20
`
`

`

`
`U.S. Patent
`
`
`
`
`Aug. 17, 1993
`
`
`
`
`
`
`Sheet 3 of 6
`
`5,237,609
`
`
`
` ENESASaLINDUYID
`
`
`
`
`
`
`
`
`
`
`HOLV]
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
` VLVdLSuld=a|
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Z|
`
`Page 4 of 20
`
`Page 4 of 20
`
`

`

`
`
`
`
`
`
`
`
`
`
`
`
`
`
`U.S. Patent Sheet4of 6Aug. 17, 1993 5,237,609
`
`
`FIG. 4
`
`
`
`90
`
`
`
`
`
`o
`|~-50b
`
`
`
`
`EXTERNAL
`
`IDENTIFICATION
`
`
`INFORMATION
`
`
`
`
`
`
`INTERNAL
`
`IDENTIFICATION|-~-000
`
`
`
`
`
`INFORMATION
`
`
`
`00000
`
`trad
`
`
`10000
`
`
`
`
`
`6
`
`Q
`i a —
`52
`i,
`
`a Sh
`
`
`
`
`
`
`
`OVER
`V
`
`
`CIRCUIT
`
`
`9
`
`A
`3
`(—
`6~T
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
` ‘\
`
`
`
`
`MAIN
`STORAGE
`SECTION
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 5 of 20
`
`SSSNSFNSSELVESoh
`
`Page 5 of 20
`
`

`

`
`U.S. Patent
`
`
`
`
`
`Aug. 17, 1993
`
`
`
`Sheet 5 of 6
`
`
`
`
`
`
`5,237,609
`
`
`
`WOu
`
`ONINOLS|26|4! NOYID
`
`Page6 of 20
`
`Page 6 of 20
`
`
`

`

`
`U.S. Patent
`
`
`
`Aug. 17, 1993
`
`
`
`
`
`Sheet 6 of 6
`
`
`
`
`
`
`5,237,609
`
`
`
`
`
`FIG. 6
`
`
`INSERT_CARD
`INTO TERMINAL|~900
`
`
`
`
`
`TERMINAL
`POWER “ON"
`
`
`
`301
`
`
`
`302
`
`
`
`READ ENCIPHERED EXTERNAL
`INFORMATION FROM
`
`
`
`
`NONVOLATILE MEMORY
`
`
`
`303
`
`
`304
`
`
`
`DETERMINE WHETHER THIS SECURITY CHECK
`
`
`
`
`
`
`NO
`
`YES] OPERATION IS PERSONAL IDENTIFICATION
`
`
`
`
`
`NUMBER (PIN) KEYIN METHOD OR NOT FROM
`
`
`
`
`
`
`
`
`
`
`DECIPHERED TEXT
`
`
`
`
`
`
`
`
`
`
`
`ADD PIN INPUT BY USER TO DECIPHERED
`
`DECIPHER STORAGE
`
`
`
`
`
`
`TEXT AND DECIPHER STORAGE ADDRESSES
`
`
`ADDRESSES AND
`
`
`
`
`
`
`
`
`
`AND READOUT SEQUENCE OF CODE ARRAY
`READOUT SEQUENCE
`
`
`
`
`
`
`
`OF CODE ARRAY
`
`(N= 8BITS x 4)
`
`
`
`
`
`
`OF NONVOLATILE MEMORY
`$04¢
`
` WRITE CODE_ARRAY FROM INTERNAL AREA
`
`
`
`
`
`
`
`
`
`(OR CODE ARRAY STORING ROM)
`
`
`
`
`
`
`
`INTO COMPARATOR SUCCESSIVELY
`
`
`
`
`
`
`
`
`DECIPHER CONTENTS OF CODE ARRAY
`(N= 8x4) FROM DECIPHER TEXT
`
`
`
`
`(ADDED PIN
`
`
`
`
`
`305
`
`
`
`306
`
`WRITE DECIPHERED CODE IN COMPARATOR
`
`
`
`
`
`
`
`307
`
`
`
`
`
`
`
`EFFECT COMPARISON BETWEEN CODE ARRAY
`READ OUT FROM NONVOLATILE MEMORY
`
`
`
`
`
`(OR CODE ARRAY STORING ROM)
`
`
`
`
`
`
`
`
`
`
`
`
`AND DECIPHERED CODE ARRAY 3ll
`
`
`
`
`
`308
`
`
`
`
`
`
`
`
`
`
`ACCESS
`REFUSED
`
`
`
`Page7 of 20
`
`Page 7 of 20
`
`

`

`1
`
`
`5,237,609
`
`PORTABLE SECURE SEMICONDUCTOR
`
`
`
`MEMORYDEVICE
`
`
`
`FIELD OF THE INVENTION
`
`
`
`
`This invention relates to portable semiconductor
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`memory devices, and more particularly to such devices
`
`
`
`
`
`
`
`
`which include a security function intended to protect
`
`
`
`
`
`
`
`the information stored in the portable memory.
`BACKGROUND OF THE INVENTION
`
`
`
`
`
`
`
`
`
`
`
`
`Memory devices such as memory cards can be
`
`
`
`
`
`
`
`
`thought of as divided into two classes—“smart cards”
`
`
`
`
`
`
`
`
`which have a microprocessor in addition to a main
`
`
`
`
`
`
`
`
`storage unit, and “memory cards” which have only
`
`
`
`
`
`
`memory but no programmable (or programmed) micro-
`
`processor.
`
`
`
`
`
`
`
`Because of the processing capability available in
`smartcars as a result of the on-board microprocessor,
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`there are numeroussecurity techniques useful with such
`
`
`
`
`
`
`
`
`
`
`cards for protecting the integrity of the data stored on
`
`
`
`
`
`
`
`the card. Thus the on-board microprocessor can per-
`
`
`
`
`
`
`
`
`form various functions in checking PIN numbers, hand
`
`
`
`
`
`
`
`
`shaking with a processor in an external terminal, per-
`
`
`
`
`
`
`forming, enciphering and deciphering operations on-
`
`
`
`
`
`
`
`
`
`
`board the smart card, and other techniquesall prior to
`
`
`
`
`
`
`
`
`
`
`allowing access to the main memoryon the card. Thus,
`
`
`
`
`
`
`
`
`significant capacity is available for insuring the integrity
`of the data in a smart card.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`However, in memory cards which do not have the
`
`
`
`
`
`
`
`
`powerof an on-board microprocessor, the capacity for
`
`
`
`
`
`
`
`performing security checks before allowing access to
`
`
`
`
`
`
`
`
`
`the main memoryis substantially more limited. In a
`
`
`
`
`
`
`
`
`memory card typically the data, address and control
`
`
`
`
`
`
`
`
`
`lines of the main memory modules are coupled directly
`
`
`
`
`
`
`
`
`
`
`
`to the card outputs and are thus available for read out
`either in a terminal for which the card is intended or
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`otherwise. Thus, the opportunity is available for some-
`
`
`
`
`
`
`
`
`
`one intending to breach the security of the internal
`
`
`
`
`
`
`
`
`
`memoryto directly access the memorydevice if reason-
`
`
`
`
`
`
`
`
`
`
`able care is taken in interfacing the data, address and
`
`
`
`
`
`
`
`
`
`control lines of the memory elements which are all
`
`
`
`
`
`
`
`
`readily available at the card connection points. Even
`
`
`
`
`
`
`
`
`
`
`
`
`whenthe card is used in a terminal for whichit is in-
`
`
`
`
`
`
`
`
`tended, security functions are usually desirable, such as
`
`
`
`
`
`
`
`
`
`
`
`
`insertion of a PIN numberby a user, or some meansof
`
`
`
`
`
`
`
`
`
`insuring, based on a check of card stored information
`
`
`
`
`
`
`
`
`
`and terminal supplied processing powerthat the two are
`
`
`
`
`
`
`
`of intended compatability before memory accessis al-
`
`lowed.
`
`
`
`
`
`
`
`
`With only hard wired logic elements at most avail-
`
`
`
`
`
`
`
`
`
`able on a memory card for performing the. security
`
`
`
`
`
`
`
`
`function, insofar as applicant is aware, the techniques
`
`
`
`
`
`
`
`
`
`which have been madeavailable for securing the stored
`information are not as reliable as could be desired.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`The security issue will be further developed with
`
`
`
`
`
`
`
`
`
`reference to FIG. 7 which shows a configuration of a
`
`
`
`
`
`conventional memory card having on-board semicon-
`
`
`
`
`
`
`
`ductor memory whichis substantially non-secure. The
`
`
`
`
`
`
`
`
`portable semiconductor memory card 1 of FIG. 7
`
`
`
`
`
`
`
`carries an on-board semiconductor memory 4, usually
`
`
`
`
`
`
`
`comprised of an array of semiconductor memory de-
`vices 4a-4n. The address lines of the semiconductor
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`memory devices 4a «4n are coupled together to form
`
`
`
`
`
`
`
`
`
`
`
`an address bus 14, and the data lines coupled togetherto
`
`
`
`
`
`
`
`
`
`
`
`
`
`form a data bus 15. The address bus 14 and data bus 15
`
`
`
`
`
`
`
`
`
`are elements of an interface bus 40 comprising address
`
`
`
`
`
`
`
`
`
`
`
`lines 14, data lines 15, and controllines including a card
`
`
`
`
`10
`
`
`
`
`
`20
`
`
`25
`
`
`
`30
`
`
`
`35
`
`
`
`
`
`45
`
`
`
`50
`
`
`
`55
`
`
`
`
`
`65
`
`
`
`Page 8 of 20
`
`2
`
`
`
`
`
`
`
`
`
`
`
`select signal line 16, a write enable signal line 17 and an
`
`
`
`
`
`
`
`
`
`output enable signal
`line 18. The address, data, and
`
`
`
`
`
`
`
`control lines provide access to the semiconductor mem-
`ories 4a<4n in conventional fashion. The card select
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`signal on line 16 is utilized to enable the semiconductor
`
`
`
`
`
`
`
`
`
`memory elements in a manner which will be described
`below.
`
`
`
`
`
`
`
`
`
`Onefurther connection is provided from the terminal
`
`
`
`
`
`
`
`
`
`
`
`into which the memory card is inserted, and that is a
`
`
`
`
`
`
`
`
`
`
`supply of power which is coupled to power supply line
`
`
`
`
`
`
`
`
`11. A power supply sensing and changeover circuit
`
`
`
`
`
`
`
`
`
`generally indicated at 2 senses the application of power
`
`
`
`
`
`
`
`
`
`
`
`to the line 11, and couples that applied power to the
`
`
`
`
`
`
`
`
`
`remaining circuitry for operation. It is noted that to
`
`
`
`
`
`
`
`maintain the information in the semiconductor memory
`
`
`
`
`
`
`
`
`
`
`4 during the substantial intervals when the card is not
`
`
`
`
`
`
`
`
`
`
`
`inserted in the terminal, a stand-by battery 6 is used to
`
`
`
`
`
`
`
`
`
`supply powerto internal power bus9 via currentlimit-
`
`
`
`
`
`
`
`
`ing resistor 7 and a reverse poled charge prevention
`
`
`
`
`
`
`
`
`
`diode 8. However, wheneverthe card 1 is plugged into
`
`
`
`
`
`
`
`
`
`
`a terminal and a source of poweris connected to exter-
`
`
`
`
`
`
`
`
`
`
`nal powerbus 11, a sensing module 3 within the power
`
`
`
`
`
`
`
`
`
`supply changeovercircuit 2 senses the voltage level on
`
`
`
`
`
`
`
`
`
`
`
`the bus 11 and in response thereto switches on a pass
`
`
`
`
`
`
`
`
`transistor 12 and thereby couples the external power
`
`
`
`
`
`
`
`
`
`
`source to the internal power bus 9. In addition, the
`
`
`
`
`
`
`
`
`sensing module 3 within the power supply changeover
`
`
`
`
`
`
`
`
`
`
`
`circuit 2 applies a high logic signal on output line 13
`
`
`
`
`
`
`
`
`
`
`
`which in turn is coupled to a G input of a memoryselect
`
`
`
`
`
`
`
`
`
`circuit 5, providing a preliminary enabling signal to the
`
`
`
`
`
`
`
`
`
`circuit 5. Thus, whenever the power applied to the
`
`
`
`
`
`
`
`
`
`
`external bus 11 is higher than that supplied by the bat-
`
`
`
`
`
`
`
`
`
`
`tery 6, that condition is sensed by the power supply
`
`
`
`
`
`
`
`
`
`changeovercircuit 2 and the sensing module 3 thereof
`
`
`
`
`
`
`
`
`
`performs two functions, namely (a) switches on the pass
`
`
`
`
`
`
`
`
`
`
`transistor 12 in order to supply external power to the
`
`
`
`
`
`
`
`
`
`
`internal bus 9 and (b) couples a high logic enabling
`
`
`
`
`
`
`
`
`
`signal to the control line 13 providing the preliminary
`
`
`
`
`
`
`
`
`enabling signal to the memoryselection circuit 5.
`
`
`
`
`
`
`
`
`
`
`
`It is seen that the memory selection signal 5 has a
`
`
`
`
`
`
`
`
`series of outputs S1-S, which are coupled respectively
`
`
`
`
`
`
`
`as enabling inputs 19c-19n to associated semiconductor
`
`
`
`
`
`
`
`
`
`memory devices 4a-4n. A selected one of those output
`
`
`
`
`
`
`
`
`lines is individually driven low depending upon the
`
`
`
`
`
`
`
`
`
`
`address signal coupled to the address inputs A, of the
`
`
`
`
`
`
`
`
`
`selector module 5. Thus, the higher order address bits
`
`
`
`
`
`
`
`
`
`
`from the address bus 15, which are coupled to the indi-
`
`
`
`
`
`
`
`
`
`
`vidual lines of address input A, are used to select which
`
`
`
`
`
`
`
`
`
`of the semiconductor memory devices 4a«4n will be
`
`
`
`
`
`
`
`
`
`
`active at any given time. It is noted that the address
`
`
`
`
`
`
`
`
`
`inputs and G input of selector 5 are provided with
`
`
`
`
`
`
`
`
`pullup resistors 10 to assure that all memory devices
`
`
`
`
`
`
`
`
`4a«4n are disabled except when the inputs are inten-
`
`
`
`tionally driven low.
`A final input to the memoryselectcircuit 5 is the G
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`whichis coupled to the card select signal line 16 which
`is an elementof the controllines of the interface bus 40.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Thus, whenever the particular memory card 1 is se-
`
`
`
`
`
`
`
`
`lected, the external terminal couples a low logic signal
`
`
`
`
`
`
`
`
`
`
`to the line 16, and thus provides an enabling signal to
`the G inputofselector5.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`In summary, when power is applied to the external
`
`
`
`
`
`
`
`
`
`
`
`
`bus 11, the G input of select circuit 5 is driven high.
`
`
`
`
`
`
`
`
`
`Subsequently, when the card select input 16 is driven
`low, the G inputof select circuit 5 is driven low, thus
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`enabling the outputs of select circuit 5 to respond to the
`
`
`
`
`
`
`
`
`
`logic levels on the address inputs. Thus, the external
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 8 of 20
`
`

`

`3
`
`
`
`
`
`
`
`
`
`terminal couples address signals to the high order bits
`
`
`
`
`
`
`
`
`
`
`on the address bus 15 which serveto individually select
`
`
`
`
`
`
`
`
`
`
`the outputs S;~S,, of the selector 5 and in turn individu-
`
`
`
`
`
`
`ally enable the semiconductor memory devices 4a—4n.
`
`
`
`
`
`
`When enabled, a semiconductor memory device re-
`
`
`
`
`
`
`
`
`
`
`spondsto addresssignals on the address bus 15, to write
`
`
`
`
`
`
`
`
`
`
`or read signals and enable signals on the controllines 17,
`18 to either write information into the addressed semi-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`conductor memory location from the data bus 15 or
`read the information stored in the addressed location
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`out onto the data bus 15, both for interfacing with the
`external terminal.
`
`
`
`
`
`
`
`
`
`With that understanding of a conventional memory
`
`
`
`
`
`
`
`
`
`card 1, it will be appreciated that the semiconductor
`
`
`
`
`
`
`
`
`
`
`memory4 is in a relatively non-secure state. The data
`
`
`
`
`
`
`
`
`
`lines of the semiconductor memory,the address lines of
`
`
`
`
`
`
`
`the semiconductor memory and the control
`lines
`
`
`
`
`
`
`
`(read/write and enable) of the semiconductor memory
`
`
`
`
`
`
`
`
`
`are all available at the card output. Typically, such
`
`
`
`
`
`
`
`
`
`control signals will be directly available at the card
`contacts which are intended to interface with an exter-
`
`
`
`
`
`
`
`
`nal terminal. Even in the case where the card receives a
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`serial message whichis stored in a register or the like for
`
`
`
`
`
`
`
`
`coupling to a semiconductor memory,there is little
`
`
`
`
`
`
`
`
`
`security associated with the serial receiver or serial to
`
`
`
`
`
`
`
`
`parallel converter, and thus the terminals of the mem-
`
`
`
`
`
`
`
`
`ory devices themselves can be considered as being
`available to the outside world. While smart cards hav-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ing on-board microprocessors can provide the desired
`
`
`
`
`
`
`
`
`
`security,
`it has been found impractical to provide an
`
`
`
`
`
`
`
`
`effective amount of security for the on-board memory
`
`
`
`
`
`
`using only hard wired logic elements.
`
`
`
`
`
`
`
`
`
`
`
`It will also be apparent that one can utilize such a
`
`
`
`
`
`
`
`semiconductor memorydevice in a terminal designed to
`
`
`
`
`
`
`
`
`
`accept it whether or not the individual possessing the
`
`
`
`
`
`
`
`
`
`
`
`card is indeed authorized to use it. There is no security
`
`
`
`
`
`
`
`
`
`check provided,
`it is simply necessary to couple the
`
`
`
`
`
`
`
`
`
`
`appropriate voltage levels or signals to the card, and the
`
`
`
`
`
`
`
`individual memory devices are directly addressed for
`
`
`
`
`
`writing or reading as desired.
`
`
`
`
`
`
`
`
`Even without a compatible terminal, it is relatively
`
`
`
`
`
`
`
`
`
`
`
`
`easy to access the contents of the memory4.It is simply
`
`
`
`
`
`
`
`
`
`
`necessary to couple powerto the external powerbus11,
`
`
`
`
`
`
`
`appropriate control signals, address signals and data
`
`
`
`
`
`
`
`
`
`
`signals to the interface bus 40, and the internal memory
`
`
`
`
`
`
`
`is directly accessible. Thus, an unauthorized individual,
`
`
`
`
`
`
`
`
`even without access to a compatible terminal, can ac-
`
`
`
`
`
`
`
`
`
`cess the memory and read out information which had
`
`
`
`
`
`
`
`
`
`
`been intended to be secure. As a further example, an
`unauthorized individual can write information into the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`semiconductor memory, and a subsequent user will be
`
`
`
`
`
`
`
`
`
`unaware that the security of the stored information has
`
`
`
`
`
`
`
`
`
`
`
`
`been breached. If security is at all a factor in using a
`
`
`
`
`
`
`
`
`portable memory device, the limitations of the device
`
`
`
`
`
`
`
`
`illustrated in FIG. 7 will now be apparent.
`SUMMARYOF THE INVENTION
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`In view of the foregoing, it is a general aim of the
`
`
`
`
`
`
`
`
`present invention to provide a portable memory device
`
`
`
`
`
`
`
`of inexpensive construction, and requiring no on-board
`
`
`
`
`
`
`microprocessor unit, but exhibiting a comparatively
`
`
`
`
`
`
`
`
`
`high degree of security provided in large measure by
`
`
`
`
`
`
`
`logic elements resident on board the card.
`
`
`
`
`
`
`
`
`
`
`In that regard, it is an object of the present invention
`
`
`
`
`
`
`
`
`
`to provide a portable memory device in which the on-
`
`
`
`
`
`
`
`
`board memory is accessible to the outside only after
`
`
`
`
`
`
`
`completion of a security check which matches informa-
`
`
`
`
`
`
`
`
`
`tion stored in a separate section of memoryonthe card,
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`15
`
`
`
`20
`
`
`
`25
`
`
`
`30
`
`
`
`35
`
`
`
`
`
`45
`
`
`
`50
`
`
`
`55
`
`
`
`
`
`65
`
`
`
`
`5,237,609
`
`4
`
`
`
`
`
`
`
`
`in which the security information available to the out-
`
`
`
`
`
`side is in enciphered form.
`,
`Stated differently, an object of the present invention
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`is to provide a portable memory device in which exter-
`nal access is allowed to the on-board semiconductor
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`memory only after a security check, which includes
`
`
`
`
`
`
`
`matching an identification code maintained internal to
`
`
`
`
`
`
`
`
`
`
`the card with a code deciphered by an external terminal
`
`
`
`
`
`
`
`from enciphered information received from the card.
`
`
`
`
`
`
`
`According to a more detailed aspect of the invention,
`
`
`
`
`
`
`
`
`
`
`
`it is an object to provide a security memory on a porta-
`ble memory card in which the security memory is parti-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`tioned in such a way that only enciphered security in-
`formation is available to an interface bus while addi-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`tional security information which need not be enci-
`
`
`
`
`
`
`
`
`
`phered is maintained in a partition of memory whichis
`
`
`
`
`
`accessible only within the card.
`
`
`
`
`
`
`
`
`
`
`According to one aspectof the invention, an objectis
`
`
`
`
`
`
`
`to provide a secure portable semiconductor memory
`
`
`
`
`
`
`
`
`
`device in which security is provided by utilization of
`
`
`
`
`
`
`
`security codes stored in a partitioned on-board security
`
`
`
`
`
`
`
`memory, one partition of the memory containing enci-
`
`
`
`
`
`
`
`phered security information which is accessible to an
`
`
`
`
`
`
`
`interface bus, andthe otherpartition containing security
`
`
`
`
`
`
`
`
`information which need not be enciphered butis avail-
`
`
`
`
`
`
`
`
`
`
`able only within the card andis isolated from the inter-
`face bus.
`
`
`
`
`
`
`
`
`
`
`In accordance with the invention there is provided a
`
`
`
`
`
`portable semiconductor memory unit for interfacing
`
`
`
`
`
`
`
`with and exchanging information with an external ter-
`
`
`
`
`
`
`
`
`
`minal. The unit includes a main memory and aninter-
`
`
`
`
`
`
`
`
`
`
`face bus for coupling the main memoryto the external
`
`
`
`
`
`
`
`terminal. Enabling meansselectively allows access to
`
`
`
`
`
`
`
`
`
`the main memory via the interface bus. The enabling
`
`
`
`
`
`
`
`means includes a security memory havinga first section
`
`
`
`
`
`
`
`
`for storing enciphered external data and a second sec-
`
`
`
`
`
`
`
`
`
`tion for storing internal data whichis isolated from the
`
`
`
`
`
`
`
`interface bus. The enabling means further includes a
`
`
`
`
`
`
`
`comparator having a first
`input for receiving deci-
`
`
`
`
`
`
`
`
`phered external data from the external terminal which
`
`
`
`
`
`
`
`
`results from deciphering of the enciphered external data
`
`
`
`
`
`
`
`
`
`received from the card via the interface bus. The com-
`
`
`
`
`
`
`
`
`parator has a second input for receiving internal data
`
`
`
`
`
`
`
`
`from the second section of the security memory. Fi-
`
`
`
`
`
`
`
`
`
`nally, the comparator has an output which causes the
`
`
`
`
`
`
`
`
`enabling means to allow access between the external
`
`
`
`
`
`
`
`
`
`terminal and the main memory upon detection of a
`
`
`
`
`
`
`
`match between the internal and external data.
`
`
`
`
`
`
`
`
`
`It is a feature of the invention that any security infor-
`
`
`
`
`
`
`
`
`
`
`mation whichis not in enciphered form is isolated from
`
`
`
`
`
`
`
`
`
`the interface bus so that the only security information
`
`
`
`
`
`
`
`
`available outside the card is enciphered. A further fea-
`
`
`
`
`
`
`
`
`
`ture ofthe inventionis partitioning of the security mem-
`
`
`
`
`
`
`
`
`
`
`
`
`
`ory in such a way as to prevent read out ofthe section
`
`
`
`
`
`
`containing the non-enciphered information to the inter-
`face bus.
`
`
`
`
`
`
`
`
`
`
`
`
`A further feature of the inventionis the storage on the
`
`
`
`
`
`
`
`card of two independent identification codes, an inter-
`
`
`
`
`
`
`
`
`nal identification code which need not be enciphered
`but whichis isolated from the interface bus so thatit is
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`not ascertainable from outside, and an external identifi-
`
`
`
`
`
`
`
`
`
`
`cation code which is intended to be accessed by an
`
`
`
`
`
`
`
`
`external
`terminal, but which is enciphered and thus
`
`
`
`
`
`
`
`
`cannot readily reveal the internal identification code. In
`
`
`
`
`
`
`
`
`
`a preferred embodimentof the invention,it is a further
`
`
`
`
`
`
`feature that
`the enciphered external
`information in-
`cludes address identification information used to ad-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`dress locations in the security memory at which the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Page 9 of 20
`
`Page 9 of 20
`
`

`

`6
`5
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`board input/output 205. The main terminal storage
`internal identification code is stored, so that the value
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`section 203 includes a main semiconductor memory
`and sequence ofthe identification codes provide a fur-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ther measure of security for the portable semiconductor
`which is used for storing a program ofinstructions for
`memory.
`
`
`
`
`
`
`
`
`operating the processing unit 201, for storing informa-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`tion whichis to be coupled to the portable memory unit
`Asa further feature of the invention, a PIN identifica-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`100 and for storing information received from the porta-
`tion number input by a user into an external terminal
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ble memory unit 100. The storage section 203 in effect
`can be combined with the external security information
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`in order to provide further security and further limit
`serves as the main memory for the external terminal
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`200. It can be configuredas a single unit orin individual
`access to only those whoare in possession of the PIN
`number.
`
`
`
`
`
`
`
`
`
`
`blocks, as desired. The main terminal 200 also includes
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Other objects and advantages will become apparent
`a clock generating circuit 202 which provides clock
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`signals for the CPU 201 and additionally controls the
`upon references to the following detailed description
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`timing of signals which are coupled to the portable
`whentaken in conjunction with the drawings in which:
`
`
`
`
`
`
`
`
`memory unit 100 when such unit is connected.
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`
`
`
`
`
`
`
`
`
`
`
`
`The input/output interface 204 is coupled to and
`
`
`
`
`
`
`
`
`
`therefore drives a CRT display unit 206 for displaying
`FIG.1 is a block diagram showing a secure memory
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`information to a user of the external terminal. Similarly,
`system including an external terminal unit coupled via
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`the input/output interface 205 is coupled to a keyboard
`an interface bus to a portable memory device;
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`207 to receive information keyed into the keyboard by
`FIG.2 is a block diagram illustrating additional de-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`such a user. Thus, the terminal unit 200 can be consid-
`tails of the security aspects of the portable memory
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ered relatively conventional as including the major
`device of FIG.1;
`
`
`
`
`
`
`
`
`
`
`
`
`FIG.3 is a block diagram illustrating additional de-
`elements familiar to those workingin this art. However,
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`tails of a comparatorcircuit useful in connection with
`the main terminal storage section 203, as will be de-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`scribed below, also includes a program module capable
`
`
`
`
`
`
`the embodiments of the present invention;
`
`
`
`
`
`
`of receiving enciphered external information from the
`FIG.4 is a diagram illustrating memory partitioning
`
`
`
`
`
`
`
`
`
`
`
`
`
`security memoryof the portable semiconductor device
`for the security memory ofthe system of FIG. 1;
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`100, deciphering such information and causing the CPU
`FIG.5 is a block diagramillustrating a second exem-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`201 to drive its address, data and control lines in such a
`plary portable memory device exemplifying the present
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`wayas to cause a security check to be completed in the
`invention;
`
`
`
`
`
`
`
`FIG.6 is a flowchart illustrating the operation of the
`portable semiconductorunit 100. Such program module
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`principally deciphers the enciphered external informa-
`secure memory system according to the present inven-
`
`
`
`
`
`
`
`
`
`
`
`
`tion, writes the deciphered identification information
`tion; and
`
`
`
`
`
`
`
`
`
`into a comparator in the portable semiconductor mem-
`FIG. 7 is a block diagram illustrating a memory card
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`exemplifying the priorart.
`ory, and uses address identification information derived
`
`
`
`
`While the invention will be described in connection
`
`
`
`
`
`
`
`
`from the deciphered information to address a security
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`memoryin the portable semiconductor memory unit for
`with certain preferred embodiments, there is no intent
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`reading out into the comparatorthe internal identifica-
`to limit it to those embodiments. On the contrary, the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`intent
`is to cover all alternatives, modifications and
`tion code for comparison with the deciphered external
`
`
`
`
`
`
`
`
`identification code.
`
`
`equivalents included within the spirit and scope of the
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`Directing attention then to the structure of the porta-
`invention as defined by the appended claims.
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`ble semiconductor device 100, it is seen, like the prior
`DETAILED DESCRIPTION OF THE
`
`
`
`
`
`
`
`
`
`
`
`
`art semiconductor device, to include a main memory 4
`PREFERRED EMBODIMENTS
`
`
`
`
`
`
`
`
`
`
`
`having an internal power bus 9 supplied with stand-by
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`power fromabattery 6 via current limiting resistor 7
`Turning now to the drawings, FIG. 1 showsa porta-
`45
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`and charge protection diode 8. The internal power bus
`ble memory card 100 exemplifying the present inven-
`tion and interfaced to an external terminal 200. The
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`9 is connected via power supply changeovercircuit 2 to
`electrical connection between the devices is schemati-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`an external power bus 111. As with the prior portable
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`memory device, when the power bus 111 is supplied
`cally illustrated by connector 150. In practice, the exter-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`with powerat a voltage higher than that of the internal
`nal terminal will preferably include a slot or other close
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`fitting receptacle into which the memorydevice 100 is
`battery 6, the changeover circuit 2 senses that condi-
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`tion, couples the external power source to the internal
`inserted and which will cause mating of electrical
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`contacts between the portable card 100 and the external
`bus 9 and couples a high enabling signal to enabling line
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`termina! 200, such mating being illustrated by the afore-
`13 which is coupled in turn to input G1 of the memory
`selection circuit 5a. -
`
`
`
`mentioned connector 150. Asillustrated in FIG. 1, the
`
`
`
`
`
`
`
`
`
`connections include those made to an interface bus 140
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`The main memory4 is shown to havean interface bus
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`as well as a power bus 111. It is seen that the external
`140, whichis illustrated as a single bus in FIG.1, but
`
`
`
`
`
`
`
`
`
`which includes data lines, address lines and control lines
`
`
`
`
`
`
`
`
`
`terminal includes a similar power bus 211 and interface
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`
`bus 240 coupled to the connector 150, such that the
`as will be described