Search

CN-121997391-A - Semiconductor device and control method of semiconductor device

CN121997391ACN 121997391 ACN121997391 ACN 121997391ACN-121997391-A

Abstract

The present disclosure relates to a semiconductor device and a control method of the semiconductor device. A method for controlling a semiconductor device capable of ensuring robust security is provided. The method is implemented by a semiconductor device including an encryption key protection circuit, a processor, and a memory. The method includes instructing, by a processor, an encryption key protection circuit to generate an encryption key pair, generating, by the encryption key protection circuit, an encryption key pair internally based on the instruction, encrypting, by the encryption key protection circuit, the encryption key pair generated by the encryption key protection circuit using a public key pair, storing, by the processor, the encrypted encryption key pair output from the encryption key protection circuit into a memory, receiving, by the encryption key protection circuit, the encrypted encryption key pair stored in the memory when the encryption key pair is utilized, and decrypting, by the encryption key protection circuit, the encrypted encryption key pair received from the memory using the public key pair.

Inventors

  • SHI YUNYU
  • Haritani Kosuke
  • Ikki Mochizuki
  • Kita Yasuhira

Assignees

  • 瑞萨电子株式会社

Dates

Publication Date
20260508
Application Date
20251020
Priority Date
20241101

Claims (16)

  1. 1. A method implemented by a semiconductor device comprising an encryption key protection circuit, a processor, and a memory, the method comprising: instructing, by the processor, an encryption key protection circuit to generate an encryption key pair; Generating the encryption key pair internally by the encryption key protection circuit in accordance with the indication; Encrypting, by the encryption key protection circuit, the generated encryption key pair using a public key pair; storing, by the processor, the encrypted pair of encryption keys output from the encryption key protection circuit in the memory; Receiving, by the encryption key protection circuit, the encrypted encryption key pair stored in the memory while using the encryption key pair, and The encrypted encryption key pair received from the memory is decrypted by the encryption key protection circuit using a public key.
  2. 2. The method of claim 1, wherein the instructing comprises instructing, by the processor, the encryption key protection circuit to generate the encryption key upon initial power-up of the semiconductor device by the processor.
  3. 3. The method of claim 1, further comprising receiving, by the encryption key protection circuit, the indication from the processor, Wherein the receiving includes accepting an indication from the processor that access has been pre-authorized and does not include accepting an indication from the processor that access has not been pre-authorized.
  4. 4. The method of claim 2, wherein the instructing comprises reading, by the processor, program code stored in the memory at an initial power-on of the semiconductor device and instructing the encryption key protection circuit to generate the encryption key.
  5. 5. The method of claim 1, wherein the public key is stored within the encryption key protection circuit in a state that is not accessible from outside the semiconductor device.
  6. 6. A semiconductor device, comprising: An encryption key protection circuit; A processor for instructing the encryption key protection circuit to generate an encryption key pair, and The memory device is used for storing the data, Wherein the encryption key protection circuit includes: An encryption key generation unit that generates the encryption key pair internally in accordance with an instruction from the processor; an encryption unit encrypting the generated encryption key pair using a public key and outputting the encrypted encryption key pair for storage in a memory, and And a decryption unit that decrypts the encrypted encryption key pair stored in the memory using the public key when the encryption key pair is used.
  7. 7. The semiconductor device of claim 6, wherein the processor instructs the encryption key protection circuit to generate the encryption key upon initial power-on of the semiconductor device.
  8. 8. The semiconductor device according to claim 6, wherein the encryption key protection circuit accepts an instruction from the processor that has been pre-authorized for access, and does not accept an instruction from the processor that has not been pre-authorized for access.
  9. 9. The semiconductor device according to claim 6, wherein the processor reads a program code stored in the memory at an initial power-on of the semiconductor device, and instructs the encryption key protection circuit to generate the encryption key.
  10. 10. The semiconductor device according to claim 6, wherein the common key is stored in the encryption key protection circuit in a state that is not accessible from outside the semiconductor device.
  11. 11. A method implemented by a semiconductor device comprising a protection circuit having a guaranteed proper security strength, a processor, and a memory, the method comprising: instructing, by the processor, the protection circuit to generate an encryption key pair; generating the encryption key pair internally by the protection circuit in accordance with the indication; encrypting, by the protection circuit, the generated encryption key pair using a public key; Outputting, by the processor, the encrypted pair of encryption keys from the protection circuit for storage in the memory; receiving, by the protection circuit, the encrypted encryption key pair stored in the memory while using the encryption key pair, and The encrypted encryption key pair received from the memory is decrypted by the protection circuit using a public key.
  12. 12. The method of claim 11, wherein the instructing comprises instructing, by the processor, the protection circuit to generate the encryption key upon initial power-on of the semiconductor device by the processor.
  13. 13. The method of claim 1, further comprising receiving, by the protection circuit, the indication from the processor, Wherein the receiving includes accepting an indication from the processor that access has been pre-authorized and does not include accepting an indication from the processor that access has not been pre-authorized.
  14. 14. The method of claim 12, wherein the instructing comprises accessing, by the processor, program code stored in the memory at an initial power-on of the semiconductor device and instructing the protection circuit to generate the encryption key.
  15. 15. The method of claim 11, wherein the public key is stored within the protection circuit in a state that is not accessible from outside the semiconductor device.
  16. 16. A semiconductor device, comprising: a protection circuit having a proper security strength ensured; A processor for instructing the protection circuit to generate an encryption key pair, and The memory device is used for storing the data, Wherein the protection circuit includes: An encryption key generation unit that generates the encryption key pair internally in accordance with the instruction from the processor; An encryption unit encrypting the generated encryption key pair using a public key and outputting the encrypted encryption key pair for storage in the memory, and And a decryption unit that decrypts the encrypted encryption key pair stored in the memory using the public key when the encryption key pair is used.

Description

Semiconductor device and control method of semiconductor device Cross Reference to Related Applications The disclosure of Japanese patent application No.2024-192785, filed on 1 at 11 at 2024, including the specification, drawings and abstract, is incorporated herein by reference in its entirety. Technical Field The present disclosure relates to a semiconductor device, and more particularly, to a semiconductor device having a key protection circuit and a control method thereof. Background [ Patent document 1] Japanese unexamined patent application publication No. 2021-184584 Conventionally, a semiconductor device has been proposed that holds both a device-specific key and a public key, and employs a cryptographic key protection circuit capable of performing encryption and decryption using the device-specific key and performing decryption using the public key. The cryptographic key protection circuit performs an activation process in which data encrypted with a public key is decrypted using the public key, then encrypted using a device-specific key, and written to a nonvolatile memory. After the activation process, the encrypted data is read from the non-volatile memory and the cryptographic key protection circuit decrypts it using the device-specific key to provide it to the processor. Disclosure of Invention On the other hand, the conventional method has an aspect that can be further improved in terms of security with respect to generation of the device-specific key. The present disclosure has been made to solve the above-described problems, and provides a semiconductor device capable of ensuring robust safety and a control method for the semiconductor device. Other objects and novel features will become apparent from the description and drawings of this specification. The method of the present disclosure is implemented by a semiconductor device that includes a cryptographic key protection circuit, a processor, and a memory. The method includes instructing, by a processor, an encryption key protection circuit to generate an encryption key pair, generating, by the encryption key protection circuit, the encryption key pair internally based on the instruction, encrypting, by the encryption key protection circuit, the encryption key pair generated by the encryption key protection circuit using a public key pair, storing, by the processor, the encrypted encryption key pair output from the encryption key protection circuit in a memory, receiving, by the encryption key protection circuit, the encrypted encryption key pair stored in the memory when the encryption key pair is used, and decrypting, by the encryption key protection circuit, the encrypted encryption key pair received from the memory using the public key pair. The semiconductor device of the present disclosure includes a cryptographic key protection circuit, a processor that instructs the cryptographic key protection circuit to generate a cryptographic key pair, and a memory. The encryption key protection circuit includes an encryption key generation unit that generates an encryption key pair internally in accordance with an instruction from a processor, an encryption unit that encrypts the generated encryption key pair using a public key pair and outputs the encrypted encryption key pair for storage in a memory, and a decryption unit that decrypts the encrypted encryption key pair stored in the memory using the public key when the encryption key pair is utilized. The method of the present disclosure is implemented by a semiconductor device that includes a protection circuit, a processor, and a memory with a guaranteed proper security strength. The method includes instructing, by a processor, a protection circuit to generate an encryption key pair, generating, by the protection circuit, the encryption key pair internally based on the instruction, encrypting, by the protection circuit, the encryption key pair generated using the public key pair, outputting, by the processor, the encrypted encryption key pair from the protection circuit for storage in a memory, receiving, by the protection circuit, the encrypted encryption key pair stored in the memory when the encryption key pair is utilized, and decrypting, by the protection circuit, the encrypted encryption key pair received from the memory using the public key pair. The other half of the present disclosure includes a protection circuit with a proper security strength to guarantee, a processor that instructs the protection circuit to generate an encryption key pair, and a memory. The protection circuit includes an encryption key generation unit that generates an encryption key pair internally in accordance with an instruction from the processor, an encryption unit that encrypts the generated encryption key pair using a public key pair and outputs the encrypted encryption key pair for storage in the memory, and a decryption unit that decrypts the encrypted encryption key pair stored in the memory using