| US 7,577,852 B2 | ||
| Microprocessor, a node terminal, a computer system and a program execution proving method | ||
| Atsuya Okazaki, Ikoma (Japan); Masaki Nakanishi, Nara (Japan); Shigeru Yamashita, Kyoto (Japan); and Katsumasa Watanabe, Kyoto (Japan) | ||
| Assigned to National University Corporation Nara Institute of Science and Technology, Nara (Japan) | ||
| Filed on Jul. 13, 2005, as Appl. No. 11/182,049. | ||
| Claims priority of application No. 2005-013190 (JP), filed on Jan. 20, 2005. | ||
| Prior Publication US 2006/0161773 A1, Jul. 20, 2006 | ||
| Int. Cl. G06F 11/30 (2006.01); G06F 12/14 (2006.01) | ||
| U.S. Cl. 713—189 [713/164; 713/187] | 17 Claims |
| 1. A microprocessor provided in a node terminal network-connectable with at least one server terminal and, after executing
a program received from the server terminal, capable of sending result information containing at least an execution result
of the program to the terminal, and having a tamper resistance so that no direct access can be made thereto from the outside,
comprising:
first storage means for saving a program transmitted from the server terminal,
processing means for executing the program saved in the first storage means,
first unidirectional function operating means for operating the program executed by the processing means using a specified
first unidirectional function when the execution of the program is completed,
secret key storage means for saving a secret key peculiar to the node terminal and used in a public key cryptosystem,
signature executing means for digitally signing the program operated using the first unidirectional function and an execution
result of the program obtained from the processing means, using the secret key saved in the secret key storage means, and
transmitting means for transmitting the program and the execution result of the program digitally signed by the digital signature
executing means as the result information,
wherein the microprocessor is connectable with second storage means provided in the node terminal and capable of transferring
data to and from at least a guarantee area which is a predesignated address range of the second storage means, and further
comprises:
third storage means capable of transferring data to and from the guarantee area of the second storage means,
key generating means for generating a key used upon an operation using a specified second unidirectional function,
function value calculating means for receiving data sent from the third storage means and calculating a function value as
an operation result of the data by the second unidirectional function using the key generated by the key generating means,
data string generating means for compiling the data sent from the third storage means and the function value of the data calculated
by the function value calculating means into one and generating a data string encrypted using a common key cryptosystem,
writing means for writing the data string generated by the data string generating means at a designated address of the guarantee
area,
reading means for reading the data string from the designated address of the guarantee area,
decrypting means for decrypting the data string read by the reading means using the common key cryptosystem, and
verifying means for comparing the function value contained in the data string read by the reading means and decrypted by the
decrypting means and the function value, calculated by the function value calculating means, of the data contained in the
data string read by the reading means, and judging that the read data string is not falsified if the two function values are
in agreement.
|