1. Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software

2. The Problem Need for secure computing in an environment where computing is distributed, insecure, and even hostile More and more, we use computers that belong to others, but we need to know our data is safe.

3. The Goal Create a trusted computing device that can be added to an untrusted computing system to make it secure. Isolate your secure processing from the rest of your system.

4. Example 1 - Database Create a central database system that allows only authorized users to access to only their data on the system. Exclude even the system administrator from viewing any data in the database.

5. Example 2 – Trusted Boot You have an untrusted computing system, but you want to ensure that it boots the correct machine code. Want to make sure that the boot code has not been altered or tampered with

6. Example 3 – Protected Data At Rest (My Favorite!) You have sensitive data that you can access in a controlled, protected environment but must be protected when not being accessed Protection of data needed between use of it i.e. during transportation

7. A Secure Coprocessor A general-purpose computing environment Withstands physical attacks and logical attacks Must run the programs that it is supposed to, and must distinguish between the real device and application and a clever impersonator Must remain secure even if adversaries carry out destructive analysis of one or more devices Started in the early 1990’s

8. Evaluation Parameters Physical Protection (tamper resistant) Reliability (physical or electrical damage) Computational Ability (Speed bps) Communications Portability Cost

9. Applications Generalized Access Generalized Revelation Autonomous Auditing Trusted Execution

10. Classes of Solutions IC Chip Cards (Smart Cards, Your GSM Phone has one) PCMCIA Tokens (Fortezza) Other Card Tokens (Secure ID) Smart Disks (Obsolete) Bus Cards (IBM 4758) Your Body (the future is now)

11. FORTEZZA™ CRYPTOCARD

12. Fortezza Features Data Privacy User ID Authentication Data Integrity Non-Repudiation Time stamping

13. RSA SecurID Software tokens support qualified smart cards or USB authenticators Stores symmetric key and is PIN protected Stores digital credentials Only secures the login process

14. The IBM 4758 Tamper-responding hardware design certified under FIPS PUB 140-1. Suitable for high-security processing and cryptographic operations Hardware to perform DES, random number generation, and modular math functions for RSA and similar public- key cryptographic algorithms Secure code loading that enables updating of the functionality while installed in application systems IBM Common Cryptographic Architecture (CCA) and PKCS #11 as well as custom software options Provides a secure platform on which developers can build secure applications

15. The 4758 Architecture

16. SafeNet SafeXcel™ 241-PCI Card Provides industry-leading cryptography throughput for operations such as: –DES and Triple-DES encryption –MD5 and SHA-1 Hashing –Random number generation –Public key computations: - Diffie-Hellman key negotiation - RSA encryption and signatures - DSA signatures

17. SafeXcel™ 241-PCI Architecture