Hardware Cryptographic Coprocessor

Peter R. Wihl

Security in Software

The Problem

• Need for secure computing in an environment where computing is distributed, insecure, and even hostile

• More and more, we use computers that belong to others, but we need to know our data is safe.

The Goal

• Create a trusted computing device that can be added to an untrusted computing system to make it secure.

• Isolate your secure processing from the rest of your system.

Example 1 - Database

• Create a central database system that allows only authorized users to access to only their data on the system.

• Exclude even the system administrator from viewing any data in the database.

Example 2 – Trusted Boot

• You have an untrusted computing system, but you want to ensure that it boots the correct machine code.

• Want to make sure that the boot code has not been altered or tampered with

Example 3 – Protected Data At Rest(My Favorite!)

• You have sensitive data that you can access in a controlled, protected environment but must be protected when not being accessed

• Protection of data needed between use of it i.e. during transportation

A Secure Coprocessor

• A general-purpose computing environment • Withstands physical attacks and logical attacks• Must run the programs that it is supposed to,

and must distinguish between the real device and application and a clever impersonator

• Must remain secure even if adversaries carry out destructive analysis of one or more devices

• Started in the early 1990’s

Evaluation Parameters

• Physical Protection (tamper resistant)

• Reliability (physical or electrical damage)

• Computational Ability (Speed bps)

• Communications

• Portability

• Cost

Applications

• Generalized Access

• Generalized Revelation

• Autonomous Auditing

• Trusted Execution

Classes of Solutions

• IC Chip Cards (Smart Cards, Your GSM Phone has one)

• PCMCIA Tokens (Fortezza)

• Other Card Tokens (Secure ID)

• Smart Disks (Obsolete)

• Bus Cards (IBM 4758)

• Your Body (the future is now)

FORTEZZA™ CRYPTOCARD

Fortezza Features

• Data Privacy

• User ID Authentication

• Data Integrity

• Non-Repudiation

• Time stamping

RSA SecurID

• Software tokens support qualified smart cards or USB authenticators

• Stores symmetric key and is PIN protected

• Stores digital credentials

• Only secures the login process

The IBM 4758

• Tamper-responding hardware design certified under FIPS PUB 140-1. Suitable for high-security processing and cryptographic operations

• Hardware to perform DES, random number generation, and modular math functions for RSA and similar public-key cryptographic algorithms

• Secure code loading that enables updating of the functionality while installed in application systems

• IBM Common Cryptographic Architecture (CCA) and PKCS #11 as well as custom software options

• Provides a secure platform on which developers can build secure applications

The 4758 Architecture

SafeNet SafeXcel™ 241-PCI Card

• Provides industry-leading cryptography throughput for operations such as:– DES and Triple-DES encryption– MD5 and SHA-1 Hashing– Random number generation– Public key computations:

- Diffie-Hellman key negotiation- RSA encryption and signatures- DSA signatures

SafeXcel™ 241-PCI Architecture