Secure Cryptoprocessor

The purpose of a secure cryptoprocessor is to act as the keystone of a security sub-system, eliminating the need to protect the rest of the sub-system with physical security measures.

Smartcard s are probably the most widely deployed form of secure cryptoprocessor, although more complex and versatile secure cryptoprocessors are widely deployed in systems such as ATM s. Some secure cryptoprocessors can even run general-purpose operating systems such as Linux inside their security boundary.

The Trusted Platform Module is an implementation of a secure cryptoprocessor that brings the notion of Trusted Computing to ordinary PC s by enabling a Secure Environment . While envisioned by some as being a method to make it much harder to illegally copy Copyright ed software, present implementations tend to focus more on providing a tamper-proof boot environment.

Security measures used in secure cryptoprocessors:

tamper-detecting and Tamper-evident containment

automatic Zeroization of secrets in the event of tampering

internal battery backup

Chain Of Trust boot-loader which authenticates the operating system before loading it

chain of trust operating system which authenticates application software before loading it

hardware-based Capability registers, implementing a one-way Privilege Separation model

Secure cryptoprocessors, while useful, are not invulnerable.

The most famous secure cryptoprocessor is the IBM 4758 . A team at the University of Cambridge reported the successful extraction of secret information from an IBM 4758, using a combination of guile, trickery, mathematics, and special-purpose Codebreaking hardware.

Whilst the vulnerability they exploited was a flaw in the software loaded on the 4758, and not the architecture of the 4758 itself, their attack serves as a reminder that a security system is only as secure as its weakest link: the strong link of the 4758 hardware was rendered useless by flaws in the design and specification of the software loaded on it.

The software flaws reported by the Cambridge team have now been fixed, making the system more secure: a good example of the advantages of Full Disclosure .

Smartcards are significantly more vulnerable, as they are more open to physical attack.

SEE ALSO

Computer Insecurity

Secure Computing

Security Engineering

REFERENCES

Ross Anderson , Mike Bond, Jolyon Clulow and Sergei Skorobogatov, Cryptographic Processors — A Survey, April 2005 (PDF) .

EXTERNAL LINKS

IBMs homepage for its cryptoprocessors

Extracting a 3DES key from an IBM 4758

	APPAREL
	BABY
	BEAUTY
	BOOKS
	CAR TOYS
	CELL PHONES
	DVD'S
	ELECTRONICS
	GOURMET FOOD
	GROCERIES
	HEALTH & PERSONAL
	HOME & GARDEN
	JEWELRY
	MUSIC
	MUSIC INSTRUMENTS
	OFFICE PRODUCTS
	SOFTWARE
	SPORTING GOODS
	TOOLS & HARDWARE
	TOYS
	VIDEO GAMES
	SHOPPING HOME

	MORE SHOPPING...

	CATEGORIES ABOUT SECURE CRYPTOPROCESSOR

	cryptography

	cryptographic hardware

Information About

Secure Cryptoprocessor