Title :
Building the IBM 4758 secure coprocessor
Author :
Lindemann, M. ; Perez, Roxana ; Sailer, Rudolf ; van Doorn, L. ; Smith, Sean W.
fDate :
10/1/2001 12:00:00 AM
Abstract :
Meeting the challenge of building a user-configurable secure coprocessor provided several lessons in hardware and software development and continues to spur further research. In developing the 4758, we met our major research security goals and provided the following features: (1) a lifetime-secure tamper-responding device, rather than one that is secure only between resets that deployment-specific security officers perform; (2) a secure booting process in which each layer progressively validates the next less-trusted layer, with hardware restricting access to its secrets before passing control to that layer; (3) an actual manufacturable product - a nontrivial accomplishment considering that we designed the device so that it does not have a personality until configured in the field; (4) the first FIPS 140-1 Level 4 validation, arguably the only general-purpose computational platform validated at this level so far; and (5) a multipurpose programmable device based on a 99-MHz 486 CPU internal environment, with a real operating system, a C language development environment and relatively high-speed cryptography
Keywords :
IBM computers; coprocessors; firmware; security of data; 486 CPU internal environment; 99 MHz; C language development environment; FIPS 140-1 Level 4 validation; IBM 4758 coprocessor; general-purpose computational platform; hardware development; high-speed cryptography; lifetime-secure tamper-responding device; manufacturable product; multipurpose programmable device; operating system; restricted access; secure booting process; software development; user-configurable secure coprocessor; Computer aided manufacturing; Control systems; Coprocessors; Cryptography; Hardware; High performance computing; Manufacturing processes; Operating systems; Programming; Security;
