IBM 4758 PCI Cryptographic
Coprocessor Device Driver for the Linuxtm
Operating System
Enabling Secure Solutions for
the Linux Platform
Overview
IBM is contributing to the open source community the Linux operating system device
driver for the IBM 4758 PCI Cryptographic Coprocessor (4758). With this release, we hope
to foster further discussion and interest in Linux-based applications which require
the highest levels of assurance and security.
The 4758 secure coprocessor is a state-of-the-art, tamper-sensing and responding,
programmable PCI card. Its specialized cryptographic electronics, along with a
microprocessor, memory, and random number generator are housed within a tamper-responding
environment to provide a highly secure subsystem in which data processing and cryptography
can be performed.
Background of the 4758
The 4758 secure coprocessor was the first device ever to earn the highest possible
certification for commercial security granted by the U.S. Department of Commerce's
National Institute of Standards (NIST)
and the Communications Security Establishment
(CSE) of the Government of Canada. The 4758 was validated at Federal Information
Processing Standard (FIPS) 140-1 Level 4 overall
(certificates #35 and #116).
See more information regarding FIPS 140-1, including with the Level 4 overall validation
of the IBM CMOS Cryptographic Coprocessor
(certificates #40 and #118),
at http://csrc.nist.gov/cryptval.
The 4758 coprocessor, along with its internal real-time operating system, secure
configuration and bootstrap software, and custom software development tools, was
developed at the IBM Thomas J Watson Research Center in the
Secure
Embedded Systems group. In addition to our research group, this project has been
supported by groups within IBM's
Internet Division, Software Group, and Enterprise Systems Group, along with various professional
services provided by IBM Global Services. While the 4758 has now evolved into a mature
product offered by IBM's Enterprise Systems Group, and is now at the heart of many IBM and third party
security solutions, it was based on over fifteen years of research in the secure systems
area of the IBM Thomas J Watson Research Center. The various groups and personnel
involved in this effort are continuously researching the uses and applications of
these devices and how they can be used to achieve privacy, confidentiality, and secure
e-commerce solutions.
Get the Source
The Linux host device driver, including source code, documentation, and host library,
is available for download as part of the Linux version of the software development
toolkit found on IBM's alphaWorks
portal.
Input
We intend to actively encourage feedback on our contributions as well as input
regarding future activity in the secure systems area. Please feel free to contact
Ron Perez (ronpz@us.ibm.com) and/or Leendert van Doorn
(leendert@us.ibm.com), at IBM Research, for technical
and research issues. For product sales information, please contact John Lewis
(jlewis4@us.ibm.com)
Do You Want to Know More?
For information on secure coprocessors and IBM Research's security focused projects,
please visit the
world wide IBM Research security site.
For more information on the 4758 and related [product] software offerings from IBM,
please see the product Web site.
tm
- Linux is a trademark of Linus Torvalds
TM
- A Certification Mark of NIST, which does not imply product endorsement
by NIST, the U.S. or Canadian Governments |