Hardware Cryptographic Coprocessor

Slides:



Advertisements
Similar presentations
Public Key Infrastructure and Applications
Advertisements

SafeNet Luna XML Hardware Security Module
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
1 GP Confidential © GlobalPlatform’s Value Proposition for Mobile Point of Sale (mPOS)
Digital Signatures and Hash Functions. Digital Signatures.
Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,
Iron Key and Portable Drive Security Zakary Littlefield.
SEC316: BitLocker™ Drive Encryption
Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE USC CSci599 Trusted Computing Lecture Three.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Certificate and Key Storage Tokens and Software
Week #7 Objectives: Secure Windows 7 Desktop
E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.
ECE509 Cyber Security : Concept, Theory, and Practice Cryptography Spring 2014.
1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.
SEC835 Practical aspects of security implementation Part 1.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
LOGO Hardware side of Cryptography Anestis Bechtsoudis Patra 2010.
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
What is BitLocker and How Does It Work? Steve Lamb IT Pro Evangelist, Microsoft Ltd
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
Trusted Component Deployment Trusted Components Bernd Schoeller January 30 th, 2006.
Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.
Securing Network Servers
Web Applications Security Cryptography 1
Hardware-rooted Trust for Secure Key Management & Transient Trust
Security Outline Encryption Algorithms Authentication Protocols
Hash Functions Which of these problems is easier to solve:
Cryptography and Network Security
NETWORK SECURITY Cryptography By: Abdulmalik Kohaji.
Secure Sockets Layer (SSL)
ABYSS : An Architecture for Software Protection
Public Key Encryption Systems
Introduction Used for communication to verify
Product Manager, Keon PKI
pVault Sharing Architecture
Basic Network Encryption
Tutorial on Creating Certificates SSH Kerberos
IS3230 Access Security Unit 9 PKI and Encryption
Digital Signatures Last Updated: Oct 14, 2017.
Cryptography and Network Security
2. Authentication & Message Authentication
Survey of Crypto CoProcessor Design
Chapt. 10 – Key Management Dr. Wayne Summers
Asymmetric Cryptography
SSH: SECURE LOGIN CONNECTIONS OVER THE INTERNET
Security in Network Communications
Cryptography and Network Security
Introduction to Symmetric-key and Public-key Cryptography
User-mode Secret Protection (SP) architecture
Student: Ying Hong Course: Database Security Instructor: Dr. Yang
RKL Remote key loading.
Installation & User Guide
Best Digital Signature Service in Noida. Electronic Record 1.Very easy to make copies 2.Very fast distribution 3.Easy archiving and retrieval 4.Copies.
Outline Using cryptography in networks IPSec SSL and TLS.
Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware Kriti shreshtha.
DISSERTATION ON CRYPTOGRAPHY.
Aimee Coughlin, Greg Cusack, Jack Wampler, Eric Keller, Eric Wustrow
e-Security Solutions Penki Kontinentai Vladas Lapinskas
Web Information Systems Engineering (WISE)
Basic Network Encryption
Advanced Computer Networks
Security in SDR & cognitive radio
Public Key Encryption Systems
Cryptography and Network Security
10/7/2019 Created by Omeed Mustafa 1 st Semester M.Sc (Computer Science department) Cyber-Security.
Presentation transcript:

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software

The Problem Need for secure computing in an environment where computing is distributed, insecure, and even hostile More and more, we use computers that belong to others, but we need to know our data is safe.

The Goal Create a trusted computing device that can be added to an untrusted computing system to make it secure. Isolate your secure processing from the rest of your system.

Example 1 - Database Create a central database system that allows only authorized users to access to only their data on the system. Exclude even the system administrator from viewing any data in the database.

Example 2 – Trusted Boot You have an untrusted computing system, but you want to ensure that it boots the correct machine code. Want to make sure that the boot code has not been altered or tampered with

Example 3 – Protected Data At Rest (My Favorite!) You have sensitive data that you can access in a controlled, protected environment but must be protected when not being accessed Protection of data needed between use of it i.e. during transportation

A Secure Coprocessor A general-purpose computing environment Withstands physical attacks and logical attacks Must run the programs that it is supposed to, and must distinguish between the real device and application and a clever impersonator Must remain secure even if adversaries carry out destructive analysis of one or more devices Started in the early 1990’s

Evaluation Parameters Physical Protection (tamper resistant) Reliability (physical or electrical damage) Computational Ability (Speed bps) Communications Portability Cost

Applications Generalized Access Generalized Revelation Autonomous Auditing Trusted Execution

Classes of Solutions IC Chip Cards (Smart Cards, Your GSM Phone has one) PCMCIA Tokens (Fortezza) Other Card Tokens (Secure ID) Smart Disks (Obsolete) Bus Cards (IBM 4758) Your Body (the future is now)

FORTEZZA™ CRYPTOCARD

Fortezza Features Data Privacy User ID Authentication Data Integrity Non-Repudiation Time stamping

RSA SecurID Software tokens support qualified smart cards or USB authenticators Stores symmetric key and is PIN protected Stores digital credentials Only secures the login process

The IBM 4758 Tamper-responding hardware design certified under FIPS PUB 140-1. Suitable for high-security processing and cryptographic operations Hardware to perform DES, random number generation, and modular math functions for RSA and similar public-key cryptographic algorithms Secure code loading that enables updating of the functionality while installed in application systems IBM Common Cryptographic Architecture (CCA) and PKCS #11 as well as custom software options Provides a secure platform on which developers can build secure applications

The 4758 Architecture

SafeNet SafeXcel™ 241-PCI Card Provides industry-leading cryptography throughput for operations such as: DES and Triple-DES encryption MD5 and SHA-1 Hashing Random number generation Public key computations: - Diffie-Hellman key negotiation - RSA encryption and signatures - DSA signatures

SafeXcel™ 241-PCI Architecture

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.