
	Where results make sense

Topic: IBM 4758

Related Topics

SCO v IBM

IBM mainframes

SCO v IBM Linux lawsuit

IBM POWER

Early IBM disk storage

Partition IBM PC

IBM 7090

List of IBM products

IBM 704

IBM compatibles

IBM 650

In the News (Fri 25 Dec 09)

Northern Trust

Marvin Harrison

Peter Chernin

Gary Locke

Match Play

Penelope Cruz

Mickey Rourke

AR Rahman

Danny Boyle

Hugh Jackman

	CryptoCards (Site not responding. Last check: 2007-10-18)
		The IBM e-business PCI Cryptographic Accelerator board offloads your server from compute-intensive public-key cryptographic operations employed in the protocol.
		The IBM 4758 PCI Cryptographic Coprocessor is a high security, programmable PCI board.
		IBM 4758: Updated Segment 3 firmware to CCA version 2.42 to address a potential undetected loss of data problem which has an extremely low probability of occurrence.
	www-03.ibm.com /security/cryptocards (314 words)

	IBM Research \| Technical Disciplines \| Computer Science
		Also, IBM researcher David Safford wrote an article describing appropriate uses of the TPM to show that it can be an open platform basis.
		IBM researcher Leendert van Doorn's group found that if the operating system maintains a load sequence, the TPM can be used to maintain an aggregate value that can be used to verify the software components loaded and the order in which they are loaded.
		IBM Research has been in the forefront of trusted computing and through the skills in its labs will continue to explore the hardware, systems, application, and theoretical approaches to improve system security.
	www.research.ibm.com /compsci/project_spotlight/security/index.html (1486 words)

	alphaWorks : 4758 Coprocessor Toolkit : FAQs
		4758 Toolkit is a collection of utility programs designed to run on Windows NT 3.51 and 4.0 to facilitate the development and test of segment-3 applications for the IBM 4758 cryptographic adapter.
		IBM does not make any guarantees as to accuracy/drift because this is tightly tied to the operating temperatures.
		If the 4758 Coprocessor is installed in a box that does not run Windows NT or OS/2, it is necessary to run the debugger on a separate computer (that does run either NT or OS/2) using the serial connection to the 4758 Coprocessor.
	www.alphaworks.ibm.com /aw.nsf/FAQs/4758toolkit (2296 words)

	Enabling Cryptographic Devices: IBM HTTP Server
		IBM 4758 Model 023 with PKCS#11 Interface - This device performs key storage with acceleration, but it is not a pure accelerator.
		The IBM 4758 is not a pure accelerator because it performs key storage with acceleration.
		The IBM 4758 and nCipher nForce Accelerator with PKCS#11 support ensures that keys are completely inaccessible to the outside world and are never revealed in an unencrypted form because the key is stored on the hardware, providing enhanced key protection and authentication.
	wps2a.semi.org /manual/ibm/9aecdssl.htm (1666 words)

	Enabling Cryptographic Devices: IBM HTTP Server
		IBM 4758 Model 023 with PKCS#11 Interface - This device performs key storage with acceleration, but it is not a pure accelerator.
		The IBM 4758 is not a pure accelerator because it performs key storage with acceleration.
		The IBM 4758 and nCipher nForce Accelerator with PKCS#11 support ensures that keys are completely inaccessible to the outside world and are never revealed in an unencrypted form because the key is stored on the hardware, providing enhanced key protection and authentication.
	www-306.ibm.com /software/webservers/httpservers/doc/v1319/9aecdssl.htm (1666 words)

	Security: Standards (Site not responding. Last check: 2007-10-18)
		IBM Tivoli Identity Manager V4.5.1 is in-evaluation under the Common Criteria with a conformance claim of EAL3.
		IBM DB2 Content Manager for Multiplatforms V8.1 is in-evaluation under the Common Criteria with a conformance claim of EAL3 augmented with ALC_FLR.1.
		IBM LPAR for POWER4 for the IBM pSeries — Firmware Releases: 3R031021 (p630), 3K031021 (p650) and 3H031021 (p690) is evaluated under the Common Criteria with an Evaluated Assurance Level 4, augmented by ALC_FLR.1 (Basic Flaw Remediation) on 26 January 2004.
	www-3.ibm.com /security/standards/st_evaluations.shtml (1246 words)

	CryptoCards (Site not responding. Last check: 2007-10-18)
		The IBM e-business PCI Cryptographic Accelerator board offloads your server from compute-intensive public-key cryptographic operations employed in the protocol.
		The IBM 4758 PCI Cryptographic Coprocessor is a high security, programmable PCI board.
		IBM 4758: Updated Segment 3 firmware to CCA version 2.42 to address a potential undetected loss of data problem which has an extremely low probability of occurrence.
	www-3.ibm.com /security/cryptocards (304 words)

	IBM Research \| Press Resources \| IBM Research Demonstrates Linux Running on Secure Cryptographic Coprocessor
		IBM Research has demonstrated Linux running on the IBM 4758 secure cryptographic coprocessor, a hardware security module.
		IBM Research developed the 4758 coprocessor hardware, along with its internal operating system, secure configuration and bootstrap software, and custom software development tools that can run on multiple platforms, including all IBM servers and non-IBM servers, about five years ago.
		The 4758 secure coprocessor was the first device ever to earn the highest possible certification for commercial security granted by the U.S. Department of Commerce's National Institute of Standards (NIST) and the Communications Security Establishment (CSE) of the Government of Canada.
	domino.research.ibm.com /comm/pr.nsf/pages/news.20010828_mycroft.html (383 words)

	Cryptographic Appliances Teams with IBM Research to Develop Secured Linux Port (Site not responding. Last check: 2007-10-18)
		Cryptographic Appliances first demonstrated Linux running on the IBM 4758 secure cryptographic coprocessor in April at the RSA Conference 2001.
		The 4758, a FIPS 140 level 4 device, utilizes a host side driver developed with Cryptographic Appliances.
		Cryptographic Appliances shared a common vision with IBM research in the belief that Linux is a useful operating system for secure coprocessor applications.
	www.cryptoapps.com /press08282001.html (362 words)

	TLAnews ATM/Credit Card SystemCracked by students
		Besides being the first documented attack on the IBM 4758 to be run "in anger", we believe that this is only the second DES cracking machine in the open community that has actually been built and then used to find an unknown key!
		Until IBM fix the CCA software to prevent our attack, banks are vulnerable to a dishonest branch manager whose teenager has $995 and a few hours to spend in duplicating our work.
		I heard that the IBM 4758 is FIPS Level 4 validated.
	www.tla.ch /TLA/NEWS/2001sec/20011112CreditCardCracked.htm (1019 words)

	RPOW - IBM 4758 Security Model
		The IBM 4758 secure cryptographic coprocessor provides an extraordinary degree of security against physical attack, having been validated to FIPS-140 level 4.
		The 4758 uses a concept of segment ownership for segments 2 and 3, which are the OS and application.
		Fortunately, the IBM 4758 does define one class of data which is not preserved across a REMBURN reload.
	www.rpow.net /secmodel.html (1536 words)

	RPOW Security
		However, the 4758 does have one property which, as far as I have been able to determine, is unique at this time, and which enables the RPOW security model to work.
		Another necessary ingredient is a certificate, issued by IBM, which validates that the device public key is in fact a key whose private part resides in an authentic IBM 4758 device.
		Because the 4758 was designed in the early 1990s, it uses some cryptographic formats and algorithms which are different from the ones which went on to become standards.
	rpow.net /security.html (2879 words)

	IBM Research \| Projects \| PUT YOUR PROJECT TITLE HERE!
		Our specific target is the IBM 4758 secure coprocessor, a FIPS-140 level 4 tamper responsive device with hardware cryptographic support and physical tamper protection.
		By using Linux as the base operating system we are able to provide a well-known API and programming model (thus making it easier to develop applications that run within the secure environment), and leverage and contribute to the open source embedded systems community.
		We have ported Linux to the IBM 4758 secure coprocessor, the first general purpose OS running within a secure coprocessor.
	researchweb.watson.ibm.com /mycroft (604 words)

	System Management Guide: Operating System and Devices - PKCS #11 Overview
		Verifying the IBM 4758 Model 2 Cryptographic Coprocessor for use with the PKCS #11 subsystem
		For this reason, any IBM 4758 Model 2 Cryptographic Coprocessor which is not properly configured will not be accessible from the PKCS #11 interface and calls sent to the adapter will fail.
		If the IBM 4758 Model 2 Cryptographic Coprocessor does not show in the resulting list, check that the card is seated properly and that the supporting software is correctly installed.
	www.ncsa.uiuc.edu /UserInfo/Resources/Hardware/IBMp690/IBM/usr/share/man/info/en_US/a_doc_lib/aixbman/baseadmn/pkcs11.htm (369 words)

	Enabling Cryptographic Devices: IBM HTTP Server (Site not responding. Last check: 2007-10-18)
		The IBM 4758 and nCipher nForce Accelerator with PKCS#11 support ensures inaccessible keys to the outside world.
		Configure the IBM HTTP Server to pass the module for the PKCS11 device, the token label, the key label of the key created by the PKCS11 device, and the user PIN password of the token to the GSKit for access to the key for the PKCS11 device by modifying the configuration file.
		When using the IBM e-business Cryptographic Accelerator, or the IBM 4758, the user ID under which the Web server runs must be a member of the PKCS11 group.
	ilwwcm.sigmachi.org /manual/ibm/en_US/9aecdssl.htm (1556 words)

	Extracting a 3DES key from an IBM 4758
		The IBM 4758 hardware and firmware have been validated to FIPS 140-1 Level 4, the Operating System has been validated to Level 3, but the Common Cryptographic Architecture has not been validated at all.
		Once the attack has been run on the IBM 4758 and the results spirited away, no evidence will remain that it has been carried out.
		IBM's CCA team was informed almost a year ago about this type of attack, but the latest release of their CCA Manual (Sep 2001) gives no indication that any relevant flaws have been fixed.
	www.cl.cam.ac.uk /~rnc1/descrack/faq.html (1250 words)

	Time stamps creating strong legal evidence
		The IBM 4758 Coprocessor is certified at levels 3 and 4 of the rigorous National Institute of Standards and Technology (NIST) using the Security Requirements for Cryptographic Modules
		The 4758 has its own internal clock, which cannot be adjusted more than 120 seconds in any twenty-four hour period—and every adjustment is logged by the co-processor.
		The IBM 4758 Cryptographic Card is configured and initialized to a specific set of limited functions.
	www.e-timestamp.com /evidence.htm (1105 words)

	Integrity Background
		In practice, this assumption is practical because the program and its configuration are installed in a trusted manner, it is isolated from using files that can be modified by other programs, and it is assumed to be capable of handling low integrity requests from the external system.
		To make this guarantee plausible, the IBM 4758 environment is restricted to a single program with a well-defined input state and the integrity is enforced with secure boot.
		Second, the specialized hardware environment of the IBM 4758 enables secure boot and memory lockdown, but such features are either not available or not practical for current PC systems.
	www.usenix.org /event/sec04/tech/full_papers/sailer/sailer_html/node3.html (685 words)

	Hacker: Don't bank on IBM security system - TechUpdate - ZDNet (Site not responding. Last check: 2007-10-18)
		The IBM 4758 computer received the U.S. government's highest tamper-resistance rating in 1998.
		The students said they did not want to threaten IBM, but hoped the company would acknowledge their work and listen to their suggestions for a solution.
		IBM said normal bank practices would prevent any possibility of launching such an attack.
	techupdate.zdnet.com /techupdate/stories/main/0,14179,2823840,00.html (333 words)

	Enterprise Systems \| Inside IBM
		IBM is providing a supercomputer that uses the Linux operating system, allowing researchers and developers access to computational power they previously could not afford.
		IBM announced a $400 million initiative with new products, services, global and regional testing facilities, and a significant expansion of its sales force to provide SAN solutions based on open industry standards.
		IBM and Qwest Communications International have created a multi-year initiative to deliver next generation e-business services and applications through the creation and deployment of new Qwest CyberCenters, the company’s Internet data centers.
	www.esj.com /article.aspx?ID=52600121759PM (1018 words)

	Enterprise Systems \| December Inside IBM
		IBM announced third quarter 1999 diluted earnings per common share of 93 cents, compared with diluted earnings per common share of 78 cents in the third quarter of 1998.
		IBM’s third quarter 1999 results include an after-tax benefit of $63 million, or 3 cents per diluted common share, resulting from several actions that occurred in the quarter.
		IBM’s overall gross profit margin was 35.8 percent in the third quarter, compared with 37.2 percent in the third quarter of 1998.
	www.esj.com /article.aspx?ID=122399114014AM (1066 words)

	Students Expose Bank ATM Hole -
		IBM's 4758 received the U.S. government's highest tamper-resistance rating in 1998.
		The two men decided to come forward with the details of the hack when they saw the latest release (September 2001) of IBM's PCI Cryptographic Coprocessor manual gave no indication that any of the relevant flaws in the system had been fixed.
		The BBC reported that Bond and Clayton, frustrated by IBM's lack of response, have also put details of their crack on their website so, they said, the security hole will be fixed.
	www.wired.com /news/technology/0,1282,48277,00.html (811 words)

	IBM Security Solutions
		IBM provides industry-relevant security products, services and solutions to address safety and security concerns.
		IBM will help you assess, detect, protect, correct and recover from security exposures in your IT and physical security environments in today's on demand e-business world.
		IBM's integrated security solutions combine IBM Tivoli® security software with IBM pSeries® servers to help you address the heightened and growing need for a highly secure on demand environment.
	www.ibm.com /security (435 words)

	alphaWorks : 4758 Coprocessor Toolkit : Overview
		4758 Coprocessor Toolkit is a software development kit (SDK) for creating secure coprocessor applications.
		The 4758 Coprocessor is itself a tamper-sensing and -responding secure coprocessor, along with its own internal operating system (CP/Q), secure software configuration, bootstrap features, support software, and development tools.
		The 4758 Coprocessor was the first device ever to earn the highest possible certification for commercial security awarded by the US Federal government.
	www.alphaworks.ibm.com /tech/4758toolkit (152 words)

	IBM Security: IBM Distributed Key Management System (DKMS)
		A modern cryptographic solution is always based on general accepted key-based algorithms and therefore the security relies on the secrecy and use of keys.
		The IBM Distributed Key Management System (DKMS) is developed by IBM EMEA Crypto Competence Center, in tight cooperation with many banks.
		The standard CCA APIs implemented for IBM crypto hardware are fairly low level and require a lot of knowledge about cryptography in general and IBM CCA in particular.
	www-306.ibm.com /security/products/prod_dkms.shtml (1241 words)

	IBM Linux Technology Center (Site not responding. Last check: 2007-10-18)
		Many are licensed under the Common Public License or the IBM Public License.
		Although the list is constantly evolving, here is a current snapshot of the open source projects labeled as "Linux" (as of May, 2003).
		4758 Secure Coprocessor Driver for Linux -- This project is a Linux device driver for the IBM 4758 PCI Cryptographic Coprocessor, which is a tamper-sensing and responding, programmable PCI card.
	www.linuxdevices.com /sponsors/SP5943140291-LK6413245415.html (1659 words)

	Java cryptography using hardware, a performance analysis on z/OS
		We explained that these results were based on the number of IBM 4758-2 Cryptographic Coprocessor PCI cards running and that with more of these cards the results would increase proportionally.
		Now we extend that discussion by comparing the earlier numbers with results on the newer IBM hardware (2064-116) fully loaded with two CCFs and all 16 of the IBM 4758-2 Cryptographic Coprocessor PCI cards running.
		To take full advantage of all of the IBM 4758-2 Cryptographic Coprocessor PCI cards for RETAINED key pairs, it is important to make sure that the keys are stored across multiple cards and not all stored on the same card.
	www-128.ibm.com /developerworks/eserver/articles/java_hardware.html (2622 words)

	Cryptomathic Secure Key Entry - Secure Key Management for IBM 4758
		It allows a GCR card reader from Gemplus to be connected to an IBM 4758 module, so that keys can be imported to and exported from the IBM module in a highly secure way using either the smart card reader or the keyboard and display on the GCR card reader.
		The master key, which protects all other keys in the module and is essential for secure usage for the IBM module, can be managed using this added functionality.
		Normally, when setting up the module, parts of the master key will reside temporarily in the memory of the workstation in order to enable recovery, but by connecting the card reader to the hardware module, this potential vulnerability can be eliminated.
	www.cryptomathic.com /products/cske_index.html (222 words)

Try your search on: Qwika (all wikis)