=================================================================
TITLE: Secure Communication Processors
(a) IBM
A PCI-based card has been developed by IBM that incorporates
specialized electronics to off-load time-consuming cryptographic
functions from PCs. The board also provides a tamper-responding,
secure computing environment for the storage of keys and
performing sensitive processing. Certification of the hardware
under FIPS PUB 140-1 at levels 3 and 4 assures a high-integrity
processing environment. A cryptographic quality random number
generation facility and large, secure, persistent data storage
complete the physical system. Except for a very small bootstrap
loader, all software is loaded into the Coprocessor from the
server environment. Only digitally signed software that is
validated by the Coprocessor is acceptable. The product is
compatible with Windows NT, Windows 2000, AIX, OS/400, z/OS, and
OS/390 server systems for DES, RSA, and DSA cryptographic
functions and sensitive custom applications. IBM supplies two
cryptographic-system implementations, and toolkits for custom
application development:
* The PKCS #11, version 2.01 implementation creates a high-
security solution for application programs developed for this
industry-standard API.
* The IBM Common Cryptographic Architecture implementation
provides many functions of special interest in the finance
industry and a base on which custom processing and cryptographic
functions can be added.
For additional information, access: IBM
(b) Freescale
Two new families of secure communication processors have been
developed by Freescale (formerly Motorola). The products support
a variety of protocols and interfaces, including dual Fast
Ethernet MACs, ATM, HDLC, a 32-bit 33/66 MHz PCI interface and a
USB host/device interface. They feature a security engine that
supports DES, 3DES, MD-5, SHA-1, AES and ARC-4 encryption
algorithms.
On-chip security also provides an economical solution for
accelerating cryptographic throughput and eliminating encryption
bottlenecks in applications that support Internet Protocol
Security (IPSec), Secure Sockets Layer (SSL) and other security
protocols. The processors can also be used in VPN routers, small
office/home office (SOHO) and small-to-medium enterprise (SME)
routers, residential gateways, integrated access devices (IADs),
wireless access points, network attached storage equipment, and
industrial control equipment.
For additional information, access: Freescale
(c) SAIC
A reconfigurable computing engine based on the Xilinx Virtex-II
with up to 8-million system gates is now commercially available
from SAIC. The OSIRIS board was originally developed by the USC
Information Sciences Institute under DARPA sponsorship to off-
load time-consuming security functions from PCs. It is a full-
size PCI board with a 64-bit bus that operates at 66 MHz and 20
MBytes of SRAM and up to 1 GByte of SDRAM. A new Virtex-4 board
is under development.
For additional information, access: ISI
To order, contact:
Jim McCloskey
SAIC Systems Development Division
7320-L Parkway Drive
Hanover, MD 21076
Tel: (410) 564-3311
Fax: (410) 712-4954
james.mccloskey@saic.com
=================================================================