The IBM 4769 Cryptographic Coprocessor

IF 1.3 4区 计算机科学 Q1 Computer Science
J. A. Busby;E. N. Cohen;E. A. Dames;J. Doherty;S. Dragone;D. Evans;M. J. Fisher;N. Hadzic;C. Hagleitner;A. J. Higby;M. D. Hocker;L. S. Jagich;M. J. Jordan;R. Kisley;K. D. Lamb;M. D. Marik;J. Mayfield;T. E. Morris;T. D. Needham;W. Santiago-Fernandez;V. Urban;T. Visegrady;K. Werner
{"title":"The IBM 4769 Cryptographic Coprocessor","authors":"J. A. Busby;E. N. Cohen;E. A. Dames;J. Doherty;S. Dragone;D. Evans;M. J. Fisher;N. Hadzic;C. Hagleitner;A. J. Higby;M. D. Hocker;L. S. Jagich;M. J. Jordan;R. Kisley;K. D. Lamb;M. D. Marik;J. Mayfield;T. E. Morris;T. D. Needham;W. Santiago-Fernandez;V. Urban;T. Visegrady;K. Werner","doi":"10.1147/JRD.2020.3008145","DOIUrl":null,"url":null,"abstract":"System security is currently a main focus area for all IT infrastructure providers. New system features like pervasive encryption, the transition to cloud-based offerings, and the demand for quantum-safe platforms demand increased cryptographic performance as well as more cryptographic agility. The new IBM 4769 Cryptographic Coprocessor addresses these trends. It brings performance improvements that match the requirements of the new IBM z15. A combination of newly available features allows IBM z15 to scale to greater than 5,000 Virtual Hardware secure modules per system and makes it suitable to support virtualized client environments such as cloud-scale datacenters. To meet the dense packaging and energy requirements of those data centers, the form factor and power consumption of the card were reduced significantly. The card also offers an expanded set of algorithms to support state-of-the-art as well as future workloads. For the first time, the user interface provides access to a selected set of quantum-safe algorithms. Infrastructure extensions add hardware-embedded, attestation-friendly trusted boot services, which improve system resiliency by providing hardware enabled measurements of the secure and trusted boot process. These extensions simultaneously simplify the security certifications built on them. This article provides an overview of the IBM 4769 cryptographic coprocessor, highlighting security characteristics, internal hardware, form factor, and enhanced firmware.","PeriodicalId":55034,"journal":{"name":"IBM Journal of Research and Development","volume":null,"pages":null},"PeriodicalIF":1.3000,"publicationDate":"2020-07-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1147/JRD.2020.3008145","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IBM Journal of Research and Development","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/9138701/","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"Computer Science","Score":null,"Total":0}
引用次数: 2

Abstract

System security is currently a main focus area for all IT infrastructure providers. New system features like pervasive encryption, the transition to cloud-based offerings, and the demand for quantum-safe platforms demand increased cryptographic performance as well as more cryptographic agility. The new IBM 4769 Cryptographic Coprocessor addresses these trends. It brings performance improvements that match the requirements of the new IBM z15. A combination of newly available features allows IBM z15 to scale to greater than 5,000 Virtual Hardware secure modules per system and makes it suitable to support virtualized client environments such as cloud-scale datacenters. To meet the dense packaging and energy requirements of those data centers, the form factor and power consumption of the card were reduced significantly. The card also offers an expanded set of algorithms to support state-of-the-art as well as future workloads. For the first time, the user interface provides access to a selected set of quantum-safe algorithms. Infrastructure extensions add hardware-embedded, attestation-friendly trusted boot services, which improve system resiliency by providing hardware enabled measurements of the secure and trusted boot process. These extensions simultaneously simplify the security certifications built on them. This article provides an overview of the IBM 4769 cryptographic coprocessor, highlighting security characteristics, internal hardware, form factor, and enhanced firmware.
IBM 4769加密协处理器
系统安全目前是所有IT基础设施提供商的主要关注领域。新的系统功能,如普及加密、向基于云的产品的过渡以及对量子安全平台的需求,要求提高加密性能和加密灵活性。新的IBM4769密码协处理器解决了这些趋势。它带来了与新IBMz15的要求相匹配的性能改进。新可用功能的组合使IBM z15能够扩展到每个系统超过5000个虚拟硬件安全模块,并使其适合支持云规模数据中心等虚拟化客户端环境。为了满足这些数据中心的密集封装和能源需求,该卡的形状因子和功耗显著降低。该卡还提供了一组扩展的算法,以支持最先进的以及未来的工作负载。用户界面首次提供了对一组选定的量子安全算法的访问。基础设施扩展添加了硬件嵌入式、证明友好的可信引导服务,通过提供安全和可信引导过程的硬件测量,提高了系统弹性。这些扩展同时简化了基于它们的安全认证。本文概述了IBM4769密码协处理器,重点介绍了安全特性、内部硬件、外形和增强固件。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
IBM Journal of Research and Development
IBM Journal of Research and Development 工程技术-计算机:硬件
自引率
0.00%
发文量
0
审稿时长
6-12 weeks
期刊介绍: The IBM Journal of Research and Development is a peer-reviewed technical journal, published bimonthly, which features the work of authors in the science, technology and engineering of information systems. Papers are written for the worldwide scientific research and development community and knowledgeable professionals. Submitted papers are welcome from the IBM technical community and from non-IBM authors on topics relevant to the scientific and technical content of the Journal.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信