IBM 4764
   HOME

TheInfoList



Click Here for Items Related To - IBM 4764
OR:
IBM 4764 on:   [Wikipedia]   [Google]   [Amazon]

The IBM 4764 Cryptographic Coprocessor is a
secure cryptoprocessor A secure cryptoprocessor is a dedicated computer-on-a-chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance. Unlike crypt ...
that performs cryptographic operations used by application programs and by communications such as SSL
private key Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
transactions associated with SSL
digital certificate In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a Key authentication, public key. The certificate includes information about the key, i ...
s.


Details

Each coprocessor includes a tamper-responding
hardware security module A hardware security module (HSM) is a physical computing device that safeguards and manages secrets (most importantly digital keys), performs encryption and decryption functions for digital signatures, strong authentication and other cryptograp ...
(HSM) that provides secure storage for storing master keys and other sensitive data. The HSM has been certified to meet
FIPS 140-2 The Federal Information Processing Standard Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to approve cryptographic modules. The title is ''Security Requirements for Cryptographic Modules''. Initial publ ...
Level 4 security requirements. The coprocessor is supported on all IBM server platforms including
System z IBM Z is a family name used by IBM for all of its z/Architecture mainframe computers. In July 2017, with another generation of products, the official family was changed to IBM Z from IBM z Systems; the IBM Z family now includes the newest mode ...
(mainframe), System i,
System p The IBM System p is a high-end line of RISC (Power)/UNIX-based servers. It was the successor of the RS/6000 line, and predecessor of the IBM Power Systems server series. History The previous RS/6000 line was originally a line of workstations and ...
, and System x (
Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, which ...
or
Microsoft Windows Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. For example, Windows NT for consumers, Windows Server for serv ...
). On System z, it is called the "Crypto Express2". Applications may include financial PIN transactions, bank-to-clearing-house transactions, EMV transactions for integrated circuit (chip) based credit cards, and general-purpose cryptographic applications using
symmetric key Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between th ...
algorithms,
hashing Hash, hashes, hash mark, or hashing may refer to: Substances * Hash (food), a coarse mixture of ingredients * Hash, a nickname for hashish, a cannabis product Hash mark * Hash mark (sports), a marking on hockey rinks and gridiron football fiel ...
algorithms, and public key algorithms. The operational keys (symmetric or RSA private) are generated in the coprocessor and are then saved either in a keystore file or in application memory, encrypted under the master key of that coprocessor. Any coprocessor with an identical master key can use those keys. As of June 2005, the IBM 4764 superseded the IBM 4758 that was discontinued. At the end of December 2011, the IBM 4764 was discontinued. The successor to the 4764 was introduced on each of the IBM server platforms between 2009 and 2011: *November 2009 for the System z (mainframe), where it is called the Crypto Express3 *April 2010 for Power Systems, where it is available as feature codes 4807, 4808, and 4809 *May 2011 for System x (PC) servers, where it is called the 4765


References


External links


IBM 4764 description

IBM 4764 PCI-X Cryptographic Coprocessor

IBM 4765 PCI-e Cryptographic Coprocessor

IBM 4764 FIPS 140 Level 4 certificate
Cryptographic hardware 4764 {{crypto-stub