A secure cryptoprocessor is a dedicated computer-on-a-chip or

microprocessor A microprocessor is a computer processor where the data processing logic and control is included on a single integrated circuit, or a small number of integrated circuits. The microprocessor contains the arithmetic, logic, and control circ ...

for carrying out cryptographic operations, embedded in a packaging with multiple

physical security Physical security describes security measures that are designed to deny unauthorized access to facilities, equipment and resources and to protect personnel and property from damage or harm (such as espionage, theft, or terrorist attacks). Physica ...

measures, which give it a degree of

tamper resistance Tamperproofing, conceptually, is a methodology used to hinder, deter or detect unauthorised access to a device or circumvention of a security system. Since any device or system can be foiled by a person with sufficient knowledge, equipment, and ti ...

. Unlike cryptographic processors that output decrypted data onto a bus in a secure environment, a secure cryptoprocessor does not output decrypted data or decrypted program instructions in an environment where security cannot always be maintained. The purpose of a secure cryptoprocessor is to act as the keystone of a security subsystem, eliminating the need to protect the rest of the subsystem with physical security measures.

Examples

hardware security module A hardware security module (HSM) is a physical computing device that safeguards and manages secrets (most importantly digital keys), performs encryption and decryption functions for digital signatures, strong authentication and other cryptogr ...

(HSM) contains one or more secure cryptoprocessor

chips ''CHiPs'' is an American crime drama television series created by Rick Rosner and originally aired on NBC from September 15, 1977, to May 1, 1983. It follows the lives of two motorcycle officers of the California Highway Patrol (CHP). The seri ...

. These devices are high grade secure cryptoprocessors used with enterprise servers. A hardware security module can have multiple levels of physical security with a single-chip cryptoprocessor as its most secure component. The cryptoprocessor does not reveal keys or executable instructions on a bus, except in encrypted form, and zeros keys by attempts at probing or scanning. The crypto chip(s) may also be

potted Potting may refer to: * Potting, in pottery, the making of pots, generally on the potter's wheel * Potting (electronics), the encapsulation of electronic components * In farming and gardening, potting is planting a plant in a pot, such as a flowe ...

in the hardware security module with other processors and memory chips that store and process encrypted data. Any attempt to remove the potting will cause the keys in the crypto chip to be zeroed. A hardware security module may also be part of a computer (for example an ATM) that operates inside a locked safe to deter theft, substitution, and tampering. Modern

smartcard A smart card, chip card, or integrated circuit card (ICC or IC card) is a physical electronic authentication device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) c ...

s are probably the most widely deployed form of secure cryptoprocessor, although more complex and versatile secure cryptoprocessors are widely deployed in systems such as

Automated teller machine An automated teller machine (ATM) or cash machine (in British English) is an electronic telecommunications device that enables customers of financial institutions to perform financial transactions, such as cash withdrawals, deposits, fun ...

s, TV

set-top box A set-top box (STB), also colloquially known as a cable box and historically television decoder, is an information appliance device that generally contains a TV-tuner input and displays output to a television set and an external source of sign ...

es, military applications, and high-security portable communication equipment. Some secure cryptoprocessors can even run general-purpose operating systems such as

Linux Linux ( or ) is a family of open-source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically packaged as a Linux distribution, w ...

inside their security boundary. Cryptoprocessors input program instructions in encrypted form, decrypt the instructions to plain instructions which are then executed within the same cryptoprocessor chip where the decrypted instructions are inaccessibly stored. By never revealing the decrypted program instructions, the cryptoprocessor prevents tampering of programs by technicians who may have legitimate access to the sub-system data bus. This is known as

bus encryption Bus encryption is the use of encrypted program instructions on a data bus in a computer that includes a secure cryptoprocessor for executing the encrypted instructions. Bus encryption is used primarily in electronic systems that require high secu ...

. Data processed by a cryptoprocessor is also frequently encrypted. The

Trusted Platform Module Trusted Platform Module (TPM, also known as ISO/IEC 11889) is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys. The term can also refer to a ...

(TPM) is an implementation of a secure cryptoprocessor that brings the notion of

trusted computing Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning that is distinct from the field of Confidential Computing. The core ide ...

to ordinary PCs by enabling a secure environment. Present TPM implementations focus on providing a tamper-proof boot environment, and persistent and volatile storage encryption. Security chips for embedded systems are also available that provide the same level of physical protection for keys and other secret material as a smartcard processor or TPM but in a smaller, less complex and less expensive package. They are often referred to as cryptographic

authentication Authentication (from ''authentikos'', "real, genuine", from αὐθέντης ''authentes'', "author") is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicatin ...

devices and are used to authenticate peripherals, accessories and/or consumables. Like TPMs, they are usually turnkey integrated circuits intended to be embedded in a system, usually soldered to a PC board.

Features

Security measures used in secure cryptoprocessors: * Tamper-detecting and

tamper-evident Tamper-evident describes a device or process that makes unauthorized access to the protected object easily detected. Seals, markings, or other techniques may be tamper indicating. Tampering Tampering involves the deliberate altering or adultera ...

containment. * Conductive shield layers in the chip that prevent reading of internal signals. * Controlled execution to prevent timing delays from revealing any secret information. * Automatic zeroization of secrets in the event of tampering. * Chain of trust boot-loader which authenticates the operating system before loading it. * Chain of trust operating system which authenticates application software before loading it. * Hardware-based capability registers, implementing a one-way

privilege separation In computer programming and computer security, privilege separation is one software-based technique for implementing the principle of least privilege. With privilege separation, a program is divided into parts which are limited to the specific pri ...

model.

Degree of security

Secure cryptoprocessors, while useful, are not invulnerable to attack, particularly for well-equipped and determined opponents (e.g. a government intelligence agency) who are willing to expend enough resources on the project. One attack on a secure cryptoprocessor targeted the IBM 4758. A team at the University of Cambridge reported the successful extraction of secret information from an IBM 4758, using a combination of mathematics, and special-purpose

codebreaking Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic sec ...

hardware. However, this attack was not practical in real-world systems because it required the attacker to have full access to all API functions of the device. Normal and recommended practices use the integral access control system to split authority so that no one person could mount the attack. While the vulnerability they exploited was a flaw in the software loaded on the 4758, and not the architecture of the 4758 itself, their attack serves as a reminder that a security system is only as secure as its weakest link: the strong link of the 4758 hardware was rendered useless by flaws in the design and specification of the software loaded on it. Smartcards are significantly more vulnerable, as they are more open to physical attack. Additionally, hardware backdoors can undermine security in smartcards and other cryptoprocessors unless investment is made in anti-backdoor design methods. In the case of

full disk encryption Disk encryption is a technology which protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that g ...

applications, especially when implemented without a boot

PIN A pin is a device used for fastening objects or material together. Pin or PIN may also refer to: Computers and technology * Personal identification number (PIN), to access a secured system ** PIN pad, a PIN entry device * PIN, a former Dutch ...

, a cryptoprocessor would not be secure against a

cold boot attack In computer security, a cold boot attack (or to a lesser extent, a platform reset attack) is a type of side channel attack in which an attacker with physical access to a computer performs a memory dump of a computer's random-access memory (RAM) b ...

data remanence Data remanence is the residual representation of digital data that remains even after attempts have been made to remove or erase the data. This residue may result from data being left intact by a nominal file deletion operation, by reformatting o ...

could be exploited to dump

memory Memory is the faculty of the mind by which data or information is encoded, stored, and retrieved when needed. It is the retention of information over time for the purpose of influencing future action. If past events could not be remembered ...

contents after the

operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also i ...

has retrieved the cryptographic keys from its TPM. However, if all of the sensitive data is stored only in cryptoprocessor memory and not in external storage, and the cryptoprocessor is designed to be unable to reveal keys or decrypted or unencrypted data on chip bonding pads or solder bumps, then such protected data would be accessible only by probing the cryptoprocessor chip after removing any packaging and metal shielding layers from the cryptoprocessor chip. This would require both physical possession of the device as well as skills and equipment beyond that of most technical personnel. Other attack methods involve carefully analyzing the timing of various operations that might vary depending on the secret value or mapping the current consumption versus time to identify differences in the way that '0' bits are handled internally vs. '1' bits. Or the attacker may apply temperature extremes, excessively high or low clock frequencies or supply voltage that exceeds the specifications in order to induce a fault. The internal design of the cryptoprocessor can be tailored to prevent these attacks. Some secure cryptoprocessors contain dual processor cores and generate inaccessible encryption keys when needed so that even if the circuitry is reverse engineered, it will not reveal any keys that are necessary to securely decrypt software booted from encrypted flash memory or communicated between cores. The first single-chip cryptoprocessor design was for

copy protection Copy protection, also known as content protection, copy prevention and copy restriction, describes measures to enforce copyright by preventing the reproduction of software, films, music, and other media. Copy protection is most commonly found o ...

of personal computer software (see US Patent 4,168,396, Sept 18, 1979) and was inspired by Bill Gates's

Open Letter to Hobbyists Open or OPEN may refer to: Music * Open (band), Australian pop/rock band * The Open (band), English indie rock band * ''Open'' (Blues Image album), 1969 * ''Open'' (Gotthard album), 1999 * ''Open'' (Cowboy Junkies album), 2001 * ''Open'' ( ...

History

The

(HSM), a type of secure cryptoprocessor, was invented by

Egyptian-American Egyptian Americans are Americans of partial or full Egyptian ancestry. The 2016 US Census estimated the number of people with Egyptian ancestry at 256,000. Most of whom are from Egypt's Christian Coptic minority.Estimates for the number of Cop ...

engineer

Mohamed M. Atalla Mohamed M. Atalla ( ar, محمد عطاالله; August 4, 1924 – December 30, 2009) was an Egyptian-American engineer, physicist, cryptographer, inventor and entrepreneur. He was a semiconductor pioneer who made important contributions to ...

, in 1972. He invented a high security module dubbed the "Atalla Box" which encrypted

and ATM messages, and protected offline devices with an un-guessable PIN-generating key. In 1972, he filed a

patent A patent is a type of intellectual property that gives its owner the legal right to exclude others from making, using, or selling an invention for a limited period of time in exchange for publishing an enabling disclosure of the invention."A ...

for the device. He founded

Atalla Corporation Utimaco Atalla, founded as Atalla Technovation and formerly known as Atalla Corporation or HP Atalla, is a security vendor, active in the market segments of data security and cryptography. Atalla provides government-grade end-to-end products in ...

(now

Utimaco Atalla Utimaco Atalla, founded as Atalla Technovation and formerly known as Atalla Corporation or HP Atalla, is a security vendor, active in the market segments of data security and cryptography. Atalla provides government-grade end-to-end products in ...

) that year, and commercialized the "Atalla Box" the following year, officially as the Identikey system. It was a

card reader A card reader is a data input device that reads data from a card-shaped storage medium. The first were punched card readers, which read the paper or cardboard punched cards that were used during the first several decades of the computer industry ...

and customer identification system, consisting of a

console, two customer

PIN pad A PIN pad or PIN entry device (PED) is an electronic device used in a debit, credit or smart card-based transaction to accept and encrypt the cardholder's personal identification number (PIN). PIN pads are normally used with payment terminals ...

s, intelligent controller and built-in electronic interface package. It allowed the customer to type in a secret code, which is transformed by the device, using a

, into another code for the teller. During a transaction, the customer's account number was read by the card reader. It was a success, and led to the wide use of high security modules. Fearful that Atalla would dominate the market, banks and

credit card A credit card is a payment card issued to users (cardholders) to enable the cardholder to pay a merchant for goods and services based on the cardholder's accrued debt (i.e., promise to the card issuer to pay them for the amounts plus the o ...

companies began working on an international standard in the 1970s. The

IBM 3624 The IBM 3624 was released in 1978 as a second-generation automatic teller machine (ATM), a successor to the IBM 3614. Designed at the IBM Los Gatos lab, the IBM 3624, along with the later IBM 4732 model, was manufactured at IBM facilities in Charlo ...

, launched in the late 1970s, adopted a similar PIN verification process to the earlier Atalla system. Atalla was an early competitor to IBM in the banking security market. At the National Association of Mutual Savings Banks (NAMSB) conference in January 1976, Atalla unveiled an upgrade to its Identikey system, called the Interchange Identikey. It added the capabilities of

processing Processing is a free graphical library and integrated development environment (IDE) built for the electronic arts, new media art, and visual design communities with the purpose of teaching non-programmers the fundamentals of computer programming ...

online transactions E-commerce (electronic commerce) is the activity of electronically buying or selling of products on online services or over the Internet. E-commerce draws on technologies such as mobile commerce, electronic funds transfer, supply chain manageme ...

and dealing with

network security Network security consists of the policies, processes and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources. Network security involves th ...

. Designed with the focus of taking bank transactions

online In computer technology and telecommunications, online indicates a state of connectivity and offline indicates a disconnected state. In modern terminology, this usually refers to an Internet connection, but (especially when expressed "on line" o ...

, the Identikey system was extended to shared-facility operations. It was consistent and compatible with various switching

networks Network, networking and networked may refer to: Science and technology * Network theory, the study of graphs as a representation of relations between discrete objects * Network science, an academic field that studies complex networks Mathematics ...

, and was capable of resetting itself electronically to any one of 64,000 irreversible

nonlinear In mathematics and science, a nonlinear system is a system in which the change of the output is not proportional to the change of the input. Nonlinear problems are of interest to engineers, biologists, physicists, mathematicians, and many othe ...

algorithms In mathematics and computer science, an algorithm () is a finite sequence of rigorous instructions, typically used to solve a class of specific problems or to perform a computation. Algorithms are used as specifications for performing ...

as directed by card data information. The Interchange Identikey device was released in March 1976. Later in 1979, Atalla introduced the first network security processor (NSP). Atalla's HSM products protect 250million card transactions every day as of 2013, and secure the majority of the world's ATM transactions as of 2014.

Examples

Features

Degree of security

History

See also

References

Further reading