Cryptographic Coprocessor for eComStation and OS/2 Warp

October 05, 2001 by www.os2world.com

Cryptographic Coprocessor for eComStation and OS/2 Warp

IBM offers a very special product for supporting high-capacity web servers called the IBM 4758 Cryptographic Coprocessor. This PCI adapter works with a variety of operating systems, including eComStation and OS/2 Warp. The IBM Common Cryptographic Architecture (CCA) is supported on these operating systems, providing a wide variety of encryption-related programming services.

Using this adapter, you can dramatically increase the throughput of SSL-based secure transactions for banking, e-commerce, and other tasks. Support software is available to access the cryptographic services on this adapter (and offload encryption calculations from the main processor). For example, it would be interesting to add support for this coprocessor to Apache running on eComStation or OS/2 Warp.

For more information, please visit:

http://www.ibm.com/security/cryptocards/index.shtml

Sample source code can be found here:

ftp://www6.software.ibm.com/software/cryptocards/perftest.zip

Here's a quick summary of the services provided by the IBM Common Cryptographic Architecture (CCA):

- DES (with Model 002/023 triple-DES data confidentiality)
- DES message authentication and RSA digital signatures
- SHA-1, MD5, and with Model 002/023 RIPEMD160, and MDC-2 and MDC-4 hashing - DES and RSA key management, RSA keys to 2048 bit-length
- SET Secure Electronic Transaction services
- Key diversification for smart card applications
- Finance-industry PIN processing and related services
- Custom extensions using the UDX toolkit

- - - - -
Timothy F. Sipples
IBM WebSphere & Business Connect Software (Chicago, IL) and IBM Consultant to the U.S. Bureau of Transportation Statistics (Wash., DC)