Pseudo-random Number Generation on the IBM 4758 Secure Crypto Coprocessor
نویسندگان
چکیده
In this paper we explore pseudo-random number generation on the IBM 4758 Secure Crypto Coprocessor. In particular we compare several variants of Gennaro's provably secure generator, proposed at Crypto 2000, with more standard techniques based on the SHA-1 compression function. Our results show how the presence of hardware support for modular multiplication and exponentiation aaects these algorithms.
منابع مشابه
Validating a High-Performance, Programmable Secure Coprocessor
This paper details our experiences with successfully validating a trusted device at FIPS 140-1 Level 4—earning the world’s first certificate at this highest level. Over the last several years, our group designed and built a physically secure PCI card (the IBM 4758 [5]) containing a general-purpose processor with crypto support. However, for this device to function as a trusted platform for secu...
متن کاملApplication Support Architecture for a High-Performance, Programmable Secure Coprocessor
A “secure system” should be secure—but should also be a system that achieves some particular functionality. A family of secure systems that our group has been investigating (and building) are high-end secure coprocessors: devices that combine a general-purpose computing environment with high-performance cryptography inside a tamper-responding secure boundary. With the appropriate application so...
متن کاملPrivate Information Storage with Logarithmic-space Secure Hardware
In Private Information Retrieval (PIR), a user obtains one of N records from a server, without the server learning what record was requested. Recent research in “practical PIR” has limited the players to the user and server and limited the user’s work to negotiating a session key (eg. as in SSL)— but then added a secure coprocessor to the server and required the secure coprocessor to encrypt/pe...
متن کاملPrivate Information Storage with Logarithm-Space Secure Hardware
In Private Information Retrieval (PIR), a user obtains one of N records from a server, without the server learning what record was requested. Recent research in “practical PIR” has limited the players to the user and server and limited the user’s work to negotiating a session key (eg. as in SSL)— but then added a secure coprocessor to the server and required the secure coprocessor to encrypt/pe...
متن کاملBuilding the IBM 4758 Secure Coprocessor
W ork leading toward the IBM 4758 started, arguably, in the 1980s when the Abyss project began exploring techniques to build tamper-responsive hardware and use that technology to protect against software piracy. 1,2 Influenced by this earlier work, we sought to build a secure coprocessor, defined as a tamper-responding device derived from the Abyss, Citadel, and 4755 work. We wanted to provide ...
متن کامل