Revision as of 03:57, 24 January 2018 edit Zanhe (talk \| contribs) Extended confirmed users, Pending changes reviewers 132,020 edits m →In the Instruction Set: dab ← Previous edit		Revision as of 03:59, 24 January 2018 edit undo Zanhe (talk \| contribs) Extended confirmed users, Pending changes reviewers 132,020 edits m →Implementations: ce Next edit →
Line 10: Hardware-based encryption arguably began in the 1987 with the ABYSS (A Basic Yorktown Security System) project.<ref>{{cite web\|url=https://www.computer.org/csdl/proceedings/sp/1987/0771/00/07710038.pdf\|title=ABYSS: A Trusted Architecture for Software Protection\|access-date={{date\|2018-01-20}}}}</ref><ref name="building 4758">{{cite web\|url=http://www.research.ibm.com/people/s/sailer/publications/2001/ibm4758.pdf\|title=Building the IBM 4758 Secure Coprocessor \|access-date={{date\|2018-01-20}}\|publisher=[[IBM]]}}</ref> The aim of this project was to protect against [[Software Piracy]]. However, the application of computers to cryptography in general dates back to the 1940s and [[Bletchley Park]], where the [[Colossus computer]] was used to break the encryption used by German High Command during [[World War 2]]. The use of computers to ''encrypt'', however, came later. In particular, until the development of the [[Intergrated Circuit]], of which the first was produced in 1960, computers were impractical for encryption, since, in comparison to the portable [[form factor (design)\|form factor]] of the [[Enigma machine]],<ref>{{cite web\|url=http://www.cryptomuseum.com/kits/enigma/support/files/case.pdf\|publisher=Crypto Museum\|title=Enigma-E case\|access-date={{date\|2018-01-20}}}}</ref> Computers of the era took the space of an entire building. It was only with the development of the [[Microcomputer]] that computer encryption became feasible, outside of niche applications. The development of the [[World Wide Web]] lead to the need for consumers to have access to encryption, as [[Online Shopping]] became prevalent.<ref name="consumers">{{cite web \| url=http://ecommercenews.eu/consumers-online-shopping-expectations/ \| title=Consumers and their online shopping expectations – Ecommerce News \| date={{date\|2015-2-20}}\| accessdate={{date\|2016-08-29}}}}</ref> The key concerns for consumers were security and speed.<ref name="consumers" /> This led to the eventual inclusion of the key algorithms into processors as a way of both increasing speed and security.<ref name="performance" /> == Implementations == === In the ~~[[Instruction~~instruction ~~Set]]~~set === ==== [[x86]] ==== {{Main\|AES instruction set\|Intel SHA extensions}} The [[X86]] [[Computer architecture\|architecture]], as a [[Complex instruction set computer\|CISC (Complex Instruction Set Computer)]] Architecture, typically implements complex [[algorithms]] in hardware. Cryptographic algorithms are no exception. The x86 architecture implements significant components of the [[Advanced Encryption Standard\|AES (Advanced Encryption Standard)]] algorithm, which can be used by the [[NSA]] for [[Top Secret]] information.<ref>{{cite web\|url=http://csrc.nist.gov/groups/ST/toolkit/documents/aes/CNSS15FS.pdf \|title=National Policy on the Use of the Advanced Encryption Standard (AES) to Protect National Security Systems and National Security Information \|author=Lynn Hathaway \|date={{date\|June 2003}}\|format=PDF \|access-date={{date\|2011-02-15}}}}</ref> The architecture also includes support for the [[Secure Hash Algorithms\|SHA]] Hashing Algorithms through the [[Intel SHA extensions]].<ref name="Intel AES Instructions" /> Whereas AES is a cipher, which is useful for encrypting documents, [[Hash function\|Hashing]] is used for verification, such as of passwords (see [[PBKDF2]]). ==== ARM ==== [[ARM ~~processors~~processor]]s can optionally support Security Extensions. Although ARM is a [[RISC\|RISC (Reduced Instruction Set Computer)]] architecture, there are several optional extensions specified by [[ARM Holdings]].<ref name="cortex cryptography" /><ref name="openwrt">[http://wiki.openwrt.org/doc/hardware/cryptographic.hardware.accelerators Cryptographic Hardware Accelerators] on OpenWRT.org</ref> === As a coprocessor === * [[IBM 4758]] - The predecessor to the [[IBM 4764]]. This includes its own specialised processor, [[Random-access memory\|memory]] and a [[Random Number Generator]]. * [[IBM 4764]] - This is identical to the [[IBM 4765]], except for the connection used. The former uses [[PCI-X]], while the latter uses [[PCI-e]].<ref name="IBM 4764" /> Both are [[peripheral devices]] that plug into the [[motherboard]]. == Advantages == Implementing cryptography in hardware means that part of the processor is dedicated to the task. This can lead to a large increase in speed.<ref name="performance" /> In particular, modern processor architectures that support [[Pipelining (computing)\|pipelining]] can often perform other instructions concurrently with the execution of the encryption instruction. Furthermore, hardware can have methods of protecting data from software. Consequently, even if the [[Operating System]] is compromised, the data may still be secure (see [[Software Guard Extensions]]).<ref>{{cite web\|url=https://software.intel.com/en-us/blogs/2013/09/26/protecting-application-secrets-with-intel-sgx \|title=Intel SGX for Dummies (Intel SGX Design Objectives) \|work=intel.com \|date=2013-09-26}}</ref>

Hardware-based encryption: Difference between revisions