Wikipedia

Hardware-based encryption: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
History: why the German Approach To Nouns?
m fixed dashes using a script
Line 20:
 
=== As a coprocessor ===
* [[IBM 4758]] - The predecessor to the [[IBM 4764]].<ref name="NIST approval" /> This includes its own specialised processor, [[Random-access memory|memory]] and a [[Random Number Generator]].<ref name="IBM 4758 datasheet" />
* [[IBM 4764]] and [[IBM 4765]], identical except for the connection used.<ref name="NIST approval" /> The former uses [[PCI-X]], while the latter uses [[PCI-e]].<ref name="IBM 4764" /> Both are [[peripheral devices]] that plug into the [[motherboard]].
=== Proliferation ===
Line 30:
 
== Disadvantages ==
If, however, the hardware implementation is compromised, major issues arise. Malicious software can retrieve the data from the (supposedly) secure hardware - a large class of method used is the [[timing attack]].<ref name="BearSSL" /> This is far more problematic to solve than a software bug, even within the [[operating system]]. [[Microsoft]] regularly deals with security issues through [[Windows Update]]. Similarly, regular security updates are released for [[Mac OS X]] and [[Linux]], as well as mobile operating systems like [[iOS]], [[Android (operating system)|Android]], and [[Windows Phone]]. However, hardware is a different issue. Sometimes, the issue will be fixable through updates to the processor's [[microcode]] (a low level type of software). However, other issues may only be resolvable through replacing the hardware, or a workaround in the operating system which mitigates the performance benefit of the hardware implementation, such as in the [[Spectre (security vulnerability)|Spectre exploit]].<ref name="PCW-20180109" />
 
==References==
{{Reflist|30em|refs=
<ref name="Intel AES Instructions">{{cite book|title=Intel® 64 and IA-32 Architectures Software Developer’s Manual|date={{date|December 2017}}|url=https://software.intel.com/sites/default/files/managed/39/c5/325462-sdm-vol-1-2abcd-3abcd.pdf|publisher=Intel|pages=303-309303–309,410}}</ref>
<ref name="cortex cryptography">{{cite book|title=ARM® Cortex®-A57 MPCore Processor Cryptography Extension|date={{date|2017-12-17}}|publisher=ARM Holdings|url=http://infocenter.arm.com/help/topic/com.arm.doc.ddi0514g/DDI0514G_cortex_a57_mpcore_cryptography_trm.pdf}}</ref>
<ref name="IBM 4764">{{cite web|url=https://www.ibm.com/support/knowledgecenter/ssw_ibm_i_61/rzajc/rzajcco4758.htm|title=4764 Cryptographic Coprocessor|publisher=IBM|access-date={{date|2018-01-20}}}}</ref>
<ref name="performance">{{cite web|title=AES-NI Performance Analyzed|url=http://www.tomshardware.com/reviews/clarkdale-aes-ni-encryption,2538.html|publisher=Tom's Hardware|year=2010|author=P. Schmid and A. Roos |accessdate={{date|2018-01-20}}}}</ref>
<ref name="MeltdownSpectre">{{Cite web |author=Staff |url=https://spectreattack.com/ |title=Meltdown and Spectre |date=2018 |work=[[Graz University of Technology]] |access-date={{date|2018-01-20}} |dead-url=no |archive-url=https://web.archive.org/web/20180103221345/https://spectreattack.com/ |archive-date={{date|2018-01-03}}}}</ref>
<ref name="ABYSS">{{cite web|url=https://www.computer.org/csdl/proceedings/sp/1987/0771/00/07710038.pdf|title=ABYSS: A Trusted Architecture for Software Protection|access-date={{date|2018-01-20}}}}</ref>
<ref name="building 4758">{{cite web|url=http://www.research.ibm.com/people/s/sailer/publications/2001/ibm4758.pdf|title=Building the IBM 4758 Secure Coprocessor |access-date={{date|2018-01-20}}|publisher=[[IBM]]}}</ref>
Retrieved from "https://en.wikipedia.org/wiki/Hardware-based_encryption"