IBM PCI Cryptographic Coprocessor, Installation And Using Manual

Page: 9 / 34

Chapter 1. Description and Requirements
The PCI Cryptographic Coprocessor uses dedicated hardware to process cryptographic
keys, certificates, and bulk data. These cryptographic functions are performed within a
tamper-resistant module that is designed to meet the FIPS PUB 140-1 specification for
detecting attacks through temperature, radiation, voltage, and physical penetration.
You can install the PCI Cryptographic Coprocessor in a PCI card slot.
Contents of the Coprocessor Package
Your package includes the following items:
v
The PCI Cryptographic Coprocessor
v
The Installation and Using Guide (this manual)
If any item is missing or damaged, contact your sales representative.
Special Considerations for Handling and Storage
Each PCI Cryptographic Coprocessor is shipped from the factory with a certified device
key . This electronic key is digitally stored in the coprocessor’s battery-powered
protected memory. The information from this key signs status messages to confirm that
the coprocessor is genuine and that no tampering has occurred.
Note: If any of the secure module’s tamper sensors are triggered by tampering or
accident, the coprocessor erases all data in the protected memory, including the
certified device key. The coprocessor cannot operate without the certified device
key.
To protect the certified device key, follow these guidelines:
Temperature Do not expose the coprocessor to temperatures below
-15 degrees C (+5 degrees F) or temperatures above 60 degrees C
(+140 degrees F).
Observe the high and low temperature limits. Exceeding the limits
triggers a Tamper Event. Any Tamper Event renders the coprocessor
permanently inoperable, there is no recovery procedure.
Batteries Do not remove the coprocessor’s batteries. Data in the protected
memory is lost when battery power is removed. For information about
replacing the batteries without erasing the protected memory, see
Chapter 5, “Replacing Coprocessor Batteries” on page 17.
1