©2003 IDC
#3577
13
cryptographic operations through the chip. Cryptographic middleware automatically
routes function calls to the hardware.
The chip is compliant with Microsoft's CAPI and PKCS #11, industry-standard
interfaces, which many of the PKI providers, such as Entrust, Baltimore, and
Microsoft itself, use for applications such as email (e.g., Outlook and Notes), VPN
clients (e.g., Cisco, SonicWALL, and L2TP), or network log-on clients (e.g., NetWare).
The chip library supports 512-, 1024-, and 2,048-bit key generation; encryption;
decryption; and digital signature operations as well as 256-bit decryption for
symmetric key operations. All private key operations take place within the protected
environment of the chip. The keys, which are generated internally and stored on the
chip, never appear in main memory. So there is no way a Trojan horse can sniff it.
When a system with the a hardware security chip is first booted up, the chip must be
enabled with a BIOS setting (the BIOS itself is protected by an integrity procedure).
No one can give a user his or her identity. Each system owner configures his or her
own personalized subsystem identity by initializing it. This subsystem identity key pair
is called the "hardware key pair." Once inside, the private key is used only to hide
other keys and never to identify the system or owner.
In its most recent implementation, the security chip has been paired with external
hardware, such as a PC Card–slot or USB-attached fingerprint reader from Targus, a
USB-connected proximity badge from Ensure Technologies, or even a smart card.
IBM's focus has shifted from providing fully authenticated PKI communications and
guaranteed ebusiness transactions to the more straightforward tasks of making sure
that the individual logging on to a particular client node is the authorized user and that
his or her local data is protected from intruders.
A H IE R A R C H Y O F K E Y S
One of the greatest strengths of hardware security architecture is the hierarchical
nature of its key-management system. The first key pair generated is used to protect
another key pair, called the "platform identity key pair." This key pair is created under
the system owner's control and can be used by the system owner to definitively
identify the PC.
As part of the subsystem initialization, the owner of the system can make an archive
copy of the platform private key. The platform private key is encrypted with the
administrative public key. The corresponding administrative private key can be split
into up to five parts, allowing the restoration responsibility to be secured among
multiple administrators. This archive data, including the administrative private key,
can be stored on external removable media or on a network server. If the system,
chip, or motherboard dies, or the system needs to be upgraded, the owner has the
ability to securely migrate all of his or her key information from the old system to the
new system. The security administrator might or might not want to use this sort of
backup scheme, which represents a back door to the system, but it is there for
corporate implementations. Without it, the whole system could become inaccessible.
With it, as with any archive system, a potential security exposure exists if the
administrator's private key is ever compromised. Each firm has to assess its
circumstances and risk profile.
Next, a "user key pair" is created. The private key of the user pair is encrypted with
the public key of the platform pair. Before encrypting the private key of the user pair, a
"passphrase" (up to 128 characters) is associated with it. Then the private key and
passphrase are encrypted with the public key of the platform pair. As another level of
protection, the chip will not execute any operations if it doesn't receive the correct
passphrase for that key.