The IBM 4764 Cryptographic Coprocessor is a secure cryptoprocessor that performs cryptographic operations used by application programs and by communications such as SSL private key transactions associated with SSL digital certificates.

Details

edit

Each coprocessor includes a tamper-responding hardware security module (HSM) that provides secure storage for storing master keys and other sensitive data. The HSM has been certified to meet FIPS 140-2 Level 4 security requirements. The coprocessor is supported on all IBM server platforms including System z (mainframe), System i, System p, and System x (Linux or Microsoft Windows). On System z, it is called the "Crypto Express2".

Applications may include financial PIN transactions, bank-to-clearing-house transactions, EMV transactions for integrated circuit (chip) based credit cards, and general-purpose cryptographic applications using symmetric key algorithms, hashing algorithms, and public key algorithms.

The operational keys (symmetric or RSA private) are generated in the coprocessor and are then saved either in a keystore file or in application memory, encrypted under the master key of that coprocessor. Any coprocessor with an identical master key can use those keys.

As of June 2005, the IBM 4764 superseded the IBM 4758 that was discontinued.

At the end of December 2011, the IBM 4764 was discontinued. The successor to the 4764 was introduced on each of the IBM server platforms between 2009 and 2011:

  • November 2009 for the System z (mainframe), where it is called the Crypto Express3
  • April 2010 for Power Systems, where it is available as feature codes 4807, 4808, and 4809
  • May 2011 for System x (PC) servers, where it is called the 4765

References

edit
edit