IBM Ports Linux to 4758

R. A. Hettinga rah at
Wed Aug 29 11:14:52 EDT 2001

I expect the NCipher folks won't be too far behind, if this is actually
news at all...


IBM Research News

  IBM Research Demonstrates Linux Running on Secure Cryptographic Coprocessor

IBM Research has demonstrated Linux running on the IBM 4758 secure
cryptographic coprocessor, a hardware security module. This is the first
general purpose operating system (OS) running on a secure coprocessor. The
IBM 4758 cryptographic coprocessor is an advanced, tamper-sensing and
responding, programmable PCI card. Its specialized cryptographic
electronics, along with a microprocessor, memory and random number
generator are housed within a tamper-responding environment to provide a
highly secure subsystem in which data processing and cryptography can be

By running Linux, it enables much easier migration and porting of
applications into the secure environment than with the current CP/Q
operating system. As a key product for secure e-business, its main
applications are financial-related solutions, such as electronic coupon
dispensers, Internet postage meters, intellectual property protection (web
subscription services), signatures for digital documents and certificate

The Linux-based IBM 4758 also offers significantly better performance,
including eight times improved communication latency and four times faster
throughput, over the current custom OS based product offering. In addition,
Linux provides better support for new features, which are not supported by
the custom OS such as running multiple potentially hostile applications on
the same 4758 coprocessor card and allowing cross card communications that
enables load balancing among multiple cards.

IBM Research developed the 4758 coprocessor hardware, along with its
internal operating system, secure configuration and bootstrap software, and
custom software development tools that can run on multiple platforms,
including all IBM servers and non-IBM servers, about five years ago. By
creating the Linux version, IBM hopes to provide Linux developers the
opportunity to create high security applications, and to encourage such
development and interest in industry. We are working on making this
software package available as a free download for existing 4758 coprocessor
users. Parts of the Linux port were jointly developed with Cryptographic
Appliances, Sacramento, California.

The 4758 secure coprocessor was the first device ever to earn the highest
possible certification for commercial security granted by the U.S.
Department of Commerce's National Institute of Standards (NIST) and the
Communications Security Establishment (CSE) of the Government of Canada.

For further information, visit the IBM Research Mycroft Website at


  About IBM  |  Privacy  |  Legal  |  Contact
R. A. Hettinga <mailto: rah at>
The Internet Bearer Underwriting Corporation <>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list