IBM PCI Cryptographic Accelerator

Notice of withdrawal from marketing

IBM withdrew from marketing the IBM PCI Cryptographic Accelerator (PCICA) feature effective January 28, 2005.

NOTE: The information below is provivded for historical purposes only.


The IBM PCI Cryptographic Accelerator feature is designed for maximum Secure Socket Layer (SSL) acceleration rather than for specialized financial applications or for secure long-term storage of keys and secrets. As a result, it does not need the tamper responding design of the PCI Cryptographic Coprocessor (PCICC). In an IBM zSeries 900 server, the PCICA feature can support over 2000 SSL handshakes per second.

Unlike the IBM 4758 PCI Cryptographic Coprocessor, there is no microprocessor subsystem (CPU, memory, and so on). The overall operation control, including command decoding, is implemented in the hardware.

The main components of the IBM PCI Cryptographic Accelerator feature are:

The IBM PCICA has the following differences from the PCICC:

You obtain the IBM PCI Cryptographic Accelerator as an optional feature on the eServer iSeries, pSeries and zSeries servers. See information about the PCI Cryptographic Accelerator feature in the literature of each server type.

IBM PCIe Cryptographic Coprocessor



The Programs listed below are licensed under the following terms and conditions in addition to those of the International License Agreement for Non-Warranted Programs Z125-5589-05.

Program Name: IBM CEX3C Common Cryptographic Architecture Support Program for Linux on System z version 4.2
Program Number: Tool

Source Components and Sample Materials

The Program may include some components in source code form ("Source Components") and other materials identified as Sample Materials. Licensee may copy and modify Source Components and Sample Materials for internal use only provided such use is within the limits of the license rights under this Agreement, provided however that Licensee may not alter or delete any copyright information or notices contained in the Source Components or Sample Materials. IBM provides the Source Components and Sample Materials without obligation of support and "AS IS", WITH NO WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTY OF TITLE, NON-INFRINGEMENT OR NON-INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.


News for current customers


New product release for IBM 4765 now available on IBM ServerProven System x servers, effective August 2015.

New product release CCA 5.0 for Linux on IBM z Systems™ now available effective July 2015. See Overview page for additional information.

IBM PureFlex™ customers can purchase an IBM 4765 as an add-on feature as of September 10, 2013. See CCA Release 4.3.5 for more information.

New product release CCA 4.4.20 for IBM 4765 now available on IBM AIX operating system effective May 2014. See Library page for additional information.

As of February 19, 2013, the 4765 hardware security module (HSM) is validated to meet the MEPS (Méthode d'Évaluation des Produits Securitaire "bancaires") approval scheme used by Cartes Bancaires (CB) banking ecosystem. This standards certification allows the 4765 HSM to be used by CB member banks on their dedicated payment networks.

Important notice to ECC users: This release contains important security-related changes for ECC users. See Release 4.3.4 information for details.

Effective December 2011, new add-on features are being offered for the IBM 4765 on System x to support additional operating systems. See the IBM 4765 software updates page.

On System z, the coprocessor is available as Crypto Express3 and is also available for Linux.