IBM PCI Cryptographic Coprocessor

Notice of withdrawal from marketing and discontinuance from support

IBM withdrew from marketing the IBM 4758 PCI Cryptographic Coprocessor, effective March 31, 2005, and discontinued support as of March 15, 2010.

NOTE: The information below is provided for historical reference only.

IBM 4758 hardware

IBM 4758 Cryptographic Coprocessor

The IBM PCI Cryptographic Coprocessors are state-of-the-art secure subsystems that you can install in server systems to perform DES and public-key cryptography. You can also load software for highly sensitive processing, such as the minting of electronic postage, which must perform its intended function even when under the physical control of a motivated adversary.

Coprocessor cross-sectionThe secure Coprocessor module is mounted on a two-thirds length PCI version 2.1 board and fits in a single slot that provides +5.0VDC +/- 15% and +12VDC +/-15% power and meets other environmental requirements as listed in chapter 2 of the General Information Manual. (3.3VDC variations of the Models 002 and 023 are also available to OEM customers and used in IBM eServer pSeries, and IBM eServer iSeries and IBM eServer zSeries servers.) The sealed Coprocessor module incorporates physical penetration, power sequencing, temperature, and radiation sensors to detect physical attacks against the encapsulated subsystem. Batteries provide backup power that is active from the time of factory certification until the end of the product's useful life. Any detected tamper event results in loss of power which immediately causes the zeroization of internal secrets and the destruction of the factory certification.

The IBM 4758 Model 002 is for use with IBM eServer xSeries and other Wintel machines. Variations of the IBM 4758 Model 002 and Model 023 are available as "PCICC" features for IBM eServer iSeries, pSeries, and zSeries.

FIPS 140-1 certification level Level 4 Level 3
CCA Support Program version 2: Model 002 Model 023
IBM eServer xSeries IBM 4758-002
(withdrawn November 16, 2004)
IBM 4758-023
IBM eServer iSeries NA PCICC feature
IBM eServer pSeries Feature #4963 Feature #4958
Feature #4964
IBM eServerzSeries PCICC feature NA
Original models, (no longer available):
CCA Support Program version 1
Model 001 Model 013

The models certified under FIPS PUB 140-1 level 4 use a mesh around the electronics to detect the most sophisticated physical penetration attempts. The other models certified at level 3 use a simpler penetration-detection design. Both designs zeroize all critical secret data when tamper is detected.

The IBM eServer iSeries server features employ the Model 023 technology while the IBM eServer pSeries and IBM eServer zSeries server PCICC features use the Model 002 technology.

Circuit board

What is a secure Coprocessor...

A secure coprocessor is a general-purpose computing environment that withstands physical attacks and logical attacks. The device must run the programs that it is supposed to, unmolested. You must be able to (remotely) distinguish between the real device and application, and a clever impersonator. The Coprocessor must remain secure even if adversaries carry out destructive analysis of one or more devices.

Many servers operate in distributed environments where it is difficult or impossible to provide complete physical security for sensitive processing. And, in some applications, the motivated adversary is the end user. You need a device that you can trust even though you cannot control its environment.

Cryptography is an essential tool in secure processing. When your application must communicate with other distributed elements, or assert or ascertain the validity of data it is processing, you will find cryptography an essential tool.

The FIPS 140-1 certification declares that the IBM Coprocessor is uniquely qualified to detect attempted attacks, and to perform processing securely, including correct implementations of several commercially significant cryptographic algorithms.

FIPS PUB 140-1

FIPS PUB 140-1 is the benchmark standard for evaluating the security and proper algorithmic implementation of a commercial cryptographic product. The IBM 4758 Model 002, and the CMOS Cryptographic Coprocessor on the IBM System/390 processors, are distinguished as products certified at level 4. These independent certifications provide assurance of the security, integrity, and correctness of the cryptographic algorithms inherent in the Coprocessor designs.

FIPS 140 is unique with its emphasis on clear testing criteria for anti-tamper design validation and its focus, at levels 3 and 4, on hardware implementations. Under the supervision of the USA and Canadian Governments, independent laboratories conduct thorough analyses of the product design and actual tests of products. The test report is discussed with the governmental bodies, and when found acceptable, a certificate is issued. Issued certifications are posted to the NIST Web site .

IBM UltraCypher Engine

The IBM UltraCypher Engine chip used in the Model 002 and 023 PCI Cryptographic Coprocessors is available for incorporation in other product designs. The single chip incorporates a 2048-bit modular arithmetic engine, a DES/TDES engine, a SHA-1 engine, noise-source based random number generator, and two FIFO buffers with dual-ported switching to supply and receive data from the DES and SHA-1 engines. You can download a PDF-format specification sheet.

OEM's interested in further information can contact IBM through the Question form, or in the USA call 1-800-IBMS-OEM.

IBM PCIe Cryptographic Coprocessor



The Programs listed below are licensed under the following terms and conditions in addition to those of the International License Agreement for Non-Warranted Programs Z125-5589-05.

Program Name: IBM CEX3C Common Cryptographic Architecture Support Program for Linux on System z version 4.2
Program Number: Tool

Source Components and Sample Materials

The Program may include some components in source code form ("Source Components") and other materials identified as Sample Materials. Licensee may copy and modify Source Components and Sample Materials for internal use only provided such use is within the limits of the license rights under this Agreement, provided however that Licensee may not alter or delete any copyright information or notices contained in the Source Components or Sample Materials. IBM provides the Source Components and Sample Materials without obligation of support and "AS IS", WITH NO WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTY OF TITLE, NON-INFRINGEMENT OR NON-INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.