IBM PCIe Cryptographic Coprocessor Version 1

Software download

From this website you can download the software packages for the IBM PCIe Cryptographic Coprocessor Version 1 (PCIeCC) for the platforms shown.

Please refer to the table below for obtaining IBM Systems for Software, Firmware, or both.

Platform Software / Firmware available
IBM System z™ servers running Linux Obtain CCA or EP11 software for use in IBM System z servers running Linux on this software-package selection page.
IBM Power Systems™ servers running IBM AIX®

Obtain CCA software and firmware for use in IBM Power Systems™ servers running IBM AIX® as follows:

Go to the software-package selection page. If you do not have a universal IBM user ID, you will need to register. Once registered, sign in and select an offering, then complete the download.

IBM Power Systems™ servers running IBM i®

Obtain CCA software and firmware for use in IBM Power Systems™ servers running IBM i® as follows:

The CCA software for Power Systems running IBM i® is included in IBM i® Option 35 Cryptographic Service Provider 7.1 . This must be ordered through your authorized IBM customer representative.

The firmware for the PCIe cryptographic coprocessor is contained within 5733-CY3 Cryptographic Device Manager. An order will be automatically placed for this product when an order is placed for any of the following hardware feature codes:
(a) 4807 (without custom carrier)
(b) 4808 (IBM POWER6® custom carrier and instruction EC N23386)
(c) 4809 (IBM POWER7® custom carrier and instruction EC N23597)

IBM-approved x86 servers

The purchase of an IBM 4765 includes CCA software and firmware that can be installed on the Novell SUSE Linux Enterprise Server (SLES) 11 Service Pack 3 (32-bit) and Service Pack 2 (32-bit) on Release 4.4 or later. Only PCIeCC software or firmware installed on IBM-approved x86 servers is supported.

Separately purchased add-on features
The SLES 11 Service Pack 3 (32-bit), Service Pack 2 (32-bit), or Service pack 1 (32-bit) operating system is required unless a separate add-on feature is purchased. CCA software and firmware can be installed on additional operating systems by purchasing a separate add-on feature. An add-on feature is available for each of these operating systems:

With a new cryptographic hardware management solution, it is now possible to centrally manage multiple serves with one or more cryptographic coprocessors installed. The new Crypto Hardware and Initialization Management (CHIM) solution is now available for IBM-approved x86 servers and IBM Power Systems™.

To purchase any of these add-on features, contact the IBM Crypto Competence Center at ccc@dk.ibm.com. The Center is located in Denmark, which is in the Central European Time Zone (GMT+1).

How to obtain CCA software and firmware
Obtain CCA software and firmware for use in IBM-approved x86 servers as follows:

Get the IBM Tracking Serial Number from one of your PCIeCCs. This serial number along with your IBM customer number are required as part of the download package request.

Go to the software-package selection page. If you do not have a universal IBM user ID, you will need to register. Once registered, sign in and select an offering, then complete the download.

News for current customers

Spotlight

New product release for IBM 4765 now available on IBM IBM-approved x86 servers and IBM AIX operating system, effective October 2015.

New product release CCA 5.0 for Linux on IBM z Systems™ now available effective July 2015. See Overview page for additional information.


As of February 19, 2013, the 4765 hardware security module (HSM) is validated to meet the MEPS (Méthode d'Évaluation des Produits Securitaire "bancaires") approval scheme used by Cartes Bancaires (CB) banking ecosystem. This standards certification allows the 4765 HSM to be used by CB member banks on their dedicated payment networks.


Add-on features are being offered for the IBM 4765 on IBM-approved x86 systems to support additional operating systems. See the IBM 4765 software updates page.


On System z, the coprocessor is available as Crypto Express3, Crypto Express4, and Crypto Express5. It is also available for Linux.