Security

Cryptocards

Product summary

Library

Order

Software download

Product support

		Education
		FAQ
		Software updates
		Contact

PCI Cryptographic Coprocessor

PCI Cryptographic Accelerator

IBM 4764 PCI-X Cryptographic Coprocessor

Release 3.30 for CCA

Release 3.30 is available for download by all customers who use the IBM 4764 Model 001 in an IBM System x™ server (IBM ServerProven model only).

Release 3.30.4 is a full standalone package.

IBM offers a Common Cryptographic Architecture (CCA) Support Program that is licensed internal code for the IBM PCI-X Cryptographic Coprocessor. It provides device drivers, utilities and access method support, in addition to providing support for:

Strong DES key management with extensive key separation
Triple and single DES data encryption
Message authentication (MAC) and financial PIN processing
RSA operations (previously up to 2048 bits for key generation and digital signature operations)
Programmable - Customer / User Defined Functions (UDX)
Access controls to manage definable roles

Here are some of the most notable enhancements to the CCA API that are part of Release 3.30:

New AES (Advanced Encryption Standard) support, with AES key lengths of 128, 192, and 256 bits, including:

An enhanced version of the Master_Key_Process (CSNBMKP) verb to manage the new 256-bit AES master-key used to encrypt and decrypt keys in AES internal key tokens.
New Symmetric_Algorithm_Decipher (CSNBSAD) and Symmetric_Algorithm_Encipher (CSNBSAE) verbs to decrypt and encrypt data using AES keys.
A new AES key-storage dataset to store internal AES key tokens, separate from the DES and PKA key-storage datasets.
New AES key-storage verbs to manage the AES key-storage dataset:

AES_Key_Record_Create (CSNBAKRC)
AES_Key_Record_Delete (CSNBAKRD)
AES_Key_Record_List (CSNBAKRL)
AES_Key_Record_Read (CSNBAKRR)
AES_Key_Record_Write (CSNBAKRW)

The addition of ISO/DIS 9564-1 Format 3 PIN-block support (ISO-3). ISO-3 is identical to ISO-0, except that it uses random pad digits ranging from X'A' through X'F' instead of only X'F' pad digits.
The addition of 4096-bit RSA key support (from 2048-bit) for RSA-CRT and RSA-PUBL keys.
New Random_Number_Generate_Long (CSNBRNGL) verb, which allows the length of the random number to be specified, from 1 to 8192 bytes long.

If you have any additional questions, contact Crypto support.