[email protected] (J R) writes: > Correct. Hardware Security Module is the more generic term. > > Host Security Module is the Racal/Thales offering. Many still use the term > generically.
re: http://www.garlic.com/~lynn/2013d.html#1 IBM Mainframe (1980's) on You tube Last decade, I had done design for new security chip and was looking at having it fab'ed at a new secure facility in Dresden. In the 90s, I had semi-facetiously commented that I would take a $500 mil-spec chip, aggresively cost-reduce it by 2-3 orders of magnitude while improving the integrity. In walk-through/audit of the facility, they wanted to charge me several cents to have HSM generate public-key pair and inject it into the chip (also added a couple minutes to processing for each chip) Since I wanted the chip well under a dollar, that several cents were significant. I pointed out that the chip had a secure key generation incorporated into the power-on/test cycle ... and wouldn't need HSM processing (or the elapsed time). The secure key generation during power-on/test cycle actually speeded up the power-on/test sequence and the generated public key was exported as part of the power-on/test sequence validation data (the private key would never be exported). Not only wouldn't I need the HSM, extra time & cost ... but shouldn't I get a credit for speeding up the power-on/test sequence (as an aside, after power-on/test sequence ... those circuits get destroyed). reference to bunch of patents on the subject http://www.garlic.com/~lynn/x959.html#aads old email discussing pgp-like public key email on the internal network http://www.garlic.com/~lynn/2007d.html#email810506 http://www.garlic.com/~lynn/2006w.html#email810515 other old email about public key ... mentioning "The current MVS Cryptographic Subsystem key management scheme is a perfect example of the morass that faces us in 'automatically' managing keys" http://www.garlic.com/~lynn/2007d.html#email841218 and another quote "which, to SNA product developers always seem to be either inept, uninformed, or irrelevant" http://www.garlic.com/~lynn/2007b.html#email841226 mentions cost of racal box ... would contributed to getting me involved as mentioned in post upthread, I wanted under $100, and capable of 3mbyte/sec ... this mentions $3,200/box running 128kbit/sec http://www.garlic.com/~lynn/2006.html#email850701 -- virtualization experience starting Jan1968, online at home since Mar1970 ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
