IBM CryptoCards Newsletter

Click here to sign up for the periodic IBM CryptoCards Newsletter

News for IBM cryptographic adapters

Previously published IBM CryptoCards Newsletters are available here.
The table below contains important news about the IBM Systems cryptographic hardware products. Customers are encouraged to visit this page frequently.


Date | Product | Description

July 24, 2019 | HSM CEX6S / 4768 | New CCA Release 6.3 with PCI PTS HSM certification

The IBM 4768 CCA Support Program Release 6.3 is now available for customers who use the IBM CEX6S on IBM Z. The CCA 6.3 firmware on the CEX6S adapter has achieved PCI PTS HSM certification. The is the first delta certification after CCA 6.0 on the CEX6S achieved PCI PTS HSM certification. This release adds significant function to the certified scope.

CCA 6.3 for CEX6S adds:

  • compliance tagging for AES secure key tokens and RSA private key tokens,
  • compliance-tag key support for DK functions,
  • X9 TR-34 key exchange services exploiting the Public Key Infrastructure (PKI) internal to the CEX6S, as well as compliance-tag key support, and
  • expansion of native X.509 certificate support to all public key services.

June 18, 2019 | HSM 4767 | CCA Release 5.5.6 support for SLES 12.4

CCA Release 5.5.6 has added support for SUSE Linux Enterprise Server (SLES) from Novell (64-bit) release 12.4. This support is an RPM to update the ibm4767 device driver. It is NOT a standalone package. Before installing the RPM, you MUST install the standard IBM 4767 installation package.

Instructions for updating the ibm4767 device driver are available here:
http://public.dhe.ibm.com/security/cryptocards/pciecc2/CCA/README-CCA-x86-SLES12.4-20190618.txt

May 3, 2019 | HSM 4767 | New CCA release 5.5.6

The new IBM 4767 CCA Support Program Release 5.5.6 is now available for download by all customers who use the IBM 4767 in an x86 server. CCA Release 5.5.6 is supported on the following 64-bit operating systems:

  • Red Hat Enterprise Linux (RHEL) Server (64-bit) 7.5
  • SUSE Linux Enterprise Server (SLES) from Novell (64-bit) 12.3

Summary of changes for CCA Release 5.5.6:
This release contains the first release of the new host utility Crypto Hardware Initialization and Maintenance (CHIM) for remote initialization and maintenance of IBM Cryptographic Coprocessors.
The CHIM utility is introduced as a future replacement for host utility Crypto Node Management (CNM). CHIM's superior advantage is the ability to manage multiple remote IBM Cryptographic Coprocessors.
Other Enhancements include:

1. An AES MAC key in a variable-length symmetric key-token with key usage VERIFY has a new authentication data verification key usage.

2. The Key_Test2 verb can verify the value of a master key as defined in ANS X9.24 Part 1.

3. The Unique_Key_Derive verb has two direction or initiation rule-array keyword groups added, one group for deriving MAC keys, and the other group for deriving data encryption keys.

4. The DK_PRW_Card_Number_Update2 verb has been added that updates a PIN reference value or word (PRW) with updated time-sensitive card data (and a newly generated random number), but without changing either the customer PIN, primary account number, or permanent card data for later use by other PIN processes for PIN verification.

5. The DK_Random_PIN_Generate2 verb has been added that generates a random PIN of a selected length and returns the calculated PIN reference value or word (PRW) for use by other PIN processes to verify the PIN.

6. The TR31_Key_Import verb is enhanced to import additional types of keys and key blocks.
 
For details about these additions, please see the 4767 CCA Releases page.

Mar. 21, 2019 | HSM CEX6S / 4768 | FIPS 140-2 Level 4 certification

As of March 21, 2019, the IBM CEX6S / 4768 hardware security module (HSM) is validated to FIPS PUB 140-2 Level 4. Level 4 is the highest level of certification achievable for commercial cryptographic devices. See FIPS certification number 3410 (Link resides outside ibm.com) on the Computer Security Resource Center website for the certification.

Feb. 11, 2019 | HSM 4767 | CCA Release 5.4.33 Toolkit

As of February 11, 2019, the Toolkit for CCA Release 5.4.33 is available. The following major upgrades are in this Toolkit:

  1. Updates to the skeleton sample for DSA support have been added. Please refer to the skeleton sample and y4lib code for more details.
  2. cctk/<version>/samples/toolkit/y4lib has been moved to cctk/<version>/y4lib in an effort to eliminate the need for dependencies on the "samples" directory for production level code.
  3. cctk/<version>/samples/makefiles has been moved to cctk/<version>/makefiles in an effort to eliminate the need for dependencies on the "samples" directory for production level code.
  4. Various makefiles have been updated in an effort to eliminate the need for dependencies on the "samples" directory for production level code. The general idea is that customers can now copy a sample out of the "samples" directory and get it to work without having to restructure the Toolkit. Depending on the sample, customers may need to amend some specific includes, or copy portions of other samples as some of the samples depend on each other for common processing routines.
  5. A sample demonstrating how to use the usb port on the adapter as a serial port has been added. Please refer to the samples/toolkit/usbserial sample code for more details.
  6. A new version of ICATPZX is included with this Toolkit. This update fixes several issues with the debugger.

For additional information about the Toolkit, see the PCIeCC2 / 4767 Custom Programming page or contact Crypto.

Jan. 30, 2019 | HSM 4767 | CCA Release 5.4.33 for Windows

As of January 30, 2019, in addition to the previously announced Linux support, CCA Release 5.4.33 is also available for x86 server customers who use Windows 2016 Server.

See the Dec. 6, 2018 entry below for additional information about CCA Release 5.4.33.

Jan. 14, 2019 | HSM CEX6S | CEX6S achieves unique PCI PTS HSM certification

The IBM Crypto Express 6S (CEX6S) is IBM's fastest and most secure hardware security module (HSM) yet, and with CCA 6.0 it has achieved certification under the Payment Card Industry (PCI) PIN Transaction Security (PTS) HSM program.

For more information, please see the IBM Systems Magazine blog (this link resides outside of ibm.com).

Jan. 8, 2019 | HSM CEX6S / CEX5S | New EP11 release 2.0

The new EP11 Support Program release 2.0 is now available for download by all customers who use the IBM z13 or IBM z14 (CEX5S and CEX6S). The release 2.0 is available for the following 64-Bit operating systems:

  • SUSE Linux Enterprise Server (SLES) from Novell (64-bit): 11 SP4, 12, 12 SP1, 12 SP2, 12 SP3, 15
  • Red Hat Enterprise Linux (RHEL) Server (64-bit): 6.7, 6.10, 7.3, 7.4, 7.5
  • Ubuntu (64-bit): 16.04.05, 18.04

Summary of changes between EP11 1.3 and 2.0:

  • Adds new API for targeting cards and domains, allowing for unified target creation and target groups.
  • Extends exported user interfaces in ep11.h and ep11adm.h.
  • New EP11 TKE daemon. The daemon now implements an authentication method for the communication between TKE and daemon. The Linux user needs to be added to the ep11tke group to work on a TKE. This feature can be disabled per configuration option.
  • Adds documentation to the EP11 structure document about the EP11 Support Program.

New software requirements:

  • OpenSSL 1.0.x or 1.1.x is required for the new EP11 TKE daemon.

The EP11 1.3 release is still supported for distributions that do not support the requirements for EP11 2.0.

Dec. 6, 2018 | HSM 4767 | New CCA release 5.4.33

The new IBM 4767 CCA Support Program Release 5.4.33 is now available for download by all customers who use the IBM 4767 in an x86 server. CCA Release 5.4.33 is supported on the following 64-bit operating systems:

  • Red Hat Enterprise Linux (RHEL) Server (64-bit) 7.5
  • SUSE Linux Enterprise Server (SLES) from Novell (64-bit) 12.3

Summary of changes for CCA Release 5.4.33

  • Three-key (192-bit) Triple-DES keys are added to strengthen security for operations such as data encryption, PIN processing, and key wrapping.
  • Limited ISO Format 4 (ISO-4) AES PIN blocks as defined in the ISO 9564-1 standard.
  • Directed keys, whose objective is to generate and derive many different AES key pairs with different key usages from one key diversification key (KDK).
  • Wrapping and unwrapping DES and TDES keys using an AES Key Block Protection Key (TR-31 key block version ID, or method, “D”) according to ISO 20038.

The IBM 4767-002 is IBM's fifth generation of cryptographic coprocessor to support x86 machines. The 4767 is designed to provide security rich features and to deliver high throughput for cryptographic functions. These cryptographic processes are performed within a secure enclosure that is certified to the Federal Information Processing Standard (FIPS) 140-2 level 4, the highest level of certification achievable for commercial cryptographic devices.

Aug. 27, 2018 | FC EJ32/EJ33 | CCA Release 5.2.23 on AIX

CCA Release 5.3.23 is now available for download by all customers who use the IBM 4767 on AIX 7.1 / 7.2.

May 16, 2018 | HSM 4767 | New CCA Release 5.3.23

The new IBM 4767 CCA Support Program Release 5.3.23 is now available for download by all customers who use the IBM 4767 in an x86 server. CCA Release 5.3.23 is supported on the following 64-bit operating systems:

  • Microsoft Windows Server 2012 R2
  • Red Hat Enterprise Linux (RHEL) Server (64-bit) 7.2, 7.3, and 7.4
  • SUSE Linux Enterprise Server (SLES) from Novell (64-bit) 12.1

Summary of changes for CCA Release 5.3.23

Segment 1:
The IBM 4767-002 hardware security module (HSM) is validated to FIPS PUB 140-2 Level 4. Level 4 is the highest level of certification achievable for commercial cryptographic devices. See FIPS certification number 3164 (Link resides outside ibm.com) on the Computer Security Resource Center website for the certification.

Segment 2:
Updated with minor changes.

Segment 3: 
Updated CCA firmware version 5.3.23 meets the requirements of the German Banking Industry Committee (GBIC) and is compliant with GBIC's security requirements.

Host Code:
Potential memory leak fix.
Users affected: Users of CCA host Release 5.3.12 (Linux or Windows) or CCA host Release 5.2.23 (Linux only) who call the Symmetric_Algorithm_Decipher (CSNBSAD) verb with the Galois/countryer Mode (GCM) processing rule specified in the rule array are affected.

Users should update segments 1, 2, and 3 as well as the host library to get all enhancements and fixes.

Apr. 27, 2018 | HSM CEX6S | New CCA product release for IBM CEX6S

New product release CCA 6.0 for Linux on IBM Z now available effective April 2018. See the IBM CEX6S Linux on Z software page for additional information.

Apr. 4, 2018 | HSM 4767 / 4765 | Common Criteria EAL4 certification

As of April 4, 2018, the IBM 4767 and 4765 with IBM Enterprise PKCS#11 (EP11) firmware are Common Criteria Part 3 conformant (EAL4).

Apr. 4, 2018 | HSM 4767 | FIPS 140-2 Level 4 certification

As of April 4, 2018, the 4767 hardware security module (HSM) is validated to FIPS PUB 140-2 Level 4. Level 4 is the highest level of certification achievable for commercial cryptographic devices. See FIPS certification number 3164 (Link resides outside ibm.com) on the Computer Security Resource Center website for the certification.

Mar. 15, 2018 | HSM 4767 | GBIC certification

As of March 15, 2018, the IBM 4767-002 with CCA firmware version 5.3 meets the requirements of the German Banking Industry Committee (GBIC) and is compliant with GBIC's security requirements.

Mar. 1, 2018 | HSM 4767 | Changes to x86 server chart

Changes to the HSM 4767 on x86 chart are available. See the x86 servers page for additional information.

Feb. 1, 2018 | HSM CEX5S | Update to EP11 support for Linux on Z

Update of EP11 package available for z14. See the Linux on Z software page for additional information.

Oct. 4, 2017 | HSM CEX5S | Update to EP11 support for Linux on Z

Update of EP11 package available for z14. See the Linux on Z software page for additional information.

Sep. 8, 2017 | HSM CEX6C | CCA Releases 5.2, 5.0 for CEX6C Toleration support for Li

Update of CCA 5.2 packages available for z14, adding CEX6C-CCA toleration support. See the IBM CEX5S Linux on Z software page for additional information.

Jan. 24, 2017 | HSM 4767 | CCA - support for RHEL Server 7.3

IBM 4767 CCA Release 5.3.12 to include support on RHEL Server 7.3. See the list of x86 servers for additional information.

Nov. 18, 2016 | FC EJ32/FC EJ33 | CCA support for IBM Power Systems

As of November 2016, CCA Release 5.3.12 includes support for IBM Power Systems with any of the following operating systems installed:

  • IBM AIX (7.2, 7.1, and 6.1, 32-bit or 64-bit)
  • IBM i (7.2, Technology Refresh 5, 32-bit and 64-bit)
  • PowerLinux
    • RHEL Server 7.3 and RHEL Server 7.2, 64-bit
    • SLES 12 Service Pack 2 (little endian), 64-bit.
    • Ubuntu by Canonical, 16.04.1

Nov. 10, 2016 | HSM 4767 | Fix for memory leak

Problem: A host memory leak can occur.

Users affected: Users of CCA host Release 5.3.12 (Linux or Windows) or CCA host Release 5.2.23 (Linux only) who call the Symmetric_Algorithm_Decipher (CSNBSAD) verb with the Galois/countryer Mode (GCM) processing rule specified in the rule array are affected.

Problem fix: A fix package for the CCA host library of the IBM 4767 PCIe Cryptographic Coprocessor CCA Support Program is available:

Recommendation: All affected users should apply the applicable fix package.

Sept. 27, 2016 | HSM 4767 | New CCA release 5.3.12

An update to IBM 4767 CCA Support Program Release 5.3.12 has been released to include support on Linux. Release 5.3.12 for CCA is supported on the following 64-bit operating systems:

  • Microsoft Windows Server 2012 R2
  • Red Hat Enterprise Linux (RHEL) Server (64-bit)
  • SUSE Linux Enterprise Server (SLES) from Novell (64-bit)

Release 5.3.12 for CCA is available for download by all customers who use the IBM 4767 in an x86 server.

Attention Windows users:

There is a Windows hardware device driver (HDD) fix available for CCA Release 5.3.12. This fix addresses a potential system crash that can occur during handling of specific device errors.

Aug. 30, 2016 | HSM 4767 | New CCA Release 5.3.12 for Windows

The new IBM 4767 CCA Release 5.3.12 is now available on x86 servers on the following 64-bit operating system:

  • Microsoft Windows Server 2012 R2, 64-bit

Release 5.3.12 for CCA is available for download by all customers who use the IBM 4767 in an x86 server.

Summary of changes for Release 5.3.12

The initial release of CCA for the IBM 4767 is Release 5.2.23. Release 5.3.12 is the first release available after the initial release of the IBM 4767, and is the first release available that is supported on Microsoft Windows operating system (64-bit).

In addition to being supported on Windows, Release 5.3.12 provides support for the following enhancements:

The addition of support for the PKCS #1 v2.2 RSA Probabilistic Signature Scheme (RSA-PSS). RSA-PSS is based on the RSA cryptosystem and provides increased security assurance:

  • Digital_Signature_Generate
    • - New digital-signature hash formatting method rule-array keyword PKCS-PSS
    • - The addition of the SHA-224 hashing-method specification rule-array keyword.
  • Digital_Signature_Verify
    • - New digital-signature hash formatting method rule-array keyword PKCS-PSS.
    • - New signature checking rule rule-array keyword group, with keywords EXMATCH and NEXMATCH, and related new required command Allow Not Exact Salt Length (offset X'033B').

The addition of digital signature support to optionally process the text supplied in the data variable (formerly hash variable) as a message that is to be hashed using the specified hashing-method:

  • Digital_Signature_Generate
    • - New input type rule-array keyword group, with keywords HASH and MESSAGE.
  • Digital_Signature_Verify
    • - New input type rule-array keyword group, with keywords HASH and MESSAGE
    • - New hashing-method specification rule-array keyword group, with keywords MD5, RPMD-160, SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512.
    • - The addition of format restrictions for PKA private key tokens of type RSA-AESC (token version X'31') and RSA-AESM (X'30') to optionally restrict these private keys to a particular digital-signature hash formatting method, or not restrict them (the default). Options include ISO-9796, PKCS-1.0, PKCS-1.1, PKCS-PSS, X9.31, or ZERO-PAD.
  • PKA_Key_Token_Build and PKA_Key_Translate New rule array keyword format restriction group, including keywords FR-I9796, FR-NONE, FR-PK10, FR-PK11, FR-PSS, FR-X9.31, and FR-ZPAD.
  • Addition of key token definitions for format restriction for digital-signature hash-formatting method, offset 51, in RSA private key RSA private key sections X'30' and X'31' (4096-bit M-E format and CRT format, with AES-encrypted OPK section).

Apr. 26, 2016 | HSM 4767 | New IBM 4767 and CCA release 5.2

The new IBM 4767 and CCA Release 5.2 is available on x86 servers  on SLES and RHEL 64-bit operating systems.

The PCIeCC2 / IBM 4767 is the latest generation of IBM's HSMs. It is redesigned for improved performance and security rich services for your sensitive workloads, and to deliver high throughput for cryptographic functions. For a detailed summary of the capabilities and specifications of the PCIeCC2, refer to theIBM 4767 Data Sheet (PDF, 562 KB).

What's new:

In addition to the functions available on the HSM 4765, the PCIeCC2 has the following:

  • Increased performance.
  • Hardware accelerated Elliptic Curve Cryptography (ECC) key generation, along with digital signature generation and verification using the Elliptic Curve Digital Signature Algorithm (ECDSA).
  • Enhanced firmware load security using ECDSA signatures.
  • Support for Visa Data Secure Platform with Point to Point Encryption (VDSP with P2PE), which includes Visa Format-Preserving Encryption (FPE).
  • Access-control tracking can be performed on a role ID basis to gather information about which access control points are queried by applications. Users of the IBM 4767 have enhanced logon control capabilities, including stricter passphrase length and character requirements and the ability for users to change their own passphrases.
  • The ability to encipher and decipher data using the AES algorithm in Galois/countryer Mode (GCM).
  • The creation of symmetric key material from a pair of Elliptic Curve Cryptography (ECC) keys using the Elliptic Curve Diffie-Hellman (ECDH) protocol and the ANSI-9.63-KDF key derivation method as specified in ANSI X9.63-2011.
  • Newly selectable RSA public exponents 5, 17, and 257. This addition completes the series of the first five Fermat numbers. The first five Fermat numbers are known to be prime.

Oct. 2015 | HSM 4767 | New product release for IBM 4765

A new CCA product release for IBM 4765 is now available on IBM-approved x86 servers and IBM AIX operating system effective October 2015.

Jul. 2015 | HSM CEX5S | New product release of CCA for Linux on Z

New product release CCA 5.0 for Linux on Z now available effective July 2015. See the HSM CEX5S Overview page for additional information.

Apr. 2015 | FC EJ27 / FC EJ28 / FC EJ29 / HSM 4765 | Buffer overflow in the GNU C li

Problem: A buffer overflow vulnerability in the GNU C library (glibc) has been publicly disclosed by Qualys.

Users affected:

  • System x CCA and Toolkit users running CCA release 4.1, 4.2, 4.3, 4.4.16, or 4.4.20.
  • System p AIX CCA and Toolkit users running CCA 4.3.8 or 4.4.20.

Note: The base PCIe Cryptographic Coprocessor (CCA) is not susceptible to the two known security issues described below. Only Toolkit customers may be susceptible. However, as a consumer of the GNU C Library (glibc), IBM is making a patch available for System x 4765 and System p PCIe Cryptographic Coprocessor users. Toolkit customers should download and install the fix and contact their Toolkit provider if there are any questions.

As of April 2015, a patch is available for System x 4765 and System p PCIe Cryptographic Coprocessor users who have used a Toolkit to develop a firmware application that uses (1) the network port, or (2) the gethostbyname() or gethostbyname2() glibc functions. If you are one of these users, you may be exposed to the following reported security vulnerability:

GHOST: glibc gethostbyname buffer overflow vulnerability (CVE-2015-0235)

Description: A heap-based buffer overflow exists in the GNU C library, commonly known as glibc. The affected library component is the ss_hostname_digits_dots() function used by both gethostbyname() and gethostbyname2() glibc functions. Programs calling these functions may be vulnerable to a buffer overflow, exploitable by local, as well as remote users, to execute arbitrary code on affected systems. In-depth technical information on the vulnerability has been publicly released and includes exploit, mitigation, and patch information. While not yet publicly available, a proof-of-concept remote exploit has been developed using this vulnerability that Qualys plans on publishing.

The GNU C library is most commonly used in systems using the Linux kernel.

CVE-2015-0235 has a Base CVSS score of 6.8 (medium)

CCA and Toolkit users: The GNU C library is shipped with the 4765 base support. The base card is not susceptible to these issues because the card is not shipped with the network port enabled, and there is no auto-config script to set up a network or ethernet device. Also, the card does not use the gethostbyname() nor gethostbyname2() glibc functions. IBM is providing the fix because the 4765 coprocessor is a consumer of the GNU C library. Applying this security patch is left to your discretion. To install the patch, see the instructions below. CCA customers should contact crypto@us.ibm.com with questions.

Toolkit users only: If your firmware application for the IBM 4765 uses the affected GNU C library functions or enables the network port, apply the security patch which corrects the vulnerability. Contact your Toolkit provider with questions.

To install the patch:

System x users:

  1. System x users of CCA Release 4.1 must move up to CCA Release 4.2 or later before applying the patch.
  2. Download the file (TAR, 31.1 MB) which contains a README.txt file and CLU files that contain the the patch.
  3. Untar the downloaded file.
  4. Follow the directions provided in the README.txt file to install the patch.

System p AIX users:

 

  1. Download the file (Z, 4.8 MB) that contains an interim fix.
  2. Install the interim fix using this command: 
    emgr -X -e 4765FW4428.150326.epkg.Z
  3. Follow the directions provided in the README file: 
    /usr/lpp/csufx.4765/README.4765FW4428

Benefits:

Installing the ghost vulnerability security patch corrects the security vulnerability described above.

Mar. 14, 2014 | PCIeCC2 and PCIeCC | Government access to data

Feb. 19, 2013 | HSM 4765 | MEPS validation

As of February 19, 2013, the 4765 hardware security module (HSM) is validated to meet the MEPS (Méthode d'Évaluation des Produits Securitaire "bancaires") approval scheme used by Cartes Bancaires (CB) banking ecosystem. This standards certification allows the 4765 HSM to be used by CB member banks on their dedicated payment networks.

Mar. 2012 | HSM 4765 | Support additional operating systems

Add-on features are being offered for the IBM 4765 on IBM-approved x86 systems to support additional operating systems. See the IBM 4765 overview page for information.