Business your connection to The Boston Globe

IBM puts security into CPU

In an effort to boost the level of data security on portable computers, cellphones, and other gadgets, IBM Corp. is unveiling a method for injecting encryption capabilities into the heart of the machines' circuitry.

IBM researchers contend that unless the encryption function is performed by a computer's central processing unit, a supremely savvy hacker can tap into the pathway between the machine's brain and the separate encryption engine. To guard against that, IBM is reporting today that it has developed SecureBlue, encryption circuitry that can be integrated into any processor, regardless of its manufacturer.

IBM is not the first to seek to integrate encryption into a computer's central processing functions. Intel Corp.'s upcoming LaGrande technology essentially does that, though it requires interaction with a separate chip, known as a trusted platform module. The IBM researchers say they have developed a way to skip that step.

Richard Doherty, an analyst with the Envisioneering Group, said SecureBlue's design appears flexible enough to bring strong encryption to such new settings as cellphones and music players.

However, SecureBlue needs to be woven into a processor from scratch. That means that SecureBlue, at least for the time being, will probably end up only in devices made by companies that hire IBM's custom engineering unit.

IBM researchers said SecureBlue already has made its way into one customer's devices. But they said that company had demanded anonymity.

Bruce Schneier, founder of Counterpane Internet Security Inc., said that more fully integrating encryption and processing would probably improve a machine's performance. But he said it was ''just stupid" to argue that hackers would otherwise target the transmission between a computer processor and a separate encryption engine.

Today (free)
Yesterday (free)
Past 30 days
Last 12 months
 Advanced search / Historic Archives