Global Sources
EE Times-Asia
Stay in touch with EE Times Asia
EE Times-Asia > Embedded

Crypto chip choices confound PC makers

Posted: 24 Feb 2004 ?? ?Print Version ?Bookmark and Share

Keywords:pc? desktops? hardware security? stmicroelectronics? national semiconductor?

As PC makers gear up to build desktops with hardware security, they face tough choices about how to implement a small but significant cryptography chip crucial to their architecture. That's because chipmakers are offering a bewildering array of options for so-called trusted platform modules, essentially low-cost silicon safes for a digital key.

Atmel, Infineon, National Semiconductor and STMicroelectronics have been selling standalone TPM chips for some time. The chips typically cost less than $10 in volume and can encrypt and decrypt digital certificates and store them in on-board memory.

The TPM chips are pivotal in a PC industry initiative to build hardware security into the desktop in tandem with the next major version of Windows dubbed Longhorn. Thus even though the chips are small they ultimately represent a new hundred million unit/year opportunity.

Scrambling to get a foothold in that market, Broadcom Corp. announced Tuesday (February 17, 2004) it has licensed software from Infineon to enable it to build a TPM in its GbE media access controller. Infineon said it is seeking other deals to partner with companies wanting to integrate TPM capabilities into their chips.

Meanwhile, National Semiconductor is planning to put a TPM in its Super I/O chips. And at least one vendor is said to be putting a TPM in its media processing silicon for consumer PCs. Eventually core logic makers may decide to pull the TPM into their x86 chip sets.

The picture is becoming almost comically confusing for OEMs watching the TPM functionality emerge in multiple presentations about new PC chips.

"We don't want to buy this part seven times, we just want it once," said Kevin Kettler, CTO for Dell Computer. "We are looking into what's the best way forward and hope to have an answer in the next eight weeks or so," he added.

According to the TPM specification developed by the ad hoc Trusted Computing Group the TPM needs to sit on the low-pin count bus (LPC) inside the PC and was defined as a standalone part. However, OEMs say integration of the TPM into an existing PC chip could significantly lower new costs-the perennial hot button for PC makers.

A $5 TPM could become a $1 cost premium on an integrated chip, said Stacy Cannady, product manager for client security in IBM Corp.'s PC division. Cannady suggested OEMs ultimately will use a range of integrated and standalone parts for a range of different PC designs and markets.

"If you put it in the Super I/O, the question is do we like your Super I/O. If you put it in a Gbit MAC, the question is are our systems ready for Gbit Ethernet and is that chip on the LPC bus?" Cannady said.

One overarching concern is that the TPM - wherever it is located - has to have power immediately after the system boots for the new security initiative to work, he added.

As PC makers sort through the implementation issues, other groups are sorting out how the desktop architecture will apply to their systems. Inside the TCG, separate working groups hope to hammer out related security architectures for servers, cellphones, consumer gear and even hard disk drives.

Cannady said the server and storage groups are the next likely candidates to finish a specification. It's not clear yet whether TPMs would be needed in every hard drive, in addition to the host system. Also undecided is whether multiprocessing servers need a TPM for every CPU in the box, Cannady added.

Nokia is chairing a TCG working group on bringing the architecture to the cellphone, but so far has not rallied support among a quorum of cellphone makers to define the architecture, he said.

IBM plans to put the current version 1.1b TPM parts in all but its lowest cost notebook computers by the end of the year, Cannady said. However, to work with the next-generation of Windows, the TPMs need to be upgraded to a recently released version 1.2 for which chips have not yet shipped.

Cannady said he doesn't expect IBM to shift to the 1.2 version chips until Longhorn becomes available, probably in 2006.

- Rick Merritt

EE Times

Article Comments - Crypto chip choices confound PC make...
*? You can enter [0] more charecters.
*Verify code:


Visit Asia Webinars to learn about the latest in technology and get practical design tips.

Back to Top