1. Technical Field
The present invention relates generally to an improved data processing system, and in particular to a method and apparatus for performing cryptography operations. Still more particularly, the present invention provides a method, apparatus, and computer implemented instructions for a dual hardware and software cryptography system.
2. Description of Related Art
Cryptography is the art and science of keeping information secure. A person who does not know the method used to change the information to keep it secure cannot copy the method used or reverse the change. The basic components of cryptographic systems are used to encipher (scramble) information so that it is difficult to determine the meaning without the appropriate key or keys to decipher (unscramble) the information. The components include cryptographic algorithms (mathematical functions) for enciphering or deciphering information and keys (strings of information that cause a cryptographic algorithm to encipher or decipher in a distinctive way). Symmetric and asymmetric are two examples of cryptographic systems. Symmetric systems use the same key to encipher and decipher. This system is also referred to as a secret key algorithm.
In contrast, asymmetric systems generate and use different keys to encipher and decipher a secure key pair. With this key pair, consisting of a public key and a private key, only one key can decipher what the other enciphers. Asymmetric key pairs are used in creating digital signatures and transporting symmetric keys. In the past, most encryption systems only used symmetric cryptography. The problem with symmetric cryptography, however, is the difficulty encountered in distributing keys to targeted recipients. Since symmetric cryptography uses the same key for enciphering and deciphering, a person has to use creative and difficult means to prevent the unwanted from intercepting the key. If a third party were to intercept the key, they could use it to decipher anything it was used to encipher.
A solution to this problem is public key cryptography which uses asymmetric cryptography to transport symmetric keys. In such a system, a recipient's public key is used to encipher a symmetric key. Once enciphered, the symmetric key can only be easily deciphered using the corresponding private key.
The Internet and other networked environments are full of hackers, viruses, eavesdroppers, thieves, terrorists, and other threats to information privacy and control. Cryptography is necessary because it helps individuals and organizations protect themselves from these threats. For years, cryptography has been predominantly used by government intelligence agencies, military forces, and the banking industry. Today, others are beginning to realize the benefits and the necessity of cryptography.
Cryptographic systems may be implanted using hardware. As an overview summary, hardware cryptography implementation is required in certain industrial sectors such as financial areas. It is important that confidential information is kept in secure location. A classic example is the storage of private key. Although the access to the private key can be limited by the data structure/nature in software (e.g. declaring the key as a private attribute which cannot be accessed by any outside application), the memory that stores the key is not protected by secure means. An intruder/adversary can read the key information by brute memory reading or any work around. Besides secure storage, hardware also provides an environment to execute operations that involve confidential data such as digital signature and encryption. Hardware provides a secure means for storing confidential data and executing sensitive operations.
Cryptographic systems also may be implemented in software. In this type of implementation, the speed of a software implemented operation depends solely on the operating machine. The performance of software implementation can be improved by various techniques such as multithreading. The execution time is not necessary proportional to the size of input data once the code is loaded to memory since no more Input/Output (I/O) is needed and thus repetitive operation would yield in smaller overhead and shorter execution time.
Hardware, on the other hand, due to extra connections to the operating machine and limited memory (relatively smaller to the operating machine), has a limited and costly performance.