Main Page | Index

Axis Software User Manual

Axis Cryptographic Hardware

The Axis hardware includes a full hardware Triple DES (3-DES) encryption engine. The Axis device driver provides interfaces to this hardware. As well as the 3-DES encryption engine each customer has a unique master key programmed into the hardware. This master key never leaves this device.

The hardware makes this key invisible but still allows it to be used for certain cryptographic operations. The normal use for the master key is to decrypt local session keys. The principle cryptographic problem on an open system is to secure keys. Cryptographic keys can themselves be encrypted but ultimately the cryptographic system needs at least one key to boot strap itself.

In the Axis scheme, the start key and the master key are built into the Axis hardware in such a way as they can be used but not seen. To provide the best security individual games and other components should each be encrypted with their own session keys. To ensure security these session keys are encrypted using the master key. The hardware will allow such encrypted keys to be used but at the same time keep the keys' final form secret. At this time, session keys are supplied by Heber on a Smart Card. The hardware also supports a timer based security system. Every four minutes approximately an application has to perform a security sequence.

The sequence is as follows:

  1. The application requests a value, this is the output from a large pseudo random number generator.
  2. The output is internally latched encrypted using a supplied key and returned to the application
  3. The application then sends the encrypted number to a Smart Card.
  4. The Smart Card decrypts the number, modifies it in a known way, encrypts the result and returns the value to the application.
  5. The application then submits the modified number to the Axis hardware which decrypts the number, checks that the correct modification has occurred and if it has and the encryption keys used were originally encrypted with the master key. Then it delays for approximately four minutes the hardware going into a security lockout.

The normal Linux read / write model of I/O operations are a poor model for cryptographic operations. For a cryptographic operation to take place the device needs to be opened, a suitable key setup and then one or more data blocks submitted. The cryptographic system performs the requested transformation to the data and returns the transformed data. A read / write model would need the driver to hold temporary copies of cryptographic results between the application writing a request and the application reading the result. To avoid this the driver implements an ioctl based interface.

To use the cryptographic hardware an application opens the driver, it submits an IOCTL defining the key to use, it then submits one or more IOCTLs containing pointers to data to operate on. The driver performs the requested operation and writes the transformed data back over the original data.

The driver will accept data blocks of any size. However, 3-DES is a block cipher and always operates on blocks of 8 bytes, so it is best to keep operations to a multiple of 8 bytes long. 3-DES hardware also works most efficiently on blocks 512 bytes long. If larger blocks are submitted the driver will split the submission and perform multiple operations.

Generally it is more efficient to submit a few large operations than many small ones.

© HEBER LTD. 2005. This document and the information contained therein is the intellectual property of Heber Ltd. and must not be disclosed to a third party without consent. Copies may be made only if they are in full and unmodified. The information contained in this documentation is believed to be accurate and reliable. However, Heber Ltd. assumes no responsibility for its use, and reserves the right to revise the documentation without notice.
Document No: 80-17794, Issue 4r1    Release Date: 01.12.05     Email: support@heber.co.uk    www.heber.co.uk