National Semiconductor Unveils Trusted Chip for PCs

Updated: IBM will use the new devices, designed to make it more difficult for hackers to access a system's data, in its latest line of ThinkCentre PCs.

Chip maker National Semiconductor Inc. is rolling out hardware devices designed to make desktop and laptop PCs more secure.

The Santa Clara, Calif., company on Thursday introduced its SafeKeeper Trusted I/O products that enable users to store a computers identity on a piece of silicon, rather than relying on software to protect it.

Putting the data in the systems hardware makes it more difficult for hackers to access, according to National Semiconductor.

The devices contain a Trusted Platform Module, or TPM, which securely stores such data as passwords and digital certificates. National began shipping discrete TPMs several years ago and has now integrated it with other I/O logic to save cost.

The SafeKeeper Trusted I/O devices integrate TPMs with Super I/O and firmware to protect features such as operating systems, applications and BIOS, the company said. Competing solutions use discrete logic, which offers more flexibility but can be more expensive.

"What were selling them on is the actual transition," said Todd Whitaker, co-general manager of the Advanced PC Division at National Semiconductor, in Santa Clara, Calif. "If theyre just dabbling, and want to try out a system, we have it as an option—they can go with a discrete system. But for those that are ready to go do it, to deliver a trusted platform, we have the way."

IBM, of Armonk, N.Y., which has used TPMs since 1999, said it is using the new devices in its latest line of ThinkCentre PCs.

"Security, encryption and password management are key components of IBM ThinkVantage Technologies, which simplify the PC user experience and reduce management costs for organizations of all sizes," Clain Anderson, program director of wireless and security solutions in IBMs Personal Computing Division, said in a prepared statement. "Using National Semiconductors Trusted I/O chip for our newly launched desktop models helps make IBM ThinkCentre models featuring the IBM Embedded Security Subsystem the most secure industry-standard desktop PCs you can buy."

National is in talks with other vendors as well, Whitaker said. Infineon Technologies AG and Atmel Corp. also produce discrete TPM modules, which have been incorporated into Hewlett-Packard Co.s D530 desktop PCs and Fujitsu Ltd.s LifeBook notebooks.

"Some people think that trusted platforms are just a specialized technology out there," said Anne Price, a spokesperson for the Trusted Computing Group, which oversees the specification. "Thats starting to change."

Next up on Nationals roadmap will be the production of TPMs compliant with the version 1.2 specification, which was announced in November 2003 and included in the Intel "Florence" PC design. National will begin sampling the 1.2 TPM modules later this year and deliver shipments next year, Whitaker said.

The 1.2 specification allows the state of the module to be pinged by other applications through a feature called direct anonymous attestation, which communicates information about the state of a trusted computer equipped with a module. Other features include "delegation," or the ability for the user to use specific, user-operated commands to allow the user more fine-grained control in determining what applications to trust or not trust; and "locality," or the means for the user to manually assign permissions to external software processes.

Meanwhile, Genevas STMicroelectronics NV began shipping its ST19WP18 TPM, which is compliant with the 1.2 specification, on Sept. 7, said ST spokesperson Michael Markowitz. The new TCG 1.2 solution features an integrated Core TCG software stack from NTRU Cryptosystems Inc., along with the Embassy Security Center and Cryptographic Services Provider from Wave Systems Corp., plus BIOS and Windows drivers.

Nationals SafeKeeper Trusted I/O devices include the PC8374T for desktops and PC8392T for notebooks. The desktop device is available immediately, starting at $5 per 1,000 units shipped. The notebook device will be available in the fourth quarter, starting at $7 per 1,000 units.

Editors Note: This story was updated to include information and comments from National Semiconductor, Trusted Computing Group and STMicroelectronics representatives.


Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Security Center Editor Larry Seltzers Weblog.


Be sure to add our Security news feed to your RSS newsreader or My Yahoo page