HP, Wave team on secure chip

The firms announce a security technology they call a "trusted client" system that builds security into a programmable chip for PCs.

2 min read
Hewlett-Packard and Wave Systems today announced a security technology they call a "trusted client" system that builds security based on HP's VerSecure technology into a programmable chip for PCs.

NEC has committed to use the chip in desktop PCs next year, and HP's PC division is considering the same.

"We are introducing the concept of a 'trusted client' extending the web of security to the desktop for existing applications," said Steven Sprague, Wave's president. "We are bringing a hardware solution to desktop security." Wave designed its chip for use in set-top boxes, handheld devices, and peripheral cards.

Wave's chip will use HP's VerSecure 128-bit strong encryption technology, which the U.S. government has preapproved for export, although Wave will need another export approval for its chips.

Wave's security chip is designed to be built into new PCs, which can then be used for e-commerce and security applications. As a hardware-based security technology, Wave says its Embassy E-commerce platform will be both cheaper and more secure than software-based approaches.

Wave has licensed the Embassy technology to ITE and Standard MicroSystems Corporation, which manufacture PC motherboards.

"This is a flexible, secure platform helping to expand the role of the PC in e-commerce," Sprague said. "It is compatible with most applications that run today, which are completely server-centric and would benefit from use of a trusted client."

Embassy uses RSA Data Security encryption, utilizes Aladdin Knowledge Systems' data protection software, supports Sun Microsystems' JavaCard specification, and will work with VeriSign digital certificates.

"By moving security from the server to the client, we think we add new application capabilities to PCs that don't exist today," said Doug McGown, a director for HP's VerSecure. "We have created a virtual smart card that resides on the PC."

The Embassy technology appeals to PC makers because it can be deployed without changing the motherboard and will solve requirements for a "secure boot" for PCs.

McGown said the "trusted client" model will add security to applications like virtual private networks and can be used to store digital certificates or software licenses securely.

Today's announcement represents Wave's efforts to broaden its market and resuscitate itself after several years of effort to get its hardware built into consumer PCs so they can be used for renting computer games and other software. It also adds a new revenue source from licensing fees from applications that are loaded into the chip.

McGown said HP is looking at building the secure chip into peripheral devices in addition to new PCs, which would accelerate how quickly it became prominent in the marketplace.