Click for homepage
Utimaco
  
CryptWare →
  
SAFE-Board
Hardware Security Module · 8-bit ISA-bus

SAFE-Board or SafeBoard, is a Hardware Security Module (HSM) for Personal Computers (PC) with an 8-bit ISA-bus 1 expansion slot, developed around 1990 by the German company Utimaco. The encapsulated plug-in card is used in combination with dedicated PC-based encryption software.

The first iteration of the SAFE-Board HSM was released in 1987 [1]. It was developed by Prof. Dr. Horst Günter who, aside his job at the Berlin Polytechnics University, also worked for Utimaco. The board was used for encrypting the contents of the harddisc of a computer, and prevented the computer from booting from a floppy disc drive.

In addition it allows passwords and encryption keys to be stored in its on-board non-volatile 2KB Electrically Erasable Programmable Read-Only Memory (EEPROM), 2 that is mapped into the computer's addressable memory space.
  

The SAFE-Board shown here is not from 1987 but is probably a later iteration. According to the text on the PCB, it was developed in 1989, and according to the text on the metal enclosure, it was released a year later in 1990. To protect the unit from inspection by an adversary or a competitor of the product, the entire PCB is cast in epoxy and is housed in a metal enclosure.

Normally, it would be impossible to reveal the contents of the encapsulated product without damaging the components, but fortunately we have a development version of the board which has not been cast in epoxy. The image on the right shows the development version aside the encapsulated unit, and reveals what is inside.

Aparently, there are no cryptographic chips or any other components that perform a crypto­graphic function on the board, apart from the 2KB non-volatile memory (EEPROM) that is used for storing passwords and cryptographic keys. 2
  

The remaining parts are address buffers (74LS244), a data bus buffer (74LS245) a comparator for reading the settings of the DIP-switches (74LS85), and 'glue logic' consisting of a set of NAND gates (74LS132) and a reprogrammable logic device (18CV8) that is used as an address decoder for the on-board EEPROM (KM28C16). The first four DIP-switches (1-4) are used to set the desired address in the computer's memory map. For use in a cryptographic security solution, additional software on the PC is necessary, preferably in the form of a modified BIOS ROM.

  1. The 8-bit ISA bus is also known as PC bus or XT bus.  Wikipedia
  2. This memory type cannot be purged (zeroized) in case of an emergency.  More

Utimaco SAFE-Board
Encapsulated version next to a development version
DIP-switches and LED indicator
Development version of the HSM (development version)
DIP-switches and LED indicator
Components side
Solder side
A
×
A
1 / 7
Utimaco SAFE-Board
A
2 / 7
Encapsulated version next to a development version
A
3 / 7
DIP-switches and LED indicator
A
4 / 7
Development version of the HSM (development version)
A
5 / 7
DIP-switches and LED indicator
A
6 / 7
Components side
A
7 / 7
Solder side

EEPROM vs SRAM
The fact that a 2KB EEPROM is used for storing passwords and cryptographic keys, does not seem a very wise decision. An EEPROM is non-volatile and retains its contents even when the power supply is cut off. This means that the keys and passwords cannot be destroyed quickly when security is compromised, and, worse, that they can't be destroyed at all when the computer is off.

For this reason, later HSMs like the CryptWare Board, use Static Random Access Memory (SRAM) instead. An SRAM is a low-power device of which the contents are retained by an external battery. Destroying the contents of the SRAM is possible by cutting the power supply from the battery, which is also possible when the computer is off. This procedure is known as ZEROIZING.


Datasheets
References
  1. Hans-Peter Dorn, Utimaco, Ein kleiner Streifzug durech die Geschichte, 1983-2015
    Visited 5 March 2023.
Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Sunday 05 March 2023. Last changed: Wednesday, 08 March 2023 - 07:35 CET.
Click for homepage