Processor makers jump on security bandwagon

The trend is expected to be embraced most quickly by corporate buyers on the hunt for IT hardware with built-in security, though consumers will not be far behind, according to analysts.

"Processor vendors will use integrated security features as a key way to differentiate their chips. Security is becoming a checklist feature," said Shane Rau, an analyst at IDC in Mountain View, Calif.

The driving force behind the market's rising security consciousness is the growth of wireless LAN in the office, which is fueling demand to safeguard e-mail and other data from would-be eavesdroppers.

Chipmakers are also courting the home network market by embedding encryption algorithms in their processors in an effort to head off intellectual property concerns arising through the illegal copying and distribution of copyrighted content.

Intel syndrome

And with Intel Corp. weighing in, rival processor makers are jockeying for position before the MPU titan unveils its own integrated security suite, code-named La Grande, in its Prescott processor in the third quarter, said Bert McComas, an analyst at InQuest Research, Gilbert, Ariz.

"Everyone is competing not only for design wins but also to get security application program developers to port to their chips," McComas said.

In September, Intel disclosed that Prescott will represent the company's first fully integrated security option, although details of the platform have not yet been spelled out. Intel already offers a single-chip random-number generator that is available as an option in most of its chipsets. However, the chip slows overall system performance and hasn't been widely adopted, industry observers said.

In the last two weeks, Via Technologies Inc. and Transmeta Corp. have rolled out processors with data encryption engines embedded on-chip.

Via's C3 6165, which had been dubbed Nehemiah, is aimed initially at low-cost PC desktops, and the company said it is also developing a version for notebooks.

The C3 6165 measures constantly changing electrical noise on the chip to generate random numbers, while the number generator is accessed through an x86 instruction rather than a separate software driver.

"It's far more secure than software or other techniques commonly used for random-number generation," said Glenn Henry, president of Via's Centaur Technology processor design unit in Austin, Texas.

Transmeta has achieved first silicon of its Crusoe TM5800 processor with integrated security, which is expected to be in production the second half of this year. Walter Sun, senior product manager for the Santa Clara, Calif., company, said Transmeta uses its proprietary code-morphing software to store passwords, security authorization certificates, and keys that are invisible to x86 commands.

"This secure storage is tamper-resistant because it is within the Crusoe architecture only," Sun said.

IBM, National, AMD too

IBM Microelectronics, East Fishkill, N.Y., has been shipping its PowerPC 405LP with an encryption engine on-chip for more than a year. Kalpesh Gala, PowerPC marketing manager, said the processor is targeted at wireless handheld devices.

"In the future, we might include on-die encryption for other PowerPC processors, but there's nothing definite yet," Gala said.

Gala added that IBM is investigating whether to expand the co-processor's security functions by developing a single-chip, dual-processor PowerPC.

National Semiconductor Corp., Santa Clara, has a prototype Geode chipset that includes data rights management (DRM) for digital-TV set-top boxes, and said it will offer the same set of features in a single chip within 12 to 18 months.

Paul McCormick, manager of National's set-top-box business unit, said the company is working closely with the motion picture industry to add a DRM security chip to the Geode that will allow consumers to share digital movie content with PCs and TVs within their own home, but prevent unauthorized relay outside the home.

Advanced Micro Devices Inc. also is developing a security suite that includes a chipset, motherboard, and new processor, and which industry sources said will use the upcoming 64-bit Opteron and Athlon 64 chips.

Geoffrey Strongin, platform security architect at AMD in Sunnyvale, Calif., said the company will use the Palladium security operating system of Microsoft Corp. to drive its encryption hardware. Analysts expect the Palladium OS will be released in 2004.

Rather than using a proprietary security solution typical of many processors, "AMD wants to enhance open standards and preserve the open nature of the industry," Strongin said. "This will assure that legacy applications will continue to work on new security versions of the same application software."