Phoenix offers software alternative to key cache

BIOS specialist Phoenix Technologies Ltd will today release software it says can provide a more trusted storage mechanism for encryption keys in software, with security approaching that of hardware-based key storage.

Technologies such as the Trusted Computing Group’s Trusted Platform Module call for a tamper-proof hardware key repository that can be tapped by applications that want to authenticate the device they are running on.

Phoenix said its new TrustConnector software can provide similar, if somewhat less secure, functionality in software, by leveraging its unique view into the BIOS of all Windows-based devices.

TPM is still fairly expensive, so it’s not necessarily installed in many machines right now, said Michael Goldgof, senior vice president of marketing. He said TrustConnector will work on existing computers without the need for hardware upgrades.

The company will announce the product at the FOSE government IT trade show in Washington DC this week, along with the first TrustConnector OEMs – SafeNet Inc, VeriSign Inc and Network Associates Inc.

TrustConnector creates cryptographic keys on Windows boxes using device profile information extracted from the BIOS, such as the processor serial number. The keys, stored in the OS registry, are therefore mathematically unique to that computer.

The TrustConnector software is responsible for checking the keys match the device. In the example of a virtual private network, the VPN client would be able to authenticate that it is running on a trusted computer using this system.

Even if someone steals the key, they would not be able to use it, even if they have the device information, said Shiva Mandalam, director of security product marketing. He added that the software also supports TPM and other trusted silicon.

TrustConnector is also compatible with Microsoft’s Crypto API, so it can support any applications that use that API to handle digital certificates, the company said.

The launch is the latest in a series of moves in the security space for Phoenix, which has been primarily recognized as a BIOS vendor for many years, and has seen its fortunes often tied to the health of the Windows PC business.

The company started making moves into security, leveraging its BIOS dominance, last year. NAI is a key partner, working with Phoenix on putting security technologies into protected areas of the computer.

This article is based on material originally published by ComputerWire

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

Sign up for our regular news round-up!

Sign up for our weekly news round-up!

Sign up to the newsletter: In Brief

I would also like to subscribe to:

Thank you for subscribing