Full Encryption in a Personal Computer System

Abstract

Full security in a personal computer system necessitates the provision of both hardware and software to incorporate full cryptographic services. In the IBM PC system, and its equivalents, this involved the design and construction of a hardware module to install on to the system bus as well as the development of appropriate ROM based and diskette based system software. Overall design parameters were set to make cryptographic security services “transparent” to the normal end-user. This meant that the operating system had to be enhanced to incorporate both interface routines for the high-speed hardware as well as higher level “driver” interfaces. Key management design played a major part in the overall integration of cryptography into this type of operating system. A multi-level key management scheme proved to be necessary to enable simple (and transparent) system level key management while user-level key management was provided as an option for total secure network integration the hardware module and software routines were enhanced to incorporate support for an optional data communications facility. Additional software was created to provide a secure network node based on the personal computer System.