%T Outbound Authentication for Programmable Secure Coprocessors
%A Sean W. Smith
%R Technical Report TR2001-401
%I Dartmouth College, Computer Science
%C Hanover, NH
%D March 2001
%U http://www.cs.dartmouth.edu/reports/TR2001-401.ps.Z
%X
    A programmable secure coprocessor platform can help solve many
 security problems in distributed computing.  These solutions usually
 require that coprocessor applications be able to participate as
 full-fledged parties in distributed cryptographic protocols.  Thus, to
 fully enable these solutions, a generic platform must not only provide
 programmability, maintenance, and configuration in the hostile
 field---it must also provide outbound authentication for the
 entities that result.  A particular application on a particular
 untampered device must be able to prove who it is to a party on the
 other side of the Internet.
    To be effective, a secure outbound authentication service must closely
 mesh with the overall security architecture.  Our initial architecture
 only sketched a rough design for this service, and did not complete
 it.  This paper presents our research and development experience in
 refining and implementing this design, to provide PKI-based outbound
 authentication for the IBM 4758 Model 2 secure coprocessor platform.