The IBM 4764 Cryptographic Coprocessor is a secure cryptoprocessor that performs cryptographic operations used by application programs and by communications such as SSL private key transactions associated with SSL digital certificates. Each coprocessor includes a tamper-responding hardware security module (HSM) that provides secure storage for storing master keys and other sensitive data. The HSM has been certified to meet FIPS 140-2 Level 4 security requirements. The coprocessor is supported on all IBM server platforms including System z (mainframe), System i, System p, and System x (Linux or Microsoft Windows). On System z, it is called the "Crypto Express2".
Applications may include financial PIN transactions, bank-to-clearing-house transactions, EMV transactions for integrated circuit (chip) based credit cards, basic SET block processing, and general-purpose cryptographic applications using symmetric key, hashing, and public key algorithms.
The operational keys (symmetric or RSA private) are generated in the coprocessor and is then saved in a keystore file encrypted under the master key of that coprocessor. Any coprocessor with an identical master key can use those keys.
As of June 2005, the IBM 4764 superseded the IBM 4758 that was discontinued. The successor to the 4764 was introduced on each of the IBM server platforms between 2009 and 2011: