IBM Crypto Education Community Blog

IBM Z and LinuxONE Community - All Blog Entries

How Many Keys?

By Eysha Shirrine Powers posted 8 days ago

Re-Encrypt Legacy Data from DES to AES

By John Craig posted Tue June 27, 2023
In a previous article we looked at methods of archiving TDES keys to prevent them from being used to encrypt new data, while keeping them available to decrypt existing data. While this diminishes the risk of new data being encrypted using an insecure algorithm , it does nothing to address the vulnerability of the existing encrypted data. Once the TDES keys on the system have been identified and archived, the next step is to strengthen the security of the data encrypted under them. In this article we will look at the services offered by ICSF that can be used to re-encrypt existing data under a different key. These services will allow us to choose ...

CCA 8.0 for Linux on IBM Z

By Richard Kisley posted Mon May 22, 2023
Authors: Richard Kisley, Michael Miele, Jimmy Hill, Orion Hayes This article introduces the updates for the Common Cryptographic Architecture (CCA) 8.0 for Linux on IBM Z 16 . The CCA 8.0 software download is also the best way to receive all updates for CCA 7.4 for CEX7S on IBM Z15, as well as CCA 6.7 for CEX6S on IBM Z14. Update 16-Jun-2023: Description & link for sample code added. Audience: Users of CCA for payment or cryptography applications on CCA for Linux on IBM Z , For the newly introduced IBM Z16, as well as the IBM Z14 and IBM Z15. What is CCA? CCA is both an Architecture ...

ICSF introduces new support for CCA Release 8.1

By GREGG ARQUERO posted Wed May 17, 2023
Authors: Gregg Arquero, John Craig, Richard Kisley, Michael Miele, Jimmy Hill, Laura Reeve With APAR OA61978, I CSF shipped new functionality in support of CCA Release 8.1 for z16. This APAR is available on ICSF FMID’s HCR77D1 and HCR77D2. An accompanying coexistence APAR, OA63657, is available for ICSF FMIDs HCR77C0 - HCR77D2 and is recommended when OA61978 is applied and sysplex sharing is enabled with an ICSF release where key block exploitation is unavailable. OA61978 includes the addition of the RSAES- OAEP v 2.1 encryption/decryption scheme as well as the much-awaited expansion of TR-31 key block functionality. In this ...

PCI-HSM v4.0 certification for CEX8S/4770 on IBM Z16

By Richard Kisley posted Fri April 21, 2023
The CEX8S/4770 with Common Cryptographic Architecture (CCA) firmware for IBM z16 was recently honored with the Payment Card industry Security Standards Council (PCI SSC) certification as an approved Personal Identification Number (PIN) Transaction Security (PTS) device. Audience : Users of CCA for payment or cryptography applications on ICSF and Linux for IBM Z, IBM z16. What is CCA? CCA is both an Architecture and a set of APIs. It provides: Crypto algorithms and secure key management Specialized functions for banking and payment network interoperability A common API and architecture for all IBM ...

Archiving key tokens in ICSF

By GREGG ARQUERO posted Fri March 31, 2023
Authors: Gregg Arquero, John Craig There may be instances due to compliance requirements or internal processes where a key should be rotated out of active use. In some cases, it is not fully known all the places where that key may have been used to encrypt, sign, or MAC data and deleting the key would result in either data loss or the inability to verify the authenticity of the data. Key Archiving is a useful mechanism for removing a key from active use without deleting it. In the previous article, we mentioned that NIST was planning to deprecate the use of the three-key TDEA algorithm at the end of 2023 but will still permit its use for decrypting ...

NIST Guidance on Three-Key DEA

By John Craig posted Fri February 24, 2023
Authors: John Craig, Gregg Arquero The Data Encryption Standard (DES) was first developed in the 70’s and published by the National Institute of Standards (NIST) in 1977. 1 At the time, it was the successor to the Lucifer cipher created by IBM in 1971. 2 Since its creation, DES was strengthened into the Triple Data Encryption Algorithm (TDEA), also known as T riple DES, in response to successful brute force attacks against single-key DES in 1997 3 . This event was also an impetus for the creation of the entirely new Advanced Encryption Standard (AES) in 2001. In 2019, an announcement was made by NIST ...

How do I ensure an easy hardware migration of my cryptographic master keys?

By Laura Sperling posted Tue October 25, 2022
When migrating to new hardware, ICSF master key considerations need to be taken into account to ensure a seamless transition from the source to target cryptographic coprocessors. Prior to performing the hardware migration, it is very important to ensure that the master key parts (for DES, AES, RSA, and ECC) are known AND match the values that were used to initialize your active CKDS and PKDS. You may have generated your master keys using TKE (recommended due to superior security and overall key management features), master-key-part-load via ICSF panels, or PPINIT (least secure method). Please refer to the three links below for additional information and instructions ...

Is agent based modelling the best tool for tokenomics?

By Stylianos Kampakis posted Thu October 20, 2022
What is agent based modelling? Agent based modelling is a very useful and flexible modelling technique. It is especially useful when modelling complex systems, such as societies or economies. This makes it particularly useful when modelling token economies. Agent based modelling can be a powerful tool for any ICO. In this article I'm going to be talking about this great tool. So the first thing we need to ask is: What is agent based modeling about? Agent based modeling is a type of modeling where we simulate each individual in a system which could be an economy, or a system related to ecology for example, let's say a forest or some other ...

Quantum Safe Cryptography and other updates with IBM CEX8S on IBM z16

By Richard Kisley posted Thu August 18, 2022
Authors : Richard Kisley, Michael Miele, Jimmy Hill, Jim Cox , Gregg Arquero , Eric Rossman This article introduces the updates for the Common Cryptographic Architecture (CCA) in ICSF on IBM z16 with APAR OA61609 for exploitation on ICSF FMIDs HCR77D1/HCR77D2 . Audience : Users of CCA for payment or cryptography applications on ICSF for IBM Z, IBM z16, as well as the IBM z14 and IBM z15, which receive function updates as applicable when new firmware is applied and the new ICSF software or Linux for IBM Z library is used. What is CCA? CCA is both an Architecture and a set of APIs. It provides: Crypto ...

NIST Post Quantum Cryptography standardization selections and IBM Crypto

By Richard Kisley posted Wed July 06, 2022
Authors: Anne Dames, Richard Kisley On July 5, 2022 NIST announced the selected algorithms for the Post Quantum Cryptography Standardization project. These included 4 algorithms that IBM employees and affiliates contributed to: CRYSTALS-Dilithium, FALCON, Sphincs+ (digital signature), and CRYSTALS-KYBER (key-establishment). Please join us in celebrating the standardization of all the selected algorithms as the culmination of years of work by the global cryptography community. Note further that the IBM Crypto Express8S (CEX8S) for IBM Z16 includes implementations of the CRYSTALS-Dilithium and CRYSTALS-KYBER algorithms, while the IBM Crypto Express7S (CEX7S) ...

Clear current master key

By Fernando Pedro Neves posted Tue July 05, 2022
Hi, I have AES and DES master keys defined along with a CKDS with operational keys. Now i don't need DES master key anymore. How can i clear DES master key ? Do I have to start with a fresh CKDS and activate AES master key again ? What about the existing operational keys AES encrypted currently in the CKDS ? obs. i also use a TKE. Thank you for your help Fernando

CSNDDSG example with RSA DSI PKCS #1 v1.5

By Eleanor Chan posted Mon February 14, 2022
/* Rexx */ /*--------------------------------------------------------------------*/ /* This Rexx sample clist will: */ /* - Build a skeleton RSA private key token using CSNDPKB. */ /* - Use skeleton token in CSNDPKG to generate a secure RSA private */ /* key. */ /* - Store the generated RSA private key in the PKDS. */ /* - Extract the public key from the private key. */ /* - Store the RSA public key in the PKDS. */ /* - Use the RSA key in CSNDDSG to generate a digital signature using ...

Pervasive Encryption - z/OS Data Set Encryption

By Eysha Shirrine Powers posted Fri July 23, 2021
Note: Click on the images / links for additional information

Updating the IBM TDES Key Token for PCI PTS PIN Compliance

By Richard Kisley posted Fri May 21, 2021
Authors: Richard Kisley, Bob Petti The Payment Card Industry (PCI) Security Standards Council (SSC) updated the published requirements for key block implementations in PCI PTS HSM FAQs dated 2020-Sep-30. The change impacted all HSM devices certified under PCI PTS HSM after that date, as well as all installations of HSMs audited under PCI PIN security requirements. The deadline for implementation in existing installations was then set to 2023-Jan-1, through a clarification bulletin dated 2020-Dec-17 and PCI PIN FAQs dated 2021-Jan-27. Further details of the changes in PCI requirements are given below. IBM introduced on 2021-May-05 a new wrapping method ...

PCI-HSM best practices and configuration for your IBM Crypto Express HSMs with CCA

By Richard Kisley posted Wed March 31, 2021
Authors: Richard Kisley Garry Sullivan Roan Dawkins William C. (Craig) Johnston Is your business audited against the Payment Card Industry Data Security Standard (PCI DSS), or in particular the PCI PIN Transaction Security (PCI PTS) PIN security requirements? Many teams face difficulty when validating their applications against these requirements or configuring their Hardware Security Modules (HSMs). The IBM Crypto Express HSMs are designed to meet the PCI PTS security requirements for HSMs, often referred to as 'PCI-HSM', with the least adaptation or application impact possible. This article explores best practices for PCI-HSM use cases and ...

FEEDBACK REQUESTED: Listing MCL information in ICSF APARs

By Bob Petti posted Thu March 25, 2021
We would like some feedback about how the ICSF team documents MCL requirements for APARs. When an MCL is delivered across multiple generations of IBM Z servers, very often the availability of the MCLs is staggered. ICSF has traditionally waited for the entire set of MCLs to be verified before we release our supporting APARs, which can delay the availability of the support ICSF function. MCL requirements are documented in APARs using a "HOLD for EC", which is part of the overall APAR documentation. For example, here is the ++HOLD for EC from a recent ICSF APAR. ("EC" here means "Engineering Change"). z15 Driver D41C Crypto ...

Translate and replace an RSA key for RSA PSS

By Bob Petti posted Wed March 10, 2021
This exec is a supplement to one previously uploaded here: https://community.ibm.com/community/user/ibmz-and-linuxone/blogs/eysha-shirrine-powers2/2020/03/25/translate-an-existing-rsa-private-key-to-be-used-in-pkcs-pss-digital-signature-formatting-method?lang=en The difference is in how the translated key is handled. The exec below follows this procedure: Read the existing key from the PKDS. Write the original key to a new label which is <key label> || ".backup" Call CSNDPKT to convert the key to a format usable by RSA PSS operations. Write the converted key to the PKDS with the same key label as the original key, overlaying the old key with ...

REXX Sample: VISA CVN 18 Support

By Anna Deng posted Tue February 09, 2021
/* REXX */ /* ----------------------------------------------------------------- */ /* This sample will demonstrate how to combine symmetric */ /* cryptographic key services CSNBDCM, CSNBDSK, and CSNBGIM with the */ /* EMV transaction service CSNBEAC to support the use of VISA CVN 18 */ /* cryptograms. */ /* */ /* To create the Master Derivation Key (MDK): */ /* 1) Call CSNBGIM to create the MDK, type DKYGENKY DMAC DKYL1. */ /* */ /* To create ...

Real-World Cryptography: Things they (usually) Don’t Teach You at School

By Todd Arnold posted Mon December 21, 2020
Quite often, formal education in cryptography focuses on the mathematics and theory of cryptographic algorithms. While this is important, it is not where real-world attacks generally occur. It is important for those designing or using cryptographic systems to understand where those real-world attacks do occur, so they can take measures to block the threats in their systems. What are the real-world attack vectors? The first reaction many people would have to this question is that attacks break cryptographic algorithms, or the cryptographic protocols that use them. However, these are rarely the places successful attacks occur in real systems. Instead, ...

Instructions for safely getting non-concurrent crypto card code applied while running ICSF workloads.

By Nancy Giamportone posted Wed September 30, 2020
Instructions for safely getting non-concurrent crypto card code applied while running ICSF workloads. Assumptions: All LPARs are running ICSF versions HCR77B1 or higher. For the crypto cards configured on your machine there is at least 2 of each type at your highest co-processor level* . This is necessary so that at least one crypto card will remain online to service the ICSF workloads while the other is being updated to the latest crypto card code. Example of possible crypto card types: CCA- Normal Mode (default) CCA- PCI-HSM Compliance Mode EP11 Mode Accelerator mode – Since accelerator workloads can run on any CCA Mode ...

Sample jcl to show how to save a particular event record using SMF dump job

By Eysha Shirrine Powers posted Wed March 25, 2020
//FLTRSMF JOB 'DEXTER', // NOTIFY=&SYSUID,MSGLEVEL=(1,1),MSGCLASS=H, // TIME=120,REGION=4M //* //*------------------------------------------------------------------* //* FILTER A SPECIFIC SMF RECORD TO A SEPARATE DATA SET * //*------------------------------------------------------------------* //* Description: //* //* Sample JCL job to show how an SMF dump job can be used //* to save a particular event record type/subtype to a //* data set created for that event while also doing a typical //* dump of all SMF records. In this case the particular SMF //* record is for the ICSF Master Key Change event. //* //* Instructions: //* - Update the JCL Job Card to fit ...

KGUP control statements for generating secure AES DATA keys

By Eysha Shirrine Powers posted Wed March 25, 2020
/* ------------------------------------------------------------ */ /* SAMPLE KGUP CONTROL STATEMENTS TO GENERATE AND CREATE SECURE */ /* AES DATA KEYS IN THE CKDS. THE KEYS MAY BE USED IN DATASET */ /* ENCRYPTION OR PROTECTED KEY CPACF. */ /* ------------------------------------------------------------ */ /* SEE THE ICSF ADMINISTRATOR'S GUIDE FOR MORE INFORMATION. */ /* ------------------------------------------------------------ */ /* A CKDS REFRESH IS REQUIRED AFTER KGUP COMPLETION TO REFRESH */ /* THE IN-STORAGE COPY OF THE CKDS. */ /* ------------------------------------------------------------ ...

JCL Sample: Restore a Key Data Set

By Eysha Shirrine Powers posted Wed March 25, 2020
//RECOVKDS JOB ,'EYSHA',MSGLEVEL=(1,1),REGION=0M, // MSGCLASS=H,CLASS=A,NOTIFY=&SYSUID //*------------------------------------------------------------------* //* RESTORE A DUMPED KEY DATA SET * //*------------------------------------------------------------------* //* INSTRUCTIONS: * //* - UPDATE THE JCL JOB CARD TO FIT YOUR ENVIRONMENT * //* - UPDATE THE DUMPDS DSN WITH THE BACKUP KDS NAME * //* ...

Key Store Backups

By Eysha Shirrine Powers posted Wed March 25, 2020
The availability of encryption keys is critical to a Pervasive Encryption strategy. When data is encrypted, the ability to access that data relies on the availability of its encryption keys. How would you recover from... An accidental deletion of a key? An accidentally overwritten key? Corruption of a key store? A refreshed copy of a key store with missing keys? In all of these cases, a backup of your key store would ensure that you are able to recover your encryption environment. When to backup your encryption keys... Along with your regular DASD volume backups. If the DASD volume is corrupted, the entire volume can be restored from ...

JCL Sample: Print a Key Data Set

By Eysha Shirrine Powers posted Wed March 25, 2020
//PRINTKDS JOB ,'EYSHA',MSGLEVEL=(1,1),REGION=0M, // MSGCLASS=H,CLASS=A,NOTIFY=&SYSUID //*------------------------------------------------------------------* //* PRINT THE KDS TO A SEQUENTIAL DATA SET * //*------------------------------------------------------------------* //* INSTRUCTIONS: * //* - UPDATE THE JCL JOB CARD TO FIT YOUR ENVIRONMENT * //* - UPDATE THE INPUT DSN WITH THE KDS NAME * //* - UPDATE THE ...

JCL Sample: Backup a Key Data Set

By Eysha Shirrine Powers posted Wed March 25, 2020
//SAVEKDS JOB ,'EYSHA',MSGLEVEL=(1,1),REGION=0M, // MSGCLASS=H,CLASS=A,NOTIFY=&SYSUID //*------------------------------------------------------------------* //* BACKUP THE ACTIVE KEY DATA SET * //*------------------------------------------------------------------* //* INSTRUCTIONS: * //* - UPDATE THE JCL JOB CARD TO FIT YOUR ENVIRONMENT * //* - UPDATE THE DUMPDS DSN WITH THE BACKUP KDS NAME * //* ...

Rexx Sample: Retrieve Dataset Key Label from the ICF Catalog

By Eysha Shirrine Powers posted Wed March 25, 2020
/* REXX */ /********************************************************************/ /* */ /* NAME: IGGRXENC */ /*DESCRIPTION: THIS REXX EXEC IS USED TO CALL THE CATALOG */ /* SEARCH INTERFACE. */ /* INPUT: FILTER KEY */ /* OUTPUT: DATA SETS NAME AND KEY LABEL (IF ENCRYPTED) */ /* */ /* */ /********************************************************************/ ...

HLASM Example: Symmetric Algorithm Encipher/Decipher using AES

By Eysha Shirrine Powers posted Wed March 25, 2020
TITLE 'SAMPLE ENCIPHER/DECIPHER PROGRAM.' *=====================================================================* * SYSTEM/370 ASSEMBLER H EXAMPLE - AES-256 ENCRYPT/DECRYPT * * * *=====================================================================* * * * THIS PROGRAM USES AN ESTABLISHED KEY TO ENCRYPT A BLOCK OF MEMORY * * AND THEN DECRYPT IT. THE CLEAR TEXT IS COMPARED TO MAKE SURE * * IT MATCHES. A SNAPDUMP IS GENERATED WHERE THE CIPHER TEXT * * CAN BE VIEWED. ...

REXX Sample: Unwrap A Secret Key Using PKCS#11

By Eysha Shirrine Powers posted Wed March 25, 2020
/* Rexx */ /* PKCS#11 Unwrap Sample */ /*-------------------------------------------------------------------*/ /* Description: */ /* */ /* This REXX contains samples that show PKCS#11 Unwrap */ /* - Create a PKCS #11 token */ /* - Generate a clear 3072-bit RSA key pair to store in the TKDS */ /* - Extract the RSA public key from the RSA key pair */ /* - Generate a clear 128-bit AES key */ /* - ...