© February 2015 Encryption Facility for z/OS Greg Boyd [email protected] www.mainframecrypto.com zExchange – Encryption Facility for z/OS
©
February 2015
Encryption Facility for z/OS
Greg [email protected]
www.mainframecrypto.com
zExchange – Encryption Facility for z/OS
©
Page 2
Feature:DFSMSdss™ Encryption
Optional Priced Feature
IBM Encryption Facility for z/OS, 1.2Program number: 5655-P97
MSU-based pricing*Runs on the following servers: System z196, z10 (EC & BC)
z9 (EC & BC)zSeries 900 or 990zSeries 800 or 890
Requires: z/OS 1.6 or higher; z/OS.e 1.6 or higher/HCR7720+
Java ClientWeb Download
Feature: Encryption ServicesOptional Priced Feature
Java technology-based code that allows client systems (z/OS and non-z/OS) to decrypt and encrypt data for exchange with z/OS systems (zFormat)
z Format
Supports encrypting and decrypting of data at rest (tapes, disk)
Supports either Public Key/Private keys or passwords to create highly-secure exchange between partners
OpenPGP Format
Internet Draft Standard RFC2440/RFC4880
zAAP eligible
X.509 or OpenPGPCertificates
Allows encryption and compression of DUMP data sets created by DFSMSdss™
Supports decryption and decompression during RESTORE
•Variable Workload License Charges (VWLC), Entry Workload License Charges (EWLC), zSeries Entry License Charges™ (zELC), Parallel Sysplex® License Charges (PSLC)
Decryption Client for z/OSWeb Download
Decryption only code designed to run on z/OS systems. (i.e. zFormat)
February 2015 zExchange – Encryption Facility for z/OS
©
Clear Key / Secure Key / Protected Key• Clear Key – key may be in the clear, at least briefly,
somewhere in the environment• Secure Key – key value does not exist in the clear
outside of the HSM (secure, tamper-resistant boundary of the card)
• Protected Key – key value does not exist outside of physical hardware, although the hardware may not be tamper-resistant
Page 3February 2015 zExchange – Encryption Facility for z/OS
©
System z CPACF Hardware –z196 (GA2) & z114 & zEC12• Symmetric Clear Key
• DES (56-, 112-, 168-bit), new chaining options• AES-128, AES-192, AES-256, new chaining options
• SHA-1, SHA-256, SHA-512 (SHA-2 Suite)• PRNG• Protected Key
Page 4
TechDoc WP100810 – A Synopsis of System z Crypto Hardware
February 2015 zExchange – Encryption Facility for z/OS
©
zEC12 PCI Crypto Hardware
CEX4S• Secure Key DES/TDES• Secure Key AES• Financial (PIN) Functions• Key Generate/Key Management• Random Number Generate and Generate Long• Protected Key Support• RSA & ECC Operations (SSL Handshakes)• EP11 Mode (Secure Key PKCS #11)
Page 5
TechDoc WP100810 – A Synopsis of System z Crypto Hardware
Coprocessoror
Accelerator orPKCS #11
February 2015 zExchange – Encryption Facility for z/OS
©
Symmetric Key
Password Option
Page 6
A
Clear text
File
A
Symmetric Algorithm
Password
EncryptedFile
w/Header
EncryptedFile
w/Header
A
Password
A Clear text
File
Password Hashed via PKCS #12
Password Hashed via PKCS #12
Symmetric Key
February 2015 zExchange – Encryption Facility for z/OS
Symmetric Algorithm
©
RSA Option
Page 7
A
A
Clear text
File
A
Symmetric Algorithm
AA
Clear text
File
Random Number Generate
Encrypted File w/Encrypted Key in the
header
PKA
Public Key (via Certificate?)
Private Key
PKA
Symmetric Algorithm
Symmetric Key
Symmetric Key
February 2015 zExchange – Encryption Facility for z/OS
Encrypted File w/Encrypted Key in the
header
©
Password vs RSA – Hardware Requirements• PASSWORD/RSA
• Password – 8-32 byte password used to generate a key that protects the data
• General Purpose CPs• RSA – label of an existing public key that will encrypt the
data key• PCI Coprocessor w/Master keys loaded
Page 8February 2015 zExchange – Encryption Facility for z/OS
©
Where is the encryption done?• CLRAES – AES-128 bit clear key
• zEC12, z196/z114, z10 EC & BC, z9 EC & BC - CPACF• z890/z990, z800/z900 – in software (ICSF)
• CLRTDES – TDES clear key• zEC12, z196/z114, z10 EC & BC, z9 EC & BC, z890/z990 -
CPACF• z800/z900 - CCF (but uses secure key APIs)
• ENCTDES – TDES secure key• zEC12 - CEX4SC or CEX3C• z196, z114 - CEX3C• z10 EC & BC - CEX3C or CEX2C• z9 - CEX2C• z890/z990 - CEX2 or PCIXCC• z800/z900 – CCF
• No AES secure key supportPage 9February 2015 zExchange – Encryption Facility for z/OS
©
To Compress or Not To Compress
• Compression• Yes
• Uses General Purpose CPs to do the compression (competes with other work in the system)
• Requires approx 50% more tapes than compressing at the drive• No
• No compression workload on the General Purpose CPs• Requires approximately 2-3 times more tapes than compressing
at the drive
Page 10February 2015 zExchange – Encryption Facility for z/OS
©
Other Parameters
• DESC=description freeform text• ICOUNT=SHA PKCS#12 iteration count (default 16)• INFO (Decrypt Only) – Recover and print info about
the file from the header
Page 11February 2015 zExchange – Encryption Facility for z/OS
©
1.5GB Sample Run Timesyour mileage may vary….
System
(Mbytes/CPU sec)
Clear Key TDES
Clear Key Triple-DES w/ Compression
Clear Key AES
Clear Key AES w/ Compression
Secure Key TDES
Secure Key TDES w/ Compression
z9 143 64 167 67 52 42z990 104 44 33 29 34 29z890 78 33 25 21 26 23z900 27 20 15 15 27 20z800 20 15 11 11 20 15
Page 12
These figures are from a LAB run and do not necessarily represent values you may achieve.
February 2015 zExchange – Encryption Facility for z/OS
©
Flexible Options for partnersEncryption facility for z/OS 1.2
Decryption Client for z/OS Java Based Client
Java Based Client (Partner without z/OS)
Packaging Priced product 5655-P97 Encryption Services feature
No charge Web Download (As-is code)
No charge Web Download (As-is code)
No charge Web Download (As-is code)
Encrypt/ Decrypt
Full function encrypt/ decrypt
Decrypt only Decrypt and encrypt
Decrypt and encrypt
Compression Compression and decompression
Decompression only No No
Other important facts
Can encrypt and decrypt using mainframe crypto acceleration and compression
Can decrypt using mainframe crypto acceleration and compression capabilities
Can decypt an encrypted file direct to MVS data set
Note: Requires secure key hardware (ex. CEX3C) when using public key
Can be used on any java-enabled system, including z/OS
Page 13February 2015 zExchange – Encryption Facility for z/OS
©
Cautions
• ENCTDES or RSA may require additional hardware setup
• Coprocessor required• Master keys must be loaded
• ICSF must be active• CSDFILEN will select the optimum blocksize and
record format (RECFM=U) for the output media• Typically 27998 bytes (half track) for disk• 64K or 32K for tape
• CSDFILDE will use the saved file header information to reallocate the DCB info for the recovered file
• DCB (but not LRECL) may be increased if desiredPage 14February 2015 zExchange – Encryption Facility for z/OS
©
Why OpenPGP?
• Using OpenPGP support, the customer can:• Passphrase based encrypt/decrypt• Public/Private key based encrypt/decrypt• Digitally sign data / Verify signatures• Compress data• Exchange key material in OpenPGP certificates• Generate key pairs and OpenPGP/x.509 certificates
• Value:• Additional data integrity services with multiple algorithms for each
service• Existing open source tooling• Exchange one payload with multiple partners• RACF, ICSF or Java keystore repository• Special text processing
Page 15February 2015 zExchange – Encryption Facility for z/OS
©
Encryption Key
• OpenPGP format• Data is protected by a random number• Data key is protected
• Passphrase Based Encryption (PBE) – passphrase is used to calculate a key that is used to encrypt the data key
• Certificates – use a public/private key to protect the data key
Page 16February 2015 zExchange – Encryption Facility for z/OS
©
Usage & Invocation . . .
• Invocation from an OMVS login• Java –jar /usr/lpp/encryptionfacility/CSDEncryptionFacility.jar
[-homedir dir] [options] commands [inptu file …]
• Invocation from batch• Sample JCL, environment member, PROC
• Messaging / Tracing• Messages -> STDOUT• Tracing (when active) -> STDERR• XML Logging (when active) -> zFS file
• Configuration File• Sample shipped:
/usr/lpp/encryptionfacility/ibmef.config• Default Search Location: /etc/encryptionfacility
Page 17February 2015 zExchange – Encryption Facility for z/OS
©
Usage & Invocation (cont.)
• Data I/O• zFS• PDS, PDSE, Sequential data sets
• Output of encrypt/sign/compress must be VB• Syntax Example
• ‘//HLQ.PDS.HLQ1(mem)’• //HLQ.SEQ.HLQ• //DD:ddname
• OpenPGP Key Ring• Default: /var/encryptionfacility/ibmpkring/ikr
Page 18February 2015 zExchange – Encryption Facility for z/OS
©
IBM Encryption Facility for z/OS (5655-P97) – OA40664• RFC 4880 Support in the IBM Encryption Facility
• Speculative Key ID Support• Multiple recipients with Symmetrically Encrypted
Integrity Protected Data Packet• Support for notation Data Sub-packets containing raw
binary data
• Batch Key Generation and Batch Public Key Export
Page 19February 2015 zExchange – Encryption Facility for z/OS
©
Certificates: x.509 vs OpenPGP
• Support x.509 through keystore• RACF key rings• Certificate authority simplifies trust establishment
• Support OpenPGP• Original approach for key exchange• Trust not as straightforward
Page 20February 2015 zExchange – Encryption Facility for z/OS
©
RACF Digital Certificates
• RACDCERT – RACF Digital Certificate• GENCERT – to create a certificate• EXPORT – to send the certificate to your partner• ADD – to bring the certificate into RACF
• Keywords• ICSF – RACF Generates RSA key pair (in software)• PCICC – RACF requests RSA key pair from ICSF and PCI
card• DSA – Digital Signature Algorithm (in software)
Page 21February 2015 zExchange – Encryption Facility for z/OS
©
ICSF PKDS Key Management
Page 22
---------------------- ICSF – Utilities -----------------------------OPTION ===>
Enter the number of the desired option.1 ENCOD - Encode Data2 DECODE - Decode Data3 RANDOM - Generate a random number4 CHECKSUM - Generate a checksum and verification and hash pattern5 PPKEYS - Generate master key values from a pass phrase6 PKDSKEYS - Mange keys in the PKDS
Press ENTER to create and store control statement Press END to exit to the previous panel without saving
February 2015 zExchange – Encryption Facility for z/OS
©
ICSF PKDS Key Management
Page 23
CSFPKY00 --------------------- ICSF – PKDS Keys -------------------------COMMAND ===>
Enter the PKDS record’s label for the actions below===> ___________________________________________________________
Select one of the following actions then press ENTER to process:
__ Generate a new PKDS key pair record Enter the key length ===> 512, 1024, 2048, 4096 Enter Private Key Name (optional) ===> ___________________________________________________________
__ Delete the existing public key or key pair PKDS record
__ Export the PKDS record’s public key to a certificate data setEnter the DSN ===> ___________________________________Enter the desired subject’s common name (optional)CN ===> ___________________________________________________
__ Create a PKDS public key record from an input certificateEnter the DSN ===> ___________________________________
Press ENTER to create and store control statementPress END to exit to the previous panel without saving
February 2015 zExchange – Encryption Facility for z/OS
©
Migration and Coexistence Considerations• OpenPGP format not interoperable with System z
format• OpenPGP Versions
• Exports V4 OpenPGP Certificates• Imports V3 or V4 Certificates• Generates V4 Signatures• Verifies V3 or V4 Signatures
Page 24February 2015 zExchange – Encryption Facility for z/OS
©
V1.2 - Support for OpenPGP
Encryption Facility for z/OS System z Format• Understands z/OS data formats• High performance from hardware
(3x to 10x hardware accelerated)• Works across platforms via Java
client • Supports passphrase and pubic
key in both product and client
Net: Use where IBM system z MIPS consumption is an issue
Encryption Facility for z/OS OpenPGP RFC 4880 standard• Industry standard format
supported by many products on many platforms
• Open Source implementations available
• Supports passphrase and public key
• Limited System z hardware acceleration of PGP required protocols
• zIIP/zAAP eligibleNet: Use when OpenPGP standard
protocol is required
February 2015 zExchange – Encryption Facility for z/OS Page 25
Note: Both formats can use the same z/OS centralized key management
©
Hardware / Performance Implications• Encryption Algorithm to protect data
• CLRAES – AES 128-bit clear key• TDES – TDES clear key• ENCTDES – TDES secure key• BLOWFISH – OpenPGP Only
• Key Encryption choices• Passphrase – uses CPACF• RSA Key – requires CEXn• OpenPGP Signatures – CEXn not required, but will help
performance for PKA operations
Page 26February 2015 zExchange – Encryption Facility for z/OS
©
Encryption Facility Resources
• Pubs• SA23-2229 Encryption Facility for z/OS Planning and Customizing• SA23-2230 Encryption Facility for z/OS Using Encryption Facility for
OpenPGP
• Redbooks www.ibm.com/• REDP-4334 Encryption Facility R2 for z/OS Performance• SG24-7434 Encryption Facility for z/OS V1.2 OpenPGP Support• SG24-7318 Encryption Facility for z/OS V1.1
• TechDocs w3.ibm.com/support/techdocs• TD103132 Checklist for Features Required to use the IBM
Encryption Facility*• WP100700 Encryption Facility for z/OS – Performance and Sizing*
*No longer available
Page 27February 2015 zExchange – Encryption Facility for z/OS