ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzajc_5.4.0.1/rzajcconcepts.htm

346 lines
20 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Cryptography concepts" />
<meta name="abstract" content="This article provides a basic understanding of cryptographic function and an overview of the server's cryptographic services" />
<meta name="description" content="This article provides a basic understanding of cryptographic function and an overview of the server's cryptographic services" />
<meta name="DC.Relation" scheme="URI" content="rzajcoverview.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzahu/rzahurazhudigitalcertmngmnt.htm" />
<meta name="DC.Relation" scheme="URI" content="../apis/catcrypt.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajcinitialstore.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzahu/rzahurzahu1nmcertstore.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzaha/rzahajce.htm" />
<meta name="DC.Relation" scheme="URI" content="rzajcco4758.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="concepts" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Cryptography concepts</title>
</head>
<body id="concepts"><a name="concepts"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Cryptography concepts</h1>
<div><p>This article provides a basic understanding of cryptographic function
and an overview of the server's cryptographic services</p>
<div class="section"><h4 class="sectiontitle">Cryptography</h4><p>Cryptographic services help ensure
data privacy, maintain data integrity, authenticate communicating parties,
and prevent repudiation (when a party refutes having sent a message).</p>
<p>Basic
encryption allows you to store information or to communicate with other parties
while preventing non-involved parties from understanding the stored information
or understanding the communication. Encryption transforms understandable text
(plaintext) into an unintelligible piece of data (ciphertext). Decryption
restores the understandable text from the unintelligible data. Both functions
involve a mathematical formula (the algorithm) and secret data (the key).</p>
</div>
<div class="section"><h4 class="sectiontitle">Cryptographic algorithms</h4><p>There are two types of
cryptographic algorithms:</p>
<ol><li>With a <dfn class="term">secret</dfn> or <dfn class="term">symmetric</dfn> key algorithm, the
key is a shared secret between two communicating parties. Encryption and decryption
both use the same key. The Data Encryption Standard (DES) and the Advanced
Encryption Standard (AES) are examples of symmetric key algorithms. <div class="p">There
are two types of symmetric key algorithms: <dl><dt class="dlterm">Block ciphers</dt>
<dd>In a block cipher, the actual encryption code works on a fixed-size block
of data. Normally, the user's interface to the encrypt/decrypt operation will
handle data longer than the block size by repeatedly calling the low-level
encryption function. If the length of data is not on a block size boundary,
it must be padded.</dd>
<dt class="dlterm">Stream ciphers</dt>
<dd>Stream ciphers do not work on a block basis, but convert 1 bit (or 1 byte)
of data at a time.</dd>
</dl>
</div>
</li>
<li>With a <dfn class="term">public key</dfn> (PKA) or <dfn class="term">asymmetric key</dfn> algorithm,
a pair of keys is used. One of the keys, the private key, is kept secret and
not shared with anyone. The other key, the public key, is not secret and can
be shared with anyone. When data is encrypted by one of the keys, it can only
be decrypted and recovered by using the other key. The two keys are mathematically
related, but it is virtually impossible to derive the private key from the
public key. The RSA algorithm is an example of a public key algorithm. <p>Public
key algorithms are slower than symmetric key algorithms. Applications typically
use public key algorithms to encrypt symmetric keys (for key distribution)
and to encrypt hashes (in digital signature generation).</p>
</li>
</ol>
<p>Together, the key and the cryptographic algorithm transform the data.
All of the supported algorithms are in the public domain. Therefore it is
the key that controls access to the data. You must safeguard the keys to protect
the data.</p>
</div>
<div class="section"><h4 class="sectiontitle">Cryptographic operations</h4><p>Different cryptographic <em>operations</em> may
use one or more <em>algorithms</em>. You choose the cryptographic operation
and algorithm(s) depending on your purpose. For example, for the purpose of
ensuring data integrity, you might want to use a MAC (message authentication
code) operation with the AES algorithm.</p>
<p>The system provides several
API sets that support cryptographic operations. See the <strong>System cryptography
overview</strong> information at the bottom of this topic for more information.</p>
</div>
<div class="section"><h4 class="sectiontitle">Data privacy</h4><p>Cryptographic operations for the purpose
of data privacy (confidentiality) prevent an unauthorized person from reading
a message. The following operations are included in data privacy:</p>
<dl><dt class="dlterm"><dfn class="term">Encrypt and Decrypt</dfn></dt>
<dd>The encrypt operation changes plaintext data into ciphertext through the
use of a cipher algorithm and key. To restore the plaintext data, the decrypt
operation must employ the same algorithm and key. <div class="p">Encryption and decryption
may be employed at any level of the operating system. There are three levels: <dl><dt class="dlterm">Field level encryption</dt>
<dd>With field level encryption, the user application explicitly requests
cryptographic services. The user application completely controls key generation,
selection, distribution, and what data to encrypt.</dd>
<dt class="dlterm">Session level encryption</dt>
<dd>With encryption at the session layer, the system requests cryptographic
services instead of an application. The application may or may not be aware
that encryption is happening.</dd>
<dt class="dlterm">Link level encryption</dt>
<dd>Link level encryption is performed at the lowest level of the protocol
stack, usually by specialized hardware.</dd>
</dl>
The Cryptographic Coprocessors and the 2058 Cryptographic Accelerator
may be used for both field level encryption and Secure Sockets Layer (SSL)
session establishment encryption. While VPN is supported in i5/OS™, it does
not use either coprocessor or the accelerator. Furthermore, the system does
not support SNA session level encryption at all.</div>
</dd>
<dt class="dlterm"><dfn class="term">Translate</dfn></dt>
<dd>The translate operation decrypts data from encryption under one key and
encrypts the data under another key. This is done in one step to avoid exposing
the plaintext data within the application program.</dd>
</dl>
</div>
<div class="section"><h4 class="sectiontitle">Data integrity, authenticity, and non-repudiation</h4><p>Encrypted
data does not mean the data can not be manipulated (e.g. repeated, deleted,
or even altered). To rely on data, you need to know that it comes from an
authorized source and is unchanged. Additional cryptographic operations are
required for these purposes.</p>
<dl><dt class="dlterm"><dfn class="term">Hash (Message Digest)</dfn></dt>
<dd>A cryptographic hash operation produces a fixed-length output string (often
called a digest) from a variable-length input string. For all practical purposes,
the following statements are true of a good hash function: <ul><li>Collision resistant: If any portion of the data is modified, a different
hash will be generated.</li>
<li>One-way: The function is irreversible. That is, given a digest, it is
not possible to find the data that produces it.</li>
</ul>
These properties make hash operations useful for authentication purposes.
For example, you can keep a copy of a digest for the purpose of comparing
it with a newly generated digest at a later date. If the digests are identical,
the data has not been altered.</dd>
<dt class="dlterm"><dfn class="term">MAC (Message Authentication Code)</dfn></dt>
<dd>A MAC operation uses a secret key and cipher algorithm to produce a value
(the MAC) which later can be used to ensure the data has not been modified.
Typically, a MAC is appended to the end of a transmitted message. The receiver
of the message uses the same MAC key, and algorithm as the sender to reproduce
the MAC. If the receiver's MAC matches the MAC sent with the message, the
data has not been altered. <p>The MAC operation helps authenticate messages,
but does not prevent unauthorized reading because the transmitted data remains
as plaintext. You must use the MAC operation and then encrypt the entire message
to ensure both data privacy and integrity.</p>
</dd>
<dt class="dlterm"><dfn class="term">HMAC (Hash MAC)</dfn></dt>
<dd>An HMAC operation uses a cryptographic hash function and a secret shared
key to produce an authentication value. It is used in the same way a MAC is
used.</dd>
<dt class="dlterm"><dfn class="term">Sign/Verify</dfn></dt>
<dd>A sign operation produces an authentication value called a digital signature.
A sign operation works as follows: <ol><li>The data to be signed is hashed, to produce a digest.</li>
<li>The digest is encrypted using a PKA algorithm and a private key, to produce
the signature.</li>
</ol>
The verify operation works as follows: <ol><li>The signature is decrypted using the sender's PKA public key, to produce
digest 1. </li>
<li>The data that was signed is hashed, to produce digest 2.</li>
<li>If the two digests are equal, the signature is valid.</li>
</ol>
Theoretically, this also verifies the sender because only the sender
should posses the private key. However, how can the receiver verify that the
public key actually belongs to the sender? Certificates are used to help solve
this problem.</dd>
</dl>
</div>
<div class="section"><h4 class="sectiontitle">Key and random number generation</h4><p>Many security-related
functions rely on random number generation, for example, salting a password
or generating an initialization vector. An important use of random numbers
is in the generation of cryptographic key material. Key generation has been
described as the most sensitive of all computer security functions. If the
random numbers are not cryptographically strong, the function will be subject
to attack.</p>
<p>The i5/OS operating system contains a pseudorandom number
generator (PRNG). The PRNG is used by many system functions and is available
for application use through the <cite>Cryptographic Services</cite> API set.</p>
<p>The
PRNG is composed of two parts: pseudorandom number generation and seed management.
Pseudorandom number generation is performed using the FIPS 186-1 algorithm.
Cryptographically strong pseudorandom numbers rely on good seed. The FIPS
186-1 key and seed values are obtained from a system seed digest. The system
automatically generates seed using data collected from system information
or by using the random number generator function on a cryptographic coprocessor
if one is available. System-generated seed can never be truly unpredictable.
If a cryptographic coprocessor is not available, you should add your own random
seed to the system seed digest. This should be done as soon as possible any
time the Licensed Internal Code is installed.</p>
</div>
<div class="section"><h4 class="sectiontitle">Key management</h4><p>Key management is the secure handling
and storage of cryptographic keys. This includes key storage and retrieval,
key encryption and conversions, and key distribution.</p>
<p><strong>Key storage</strong></p>
<p>Key
storage on the system includes the following:</p>
<ul><li>Cryptographic Services key store</li>
<li>Digital certificate manager certificate store </li>
<li>CCA key store (used with the Cryptographic Coprocessors) </li>
<li>JCE key store</li>
</ul>
<p>In addition, keys can also be stored on the Cryptographic Coprocessors
themselves.</p>
<p><strong>Key Encryption and Conversions</strong></p>
<div class="p">Keys must be
encrypted prior to sending or storing them outside the secured system environment.
In addition, keys should be handled in encrypted form within the system as
much as possible to reduce the risk of exposure. The management of encrypted
keys is often done via a hierarchical key system.<ul><li>At the top is a master key (or keys). The master key is the only clear
key value and must be stored in a secure fashion. </li>
<li>Key-encrypting keys (KEKs) are used to encrypt other keys. Typically,
a KEK is used to encrypt a stored key, or a key that is sent to another system.
KEKs are normally encrypted under a master key. </li>
<li>Data keys are keys used directly on user data (such as to encrypt or MAC).
A data key may be encrypted under a KEK or under a master key.</li>
</ul>
Various uses of a key will require the key to be in different forms.
For example, keys received from other sources will normally be converted to
an internal format. Likewise, keys sent out of the system are converted to
a standard external format before sending. Certain key forms are standard,
such as an ASN.1 BER-encoded form, and others are peculiar to a cryptographic
service provider, such as the Cryptographic Coprocessors.</div>
<p><strong>Key Distribution</strong></p>
<div class="p">Typically,
data encryption is performed using symmetric key algorithms. The symmetric
keys are distributed using asymmetric key algorithms. Consider these examples:<ul><li><strong>RSA</strong> - An RSA public key is used to encrypt a symmetric key which
is then distributed. The corresponding private key is used to decrypt it.</li>
<li><strong>Diffie-Hellman</strong> - The communicating parties generate and exchange
D-H parameters which are then used to generate key pairs. The public keys
are exchanged and each party is then able to compute the symmetric key independently.</li>
</ul>
</div>
</div>
<div class="section"><h4 class="sectiontitle">System cryptography overview</h4><dl><dt class="dlterm">Cryptographic Service Providers</dt>
<dd>A cryptographic service provider (CSP) is the software or hardware that
implements a set of cryptographic operations. The system supports several
CSPs:<ul><li>4758 Cryptographic Coprocessor </li>
<li>4764 Cryptographic Coprocessor </li>
<li>2058 Cryptographic Accelerator </li>
<li>i5/OS LIC
</li>
<li>Java™ Cryptography
Extensions</li>
</ul>
</dd>
<dt class="dlterm">Cryptographic API sets</dt>
<dd>User applications can utilize cryptographic services indirectly via i5/OS functions
such as SSL, VPN IPSec, and LDAP. User applications can also access cryptographic
services directly via the following APIs:<ul><li>CCA<p>The Common Cryptographic Architecture (CCA) API set is provided
for running cryptographic operations on a Cryptographic Coprocessor. </p>
</li>
<li>i5/OS Cryptographic
Services<p>The i5/OS Cryptographic
Services API set is provided for running cryptographic operations within the
Licensed Internal Code or optionally on the 2058 Cryptographic Accelerator. </p>
</li>
<li>Java Cryptography<p>Java Cryptography
Extension (JCE) is a standard extension to the Java Software Development Kit.</p>
</li>
<li>Network Authentication Service<p>GSS (Generic Security Services), Java GSS,
and Kerberos APIs are part of the Network Authentication Service which provides
authentication and security services. These services include session level
encryption capability.</p>
</li>
<li>i5/OS SSL
and JSSE<p>i5/OS SSL
and JSSE support the Secure Sockets Layer Protocol. APIs provide session level
encryption capability. </p>
</li>
<li>SQL<p>Structured Query Language is used to access or modify information
in a database. SQL supports encryption/decryption of database fields.</p>
</li>
</ul>
</dd>
</dl>
This table indicates what CSPs are used under each user interface.
<div class="tablenoborder"><a name="concepts__cps"><!-- --></a><table cellpadding="4" cellspacing="0" summary="" id="concepts__cps" frame="border" border="1" rules="all"><caption>Table 1. CSPs used under each user interface</caption><thead align="left"><tr valign="bottom"><th align="center" valign="bottom" id="d0e323">CSP APIs</th>
<th align="center" valign="bottom" id="d0e325">i5/OS LIC</th>
<th align="center" valign="bottom" id="d0e329">JCE</th>
<th align="center" valign="bottom" id="d0e331">4764 and 4758</th>
<th align="center" valign="bottom" id="d0e333">2058</th>
</tr>
</thead>
<tbody><tr><td valign="top" headers="d0e323 "><strong>CCA</strong></td>
<td align="center" valign="top" headers="d0e325 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e329 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e331 ">X</td>
<td align="center" valign="top" headers="d0e333 ">&nbsp;</td>
</tr>
<tr><td valign="top" headers="d0e323 "><strong>i5/OS Cryptographic Services</strong></td>
<td align="center" valign="top" headers="d0e325 ">X</td>
<td align="center" valign="top" headers="d0e329 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e331 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e333 ">X</td>
</tr>
<tr><td valign="top" headers="d0e323 "><strong>Java Cryptography</strong></td>
<td align="center" valign="top" headers="d0e325 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e329 ">X</td>
<td align="center" valign="top" headers="d0e331 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e333 ">&nbsp;</td>
</tr>
<tr><td valign="top" headers="d0e323 "><strong>Network Authentication Service</strong></td>
<td align="center" valign="top" headers="d0e325 ">X</td>
<td align="center" valign="top" headers="d0e329 ">X</td>
<td align="center" valign="top" headers="d0e331 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e333 ">&nbsp;</td>
</tr>
<tr><td valign="top" headers="d0e323 "><strong>i5/OS SSL and JSSE</strong></td>
<td align="center" valign="top" headers="d0e325 ">X</td>
<td align="center" valign="top" headers="d0e329 ">X</td>
<td align="center" valign="top" headers="d0e331 ">X</td>
<td align="center" valign="top" headers="d0e333 ">X</td>
</tr>
<tr><td valign="top" headers="d0e323 "><strong>SQL</strong></td>
<td align="center" valign="top" headers="d0e325 ">X</td>
<td align="center" valign="top" headers="d0e329 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e331 ">&nbsp;</td>
<td align="center" valign="top" headers="d0e333 ">&nbsp;</td>
</tr>
</tbody>
</table>
</div>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzajcoverview.htm" title="IBM offers cryptography solutions for customers who require a high level of security.">Cryptography</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="rzajcinitialstore.htm" title="A key store file is a database file that stores operational keys, i.e. keys encrypted under the master key. Read this information if you plan to keep records of your DES and PKA keys.">Initialize a key store file</a></div>
<div><a href="rzajcco4758.htm" title="IBM offers two Cryptographic Coprocessors, which are available on a variety of server models.">4764 and 4758 Cryptographic Coprocessors</a></div>
</div>
<div class="relinfo"><strong>Related information</strong><br />
<div><a href="../rzahu/rzahurazhudigitalcertmngmnt.htm">Digital Certificate Manager</a></div>
<div><a href="../apis/catcrypt.htm">Cryptographic Services API set</a></div>
<div><a href="../rzahu/rzahurzahu1nmcertstore.htm">Certificate Stores</a></div>
<div><a href="../rzaha/rzahajce.htm">Java Cryptography Extension</a></div>
</div>
</div>
</body>
</html>