info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
CP Assist for Cryptographic Functions (CPACF)
281 views
Skip to first unread message
Dazzo, Matt
Sep 24, 2015, 10:17:25 AM9/24/15
to
I have searched the archives but not finding the specific answer I need. We have feature CPACF (#3863) on our z10-BC 2098 (zos1.13) but I am told that CFB (Cipher FeedBack) is not enabled on our CPACF. I looked at out HMC Activation profiles and can't determine if CFB feature is enabled but appears crypto is enabled. Can one point me in the right direction to get the info? How is CFB enabled? And how do you determine if it's enabled or not?
I do see this in the TN3270 start up.
System SSL: SHA-1 crypto assist is available
System SSL: SHA-224 crypto assist is available
System SSL: SHA-256 crypto assist is available
System SSL: SHA-384 crypto assist is available
System SSL: SHA-512 crypto assist is available
System SSL: DES crypto assist is available
System SSL: DES3 crypto assist is available
System SSL: AES 128-bit crypto assist is available
System SSL: AES 256-bit crypto assist is available
System SSL: ICSF services are not available
Thanks,
Matt Dazzo
Senior Systems Programmer
Publishers Clearing House
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to list...@listserv.ua.edu with the message: INFO IBM-MAIN
I do see this in the TN3270 start up.
System SSL: SHA-1 crypto assist is available
System SSL: SHA-224 crypto assist is available
System SSL: SHA-256 crypto assist is available
System SSL: SHA-384 crypto assist is available
System SSL: SHA-512 crypto assist is available
System SSL: DES crypto assist is available
System SSL: DES3 crypto assist is available
System SSL: AES 128-bit crypto assist is available
System SSL: AES 256-bit crypto assist is available
System SSL: ICSF services are not available
Thanks,
Matt Dazzo
Senior Systems Programmer
Publishers Clearing House
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to list...@listserv.ua.edu with the message: INFO IBM-MAIN
R.S.
Sep 24, 2015, 10:38:27 AM9/24/15
to
AFAIK, you cannot have CPACF partially enabled.
So either you have all features of CPACF available or none of them.
Note: feature available does not mean it will be used by other software.
Regarding CFB - this is parameter of various crypto services. Some of
them do require specific machine level.
Indeed, for some services CFB is not supported on z10 (it depends on
microcode).
see: Integrated Cryptographic Service Facility Application
Programmer's Guide
HTH
--
Radoslaw Skorupka
Lodz, Poland
W dniu 2015-09-24 o 16:17, Dazzo, Matt pisze:
--
Tre tej wiadomo ci mo e zawiera informacje prawnie chronione Banku przeznaczone wy cznie do u ytku s u bowego adresata. Odbiorc mo e by jedynie jej adresat z wy czeniem dost pu osób trzecich. Je eli nie jeste adresatem niniejszej wiadomo ci lub pracownikiem upowa nionym do jej przekazania adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie, rozprowadzanie lub inne dzia anie o podobnym charakterze jest prawnie zabronione i mo e by karalne. Je eli otrzyma e t wiadomo omy kowo, prosimy niezw ocznie zawiadomi nadawc wysy aj c odpowied oraz trwale usun t wiadomo w czaj c w to wszelkie jej kopie wydrukowane lub zapisane na dysku.
This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorized to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive.
mBank S.A. z siedzib w Warszawie, ul. Senatorska 18, 00-950 Warszawa, www.mBank.pl, e-mail: kon...@mBank.pl
S d Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego Rejestru S dowego, nr rejestru przedsi biorców KRS 0000025237, NIP: 526-021-50-88. Wed ug stanu na dzie 01.01.2015 r. kapita zak adowy mBanku S.A. (w ca o ci wp acony) wynosi 168.840.228 z otych.
So either you have all features of CPACF available or none of them.
Note: feature available does not mean it will be used by other software.
Regarding CFB - this is parameter of various crypto services. Some of
them do require specific machine level.
Indeed, for some services CFB is not supported on z10 (it depends on
microcode).
see: Integrated Cryptographic Service Facility Application
Programmer's Guide
HTH
--
Radoslaw Skorupka
Lodz, Poland
W dniu 2015-09-24 o 16:17, Dazzo, Matt pisze:
Tre tej wiadomo ci mo e zawiera informacje prawnie chronione Banku przeznaczone wy cznie do u ytku s u bowego adresata. Odbiorc mo e by jedynie jej adresat z wy czeniem dost pu osób trzecich. Je eli nie jeste adresatem niniejszej wiadomo ci lub pracownikiem upowa nionym do jej przekazania adresatowi, informujemy, e jej rozpowszechnianie, kopiowanie, rozprowadzanie lub inne dzia anie o podobnym charakterze jest prawnie zabronione i mo e by karalne. Je eli otrzyma e t wiadomo omy kowo, prosimy niezw ocznie zawiadomi nadawc wysy aj c odpowied oraz trwale usun t wiadomo w czaj c w to wszelkie jej kopie wydrukowane lub zapisane na dysku.
This e-mail may contain legally privileged information of the Bank and is intended solely for business use of the addressee. This e-mail may only be received by the addressee and may not be disclosed to any third parties. If you are not the intended addressee of this e-mail or the employee authorized to forward it to the addressee, be advised that any dissemination, copying, distribution or any other similar activity is legally prohibited and may be punishable. If you received this e-mail by mistake please advise the sender immediately by using the reply facility in your e-mail software and delete permanently this e-mail including any copies of it either printed or saved to hard drive.
mBank S.A. z siedzib w Warszawie, ul. Senatorska 18, 00-950 Warszawa, www.mBank.pl, e-mail: kon...@mBank.pl
S d Rejonowy dla m. st. Warszawy XII Wydzia Gospodarczy Krajowego Rejestru S dowego, nr rejestru przedsi biorców KRS 0000025237, NIP: 526-021-50-88. Wed ug stanu na dzie 01.01.2015 r. kapita zak adowy mBanku S.A. (w ca o ci wp acony) wynosi 168.840.228 z otych.
dr.cry...@gmail.com
Sep 24, 2015, 12:55:42 PM9/24/15
to
Greg Boyd
Sep 26, 2015, 11:56:53 AM9/26/15
to
Cipher Feedack Mode in the hardware was introduced with MSA-4 which came with the z196/z114 machines. That means that these machines (and later) support new assembler instructions that prefrom chaining operations: KMF (Cipher Message with CFB (Cipher Feedback Mode)), KMCTR (Cipher Message with Counter) and KMO (Cipher Message with OFB (Output Feedback Mode)).
You can read more about these instructions in the Principles of Operations manuals. I don't remember whether these instructions were retrofitted to the z10 CPACF hardware. Although according to IBM's TechDoc 'Cryptographic Support for for z/OS V1R10-V1R12 (HCR7780)' at https://www.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/FLASH10716, similar support was retrofitted to the CEX3C on the z10.
Prior to this hardware technology being available, ICSF supported cipher feedback mode. That is, by specifying the appropriate parm in the rule array, ICSF would handle the chaining while using the KM and KMC instructions to perform the encryption. The new instructions provided a) better performance by doing the work in hardware instead of relying on software to do the chaining and b) some new chaining options.
All that said, do you want to use CFB in your app (using the new instructions)? or in an app using the ICSF APIs? or with System SSL (since you reference the SSL messages)? If you want to use the native instructions on a z10, I'd try coding a simpler assembler routine to perform a KMF instruction and see if you get an OC1. If you want to use the APIs, that should also work, even if the hardware support isn't there.
However, if your concern is about System SSL support, then you have to refer the System SSL manuals. I just did a quick search in both the z/OS 1.13 and z/OS 2.1 System SSL Programming manuals and found no reference to 'Cipher Feedback'. I found one reference, in a message, about 'Cipher Block Chaining'. And https://www.ietf.org/rfc/rfc5246.txt, the RFC for TLS Protocol V1.2, says 'All block cipher encryption is done in CBC (Cipher Block Chaining) mode ...'. So I don't think CFB is even supported by the SSL protocol.
Greg Boyd
Mainframe Crypto
www.mainframecrypto.com
You can read more about these instructions in the Principles of Operations manuals. I don't remember whether these instructions were retrofitted to the z10 CPACF hardware. Although according to IBM's TechDoc 'Cryptographic Support for for z/OS V1R10-V1R12 (HCR7780)' at https://www.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/FLASH10716, similar support was retrofitted to the CEX3C on the z10.
Prior to this hardware technology being available, ICSF supported cipher feedback mode. That is, by specifying the appropriate parm in the rule array, ICSF would handle the chaining while using the KM and KMC instructions to perform the encryption. The new instructions provided a) better performance by doing the work in hardware instead of relying on software to do the chaining and b) some new chaining options.
All that said, do you want to use CFB in your app (using the new instructions)? or in an app using the ICSF APIs? or with System SSL (since you reference the SSL messages)? If you want to use the native instructions on a z10, I'd try coding a simpler assembler routine to perform a KMF instruction and see if you get an OC1. If you want to use the APIs, that should also work, even if the hardware support isn't there.
However, if your concern is about System SSL support, then you have to refer the System SSL manuals. I just did a quick search in both the z/OS 1.13 and z/OS 2.1 System SSL Programming manuals and found no reference to 'Cipher Feedback'. I found one reference, in a message, about 'Cipher Block Chaining'. And https://www.ietf.org/rfc/rfc5246.txt, the RFC for TLS Protocol V1.2, says 'All block cipher encryption is done in CBC (Cipher Block Chaining) mode ...'. So I don't think CFB is even supported by the SSL protocol.
Greg Boyd
Mainframe Crypto
www.mainframecrypto.com
Dazzo, Matt
Sep 28, 2015, 9:43:09 AM9/28/15
to
Thanks to all who responded.
Dazzo, Matt
Sep 29, 2015, 9:33:10 AM9/29/15
to
Greg, we are told by a third party vendor that their program uses CFB if available and will have a marked performance improvement. I sent them job listing and they are telling me that only CBC is being used and that CFB may not be enabled. Is it possible that CFB is not enabled? No where can I find a procedure to configure CFB. We do not have ICSF but have CPACF #3863.
Tks Matt
-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-...@LISTSERV.UA.EDU] On Behalf Of Greg Boyd
Sent: Saturday, September 26, 2015 11:57 AM
To: IBM-...@LISTSERV.UA.EDU
Subject: Re: CP Assist for Cryptographic Functions (CPACF)
Tks Matt
-----Original Message-----
From: IBM Mainframe Discussion List [mailto:IBM-...@LISTSERV.UA.EDU] On Behalf Of Greg Boyd
Sent: Saturday, September 26, 2015 11:57 AM
To: IBM-...@LISTSERV.UA.EDU
Subject: Re: CP Assist for Cryptographic Functions (CPACF)
Rob Schramm
Sep 29, 2015, 10:08:08 AM9/29/15
to
Why don't you enable ICSF? It doesn't require CEX# cards anymore. Of
course if CFB functionality supported by ICSF depends on the CEX# card,
then you will still be out of luck. I haven't really researched this.. but
maybe you could use an ICSF exit(s) to provide a CFB function? It
certainly wouldn't be for the faint of heart. It might just be cheaper to
by the CEX# feature.
Rob Schramm
course if CFB functionality supported by ICSF depends on the CEX# card,
then you will still be out of luck. I haven't really researched this.. but
maybe you could use an ICSF exit(s) to provide a CFB function? It
certainly wouldn't be for the faint of heart. It might just be cheaper to
by the CEX# feature.
Rob Schramm
Greg Boyd
Sep 29, 2015, 3:01:02 PM9/29/15
to
As I mentioned in the last post, TechDoc Flash10716 does talk about cipher block chaining support on the CEX3 and I'm pretty sure that support is available when the CEX3 is installed on z10. But I'm not so sure that the chaining support that is avaliable on the CPACF hardware on the z196/z114 was retrofitted to the z10. So in fact it may not be available on your machine. Additional research is required. Does the vendor product claim to support CFB mode on a z10? Do they call out a specific microcode level?
As Rob Schramm points out, you can start ICSF even if you don't have crypto cards, but if the product does not use the APIs that wouldn't provide any benefit. It is possible the vendor product could query the configuration and provide software routines that use the most efficient resources available. That is, the logic could query the config and if the CFB support is not available in the hardware, it could invoke the ICSF APIs that would perform CFB. And in your case, since the APIs aren't available it might fall back on it's own software routines that do provide CFB support. If this is true, then starting ICSF might help. And you would not need an exit to provide the CFB support. (I would not
advocate using an ICSF exit to support CFB.)
I'm also wondering if they are using System SSL APIs? Does the vendor product specifically say that they are using the native instructions that are available on the CPACF hardware? System SSL is very efficient and will query the environment to determine how best to service the request and as described above will often provide software routines if the appropriate hardware support or if ICSF is not available.
It would be helpful to know which vendor product you are working with. If you'd like to take this up offline, we can summarize the results for the list later. Feel free to send me a note.
As Rob Schramm points out, you can start ICSF even if you don't have crypto cards, but if the product does not use the APIs that wouldn't provide any benefit. It is possible the vendor product could query the configuration and provide software routines that use the most efficient resources available. That is, the logic could query the config and if the CFB support is not available in the hardware, it could invoke the ICSF APIs that would perform CFB. And in your case, since the APIs aren't available it might fall back on it's own software routines that do provide CFB support. If this is true, then starting ICSF might help. And you would not need an exit to provide the CFB support. (I would not
advocate using an ICSF exit to support CFB.)
I'm also wondering if they are using System SSL APIs? Does the vendor product specifically say that they are using the native instructions that are available on the CPACF hardware? System SSL is very efficient and will query the environment to determine how best to service the request and as described above will often provide software routines if the appropriate hardware support or if ICSF is not available.
It would be helpful to know which vendor product you are working with. If you'd like to take this up offline, we can summarize the results for the list later. Feel free to send me a note.
Greg Boyd
Oct 2, 2015, 4:45:29 PM10/2/15
to
Just to provide some closure on this, Matt and I continued the investigation offline.
We did confirm that he has the crypto enabling microcode (FC #3863) installed.
And we found in IBM's Announcement Letter for the z196, 110-170:
"CP Assist for Cryptographic Function (CPACF) enhancements
The following are exploitation of Message-Security-Assist Extension 4:
New instructions:
. Cipher Message with CFB (KMF)
. Cipher Message with Counter (KMCTR)
. Cipher Message with OFB (KMO)
New function codes for existing instructions:
. Compute intermediate Message Digest (KIMD) adds KIMD, an extension for GHASH
More information on CPACF can be found in "IBM System z10 - Delivering security rich offerings to protect your data," Hardware Announcement 109-678, dated October 20, 2009.
This Crypto function is exclusive to z196."
I don't always trust announcement letters but our conclusion was that the z10 does not support the new instructions that are available with MSA-4, and the vendor confirmed that the MSA-4 support is a pre-req for the CFB support.
We did confirm that he has the crypto enabling microcode (FC #3863) installed.
And we found in IBM's Announcement Letter for the z196, 110-170:
"CP Assist for Cryptographic Function (CPACF) enhancements
The following are exploitation of Message-Security-Assist Extension 4:
New instructions:
. Cipher Message with CFB (KMF)
. Cipher Message with Counter (KMCTR)
. Cipher Message with OFB (KMO)
New function codes for existing instructions:
. Compute intermediate Message Digest (KIMD) adds KIMD, an extension for GHASH
More information on CPACF can be found in "IBM System z10 - Delivering security rich offerings to protect your data," Hardware Announcement 109-678, dated October 20, 2009.
This Crypto function is exclusive to z196."
I don't always trust announcement letters but our conclusion was that the z10 does not support the new instructions that are available with MSA-4, and the vendor confirmed that the MSA-4 support is a pre-req for the CFB support.
0 new messages