Crypto Hardware on System z - Part 1

Similar documents
Crypto Hardware on System z - Part 1

Crypto Hardware on z Systems - Part 2

S9303 Crypto And Disaster Recovery

ICSF Update Session #7997

Crypto Performance: Expectations, Operations & Reporting. Greg Boyd

Encryption Facility for z/os

An Integrated Cryptographic Service Facility (ICSF HCR77A1) for z/os Update for zec12/zbc12 (GA2) and zbc12 Share Boston, MA August, 2013

An Integrated Cryptographic Service Facility (ICSF HCR77A0) for z/os Update for zec12 Share San Francisco, CA February, 2013

Introduction to Cryptography

Greg Boyd

Crypto Performance Update Share Anaheim, CA March, 2014

10192 ICSF Update Cryptographic Support On z114 and z196

ICSF Update Share Anaheim, CA August 2012

System SSL and Crypto on z Systems. Greg Boyd

Crypto and the Trusted Key Entry Workstation: Is a TKE In Your Future Share San Francisco, CA February, 2013

z/os: ICSF Version and FMID Cross Reference

Introduction to IBM z Systems Cryptography

IBM z13 Performance of Cryptographic Operations (Cryptographic Hardware: CPACF, CEX5S)

Crypto Application Coding. Greg Boyd

IBM z13s and HCR77B1. Greg Boyd zexchange IBM z13s and HCR77B1

10194 System SSL and Crypto on System z

z/os: ICSF Version and FMID Cross Reference

ICSF HCR77C0 and z/os 2.2 Enhancements

IBM z13 and Crypto. Greg Boyd zexchange IBM z13 and Crypto

Trusted Key Entry Workstation (Part 1) Greg Boyd

Overview of cryptography and enhancements on z/vse 4.3

Hardware Cryptography and z/tpf

z/os Data Set Encryption In the context of pervasive encryption IBM z systems IBM Corporation

Cryptographic Services Integrated Cryptographic Service Facility System Programmer's Guide

Cryptographic Services Integrated Cryptographic Service Facility Administrator's Guide

Cuttingedge crypto graphy

IBM. Cryptographic Services Integrated Cryptographic Service Facility System Programmer's Guide. z/os. Version 2 Release 3 SC

Auditing and Protecting your z/os environment

Secure Key Management and Data Privacy on z/tpf

CSFSERV Class RACF Profiles for ICSF Panels

Leveraging Integrated Cryptographic Service Facility

Pervasive Encryption Frequently Asked Questions

IBM z/os Version 1 Release 11 System SSL Cryptographic Module

Securing Your Crypto Infrastructure

z/os & OS/390 Software Requirements for the z990 and z890

CPU MF Counters Enablement Webinar

IBM. Using Encryption Facility for OpenPGP. Encryption Facility for z/os. Version 1 Release 2 SA

IBM Education Assistance for z/os V2R1

Step-By-Step Guide to Master Key Management Using ICSF Loading the AES Master Key

Protocol Comparisons: OpenSSH, SSL/TLS (AT-TLS), IPSec

News on z/vse Security, Crypto Support and OpenSSL for z/vse

z/os Performance Hot Topics

IBM C IBM z Systems Technical Support V7.

Digital Certificates Demystified

WSC Short Stories and Tall Tales. Session IBM Advanced Technical Support. March 5, John Burg. IBM Washington Systems Center

Security in ECE Systems

Linux on z Systems and LinuxONE Crypto Overview

Securing Mainframe File Transfers and TN3270

IBM System z9 Business Class z9 technology innovation for small and medium enterprises

WSC Short Stories and Tall Tales. Session IBM Advanced Technical Support. August 27, John Burg. IBM Washington Systems Center

IBM zenterprise Freedom by design

BCA III Network security and Cryptography Examination-2016 Model Paper 1

IBM Content Manager OnDemand Native Encryption

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

2015 CPU MF Update. John Burg IBM. March 3, 2015 Session Number Insert Custom Session QR if Desired.

Sharing Secrets using Encryption Facility - Handson

Encrypted Paging for z/vm 6.4: Deep Dive. Stephanie Rivero z/vm Development Lab: Endicott, NY

Oracle Solaris Kernel Cryptographic Framework Software Version 1.0 and 1.1

IBM System z Security Hub for the Enterprise. November, Pekka Hänninen. Credits to: Mary E. Moore, Laurie Ward, Eric Rosenfeld, Patrick Kappeler

Connecting Securely to the Cloud

Oracle Solaris Userland Cryptographic Framework Software Version 1.0 and 1.1

IBM Systems and Technology Group

Pervasive Encryption Demo: Guided Tour of Policy-Based Data Set Encryption

Encryption. INST 346, Section 0201 April 3, 2018

z/os Pervasive Encryption - Data Set Encryption 2017 IBM Corporation

Key Management in a System z Enterprise

IBM 4768 PCIe Cryptographic Coprocessor with Common Cryptographic Architecture (CCA) PCI-HSM Security Policy

Computer Security: Principles and Practice

IBM Encryption Facility for z/os, V1.1 helps to secure data stored to tape and other removable media

FIPS Security Policy

S/390 Crypto PCI Implementation Guide

Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013

z10 CPU MF Overview and WSC Experiences

IBM System Storage TS1120 Tape Drive - Machine Type 3592, Model E05. Security Policy

Block Cipher Modes of Operation

Exploring the SMF 113 Processor Cache Counters

Crypto Library. Microchip Libraries for Applications (MLA) Copyright (c) 2012 Microchip Technology Inc. All rights reserved.

Hewlett-Packard Development Company, L.P. NonStop Volume Level Encryption (NSVLE) Product No: T0867 SW Version: 2.0

This Security Policy describes how this module complies with the eleven sections of the Standard:

Using Hardware Crypto Support in Linux on System z

Juniper Networks Pulse Cryptographic Module. FIPS Level 1 Security Policy Version: 1.0 Last Updated: July 19, 2013

Survey of Commercially available chips and IP cores implementing cryptographic algorithms

Security Policy for FIPS KVL 3000 Plus

(Otherwise, I wouldn t be talking about our move in this newsletter.)

IBM CICS Performance Series: Web Services Performance in CICS TS V5.3

Instructions for Enabling WebSphere for z/os V8 for Hardware Cryptography

Ref:

Speaker: Harv Emery. The IBM zenterprise EC12 (zec12) System: Processor, Memory and System Structure Enhancements

Configuring and Tuning SSH/SFTP on z/os

CPU MF Counters Enablement Webinar

IBM Z: Technical Overview of HW and SW Mainframe Evolution Information Length: Ref: 2.0 Days ES82G Delivery method: Classroom. Price: INR.

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

Preview: IBM z/vse Version 4 Release 3 offers more capacity and IBM zenterprise exploitation

NIST Cryptographic Toolkit

Transcription:

IBM Americas, ATS, Washington Systems Center Crypto Hardware on System z - Part 1 Greg Boyd (boydg@us.ibm.com) 2014 IBM Corporation

Agenda Crypto Hardware - Part 1 A refresher A little bit of history Some hardware terminology CPACF Crypto Hardware Part 2 A couple of refresher slides Crypto Express Cards HMC Slides Page 2 of 27

Crypto Functions Data Confidentiality Symmetric DES/TDES, AES Asymmetric RSA,Diffie-Hellman, ECC Data Integrity Modification Detection Message Authentication Non-repudiation Financial Functions Key Security & Integrity Page 3 of 27

System z Crypto History 2001 2002 2003 2004 2005 2006 2007 2008 2009 2010/11 2012/13 Cryptographic Coprocessor Facility (CCF) G3, G4, G5, G6, z900, z800 PCI Cryptographic Coprocessor (PCICC) G5, G6, z900, z800 PCI Cryptographic Accelerator (PCICA) z800/z900 z990 z890 PCIX Cryptographic Coprocessor z990 (PCIXCC) CP Assist for Cryptographic Functions z990 z890 z890 z9 EC z9 BC z10 EC/BC z196/z114 zec12/ zbc12 Crypto Express2 Crypto Express3 Crypto Express4S z990/z890 z9 EC z9 BC z10 EC/BC z10 EC/BC z196/z114 zec12/ zbc12 Cryptographic Coprocessor Facility Supports Secure key cryptographic processing PCICC Feature Supports Secure key cryptographic processing PCICA Feature Supports Clear key SSL acceleration PCIXCC Feature Supports Secure key cryptographic processing CP Assist for Cryptographic Function allows limited Clear key crypto functions from any CP/IFL NOT equivalent to CCF on older machines in function or Crypto Express2 capability Crypto Express2 Combines function and performance of PCICA and PCICC Crypto Express3 PCIe Interface, additional processing capacity with improved RAS Crypto Express4S - IBM Standard PKCS #EP11 Page 4 of 27

Clear Key / Secure Key / Protected Key Clear Key key may be in the clear, at least briefly, somewhere in the environment Secure Key key value does not exist in the clear outside of the HSM (secure, tamper-resistant boundary of the card) Protected Key key value does not exist outside of physical hardware, although the hardware may not be tamper-resistant Page 5 of 27

Visual Representation of Clear Key Processing Encryption Request User Clear Key Value (ABCDEF) Data to be Encrypted/Decrypted Encryption Decryption Services Process Encryption Request Key Repository Encrypt/Decrypt User Data with User Clear Key Clear Key ABCDEF User Data In-Data Visible to Intruder Out-Data Page 6 of 27

Visual Representation of Secure Key Processing Encryption Request User Secure Key Value (EFGHJK) Data to be Encrypted/Decrypted Secure Tamper Resistant Device Key Repository Enciphered Key Value (EFGHJK) EFGHJK Process Encryption Request Encrypt/Decrypt User Data with User Secure Key Clear Key ABCDEF Master Key Decrypt Secure Key User Data In-Data Not-Visible to Intruder Out-Data Page 7 of 27

Protected Key How it works Create a key, with the value ABCD and store it as a secure key in the CKDS (i.e. encrypted under the Master Key, MK) E MK (x ABCD ) => x 4A!2 written to the CKDS and stored with a label of MYKEY Execute CSNBSYE (the clear key API to encrypt data), but pass it the key label of our secure key, MYKEY; and text to be encrypted of MY MSG CALL CSNBSYE(., MYKEY, Page 8 of 27 MY MSG.)

Protected Key How it works (cont ) ICSF will read MYKEY from the CKDS and pass the key value x 4A!2 to the CEX3 Inside the CEX3, recover the original key value and then wrap it using the wrapping key D MK (x 4A!2 ) => x ABCD E WK (x ABCD ) => x *94E ICSF will pass the wrapped key value of x *94E to the CPACF, along with the message to be encrypted In the CPACF, we ll retrieve the wrapping key, WK D wk (x *94E ) => x ABCD E x ABCD ( MY MSG ) => ciphertext of x 81FF18019717D183 Page 9 of 27

CPACF Wrapping Key Pair of wrapping keys, stored in HSA AES Wrapping Key 256 bits DES Wrapping Key 192 bits Terminology CPACF Wrapping Key CPACF generated key to encrypt clear keys used by the CPACF CPACF Wrapped Key operational key encrypted with CPACF wrapping key Transient Generated each time an LPAR is activated or a clear reset is performed A wrapping key verification pattern is used to identify a specific instance Page 10 of 27

CPACF Machines (z890/z990 & later) CP Assist for Cryptographic Function (CPACF) Peripheral Component Interconnect (PCI Cards) I/O Cage or I/O Drawer CEC Cage CP CP Memory CP CP MBA STI PCIXCC Crypto Expressn Crypto Expressn- 1P CPACF CPACF CPACF CPACF FICON Page 11 of 27

zec12 Cryptographic (and Compression) Engine CP Assist for Cryptographic Function CPACF FC #3863 (No charge) is required to enable some functions and is also required to support Crypto Express4S or Crypto Express3 feature DEA (DES, TDES2, TDES3) SHA-1 (160 bit) SHA-2 (244, 256, 384, 512 bit) AES (128, 192, 256 bit) Coprocessor dedicated to each core Independent cryptographic engine Available to any processor type Owning processor is busy when it s coprocessor is busy Independent compression engine IB Core 0 Core 1 OB Cmpr Exp Crypto Cipher TLB 2 nd Level Cache 16K Crypto Hash 2 nd Level Cache 16K Crypto Hash TLB OB Cmpr Exp Crypto Cipher IB Page 12 of 27 12

z196/z114/z10 Compression and Cryptographic Engine CP Assist for Cryptographic Function CPACF FC #3863 (No charge) is required to enable some functions and is also required to support Crypto Express4S or Crypto Express3 feature DEA (DES, TDES2, TDES3) SHA-1 (160 bit) SHA-2 (244, 256, 384, 512 bit) AES (128, 192, 256 bit) Coprocessor dedicated to each core Independent cryptographic engine Available to any processor type Owning processor is busy when it s coprocessor is busy Independent compression engine IB Core 0 Core 1 OB Cmpr Exp TLB Crypto Cipher 2 nd Level Cache 16K 16K TLB OB Cmpr Exp Crypto Hash IB Page 13 of 27

zec12 HMC/SE Screens Crypto support Page 14 of 27

MSA Message Security Assist MSA Cipher Message Cipher Message with Chaining Compute Intermediate Message Digest Compute Last Message Digest Compute Message Authentication Code Query Functions MSA Extension 4 Cipher Message With CFB Cipher Message With Counter Cipher Message With OFB Perform Cryptographic Computation Page 15 of 27

System z CPACF Hardware z890/z990 Message-Security Assist DES (56-, 112-, 168-bit) SHA-1 TechDoc WP100810 A Synopsis of System z Crypto Hardware Page 16 of 27

System z CPACF Hardware z9 EC & BC Message-Security-Assist Extension 1 DES (56-, 112-, 168-bit) AES-128 SHA-1, SHA-256 PRNG TechDoc WP100810 A Synopsis of System z Crypto Hardware Page 17 of 27

System z CPACF Hardware z10 EC & BC Message-Security-Assist Extension 2 DES (56-, 112-, 168-bit) AES-128, AES-192, AES-256 SHA-1, SHA-256, SHA-512 (SHA-2 Suite) PRNG TechDoc WP100810 A Synopsis of System z Crypto Hardware Page 18 of 27

System z CPACF Hardware z10 EC (GA3) & BC (GA2) Message-Security-Assist Extension 3 DES (56-, 112-, 168-bit) AES-128, AES-192, AES-256 SHA-1, SHA-256, SHA-512 (SHA-2 Suite) PRNG Protected Key TechDoc WP100810 A Synopsis of System z Crypto Hardware Page 19 of 27

System z CPACF Hardware z196 (GA2) & z114 & zec12 Message-Security-Assist Extension 4 DES (56-, 112-, 168-bit), new chaining options AES-128, AES-192, AES-256, new chaining options SHA-1, SHA-256, SHA-512 (SHA-2 Suite) PRNG Protected Key TechDoc WP100810 A Synopsis of System z Crypto Hardware Page 20 of 27

Cipher Block Chaining New Instructions KMF - Cipher Message with CFB KMCTR - Cipher Message with Counter KMO - Cipher Message with OFB Images from Wikipedia Page 21 of 27

CPU Measurement Facility What is CPU MF? z10 and later facility that provides cache and memory hierarchy counters Provides hardware instrumentation data for production systems CPU MF Counters also useful for performance analysis Data gathering controlled through z/os HIS (HW Instrumentation Services) How can the COUNTERS be used today? For performance analysis Supplement current performance data from SMF, RMF, DB2, CICS, etc. Measure (count) CPACF Usage Recorded in SMF Type 113 Counter # Counter Counter # Counter 64 PRNG function count 72 DEA function count 65 PRNG cycle count 73 DEA cycle count 66 PRNG blocked function count 74 DEA blocked function count 67 PRNG blocked cycle count 75 DEA blocked cycle count 68 SHA function count 76 AES function count 69 SHA cycle count 77 AES cycle count 70 SHA blocked function count 78 AES blocked function count 71 SHA blocked cycle count 79 AES blocked cycle count Page 22 of 27

APIs and Hardware HCR77A1 APIs (from Application Programmer's Guide SC14-7508-00) 80 74 70 60 APIs 50 40 30 20 10 8 26 19 CPACF only PCI Card ICSF only (no hardware) PKCS #11 0 Hardware Required Page 23 of 27

IBM Resources (on the web) Redbooks www.redbooks.ibm.com (search on crypto ) IBM zenterprise EC12 Configuration Setup, SG24-8034 IBM zenterprise EC12 Technical Introduction, SG24-8050 IBM System EC12 Technical Guide, SG24-8049 ATS TechDocs Website www.ibm.com/support/techdocs (search on crypto ) WP100810 A Synopsis of System z Crypto Hardware WP100647 A Clear Key / Secure Key /Protected Key Primer TC000066 CPU MF - 2012 Update and WSC Experiences Page 24 of 27

IBM Resources (on the web) Manuals z/architecture Principles of Operations, SA22-7832 ATS TechDocs Website www.ibm.com/support/techdocs (search on crypto ) PRS2669 CPACFZ9S How to Use the z9/z10 CPACF Crypto Functions PRS822 CALCPACF: Callable z/os Routine to Invoke z9/z10 CPACF Crypto Functions Page 25 of 27

Agenda Crypto Hardware - Part 1 A refresher A little bit of history Some hardware terminology CPACF Crypto Hardware Part 2 A couple of refresher slides Crypto Express Cards HMC Slides Page 26 of 27

Questions? Page 27 of 27

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback