Thanks to client involvement, the secure key and protected key cryptography on System z continue to expand to meet the needs of the most sophisticated applications.
Customers around the globe have helped guide the future of cryptography for System z. Customer Crypto Councils have become a regular forum for IBM to share information about cryptographic offerings while helping discover and respond to client pain points, individual requirements, regulatory hurdles, and future needs. Crypto Councils in Europe and the Americas have brought together IBM and numerous clients to evaluate what’s available today and what’s needed tomorrow.
This customer-driven approach is working and producing clear results; it’s guiding the future of the host library for Linux on System z, Integrated Cryptographic Service Facility (ICSF) for z/OS, and crypto hardware.
This article explores the list of new cryptographic functions available to applications deployed on Linux on System z; it’s an update to the article, “The New Frontier for Cryptography on Linux on System z,” which appeared in the October/November 2010 issue of z/Journal (www.mainframezone.com/it-management/the-new-frontier-for-cryptography-on-linux-on-system-z). It also highlights the new functionality available to applications that depend on either secure key or protected key cryptographic solutions. (The clear key cryptographic support that’s already available to Linux on System z isn’t addressed here.)
What’s New for Secure Key
The third release of IBM’s Common Cryptographic Architecture (CCA) host library, formally known as the IBM CEX3C Common Cryptographic Architecture Support Program for Linux on System z 4.1.0, is available for download. This host library is commonly known as CCA 4.1. For compatibility, this new host library can be used in place of its predecessors, along with the necessary CryptoExpress2 or CryptoExpress3 PCI card, to provide the same functionality these cards previously provided. It’s the combination of the CCA host library and the crypto card, when configured in co-processor mode, that enables applications to solve complex cryptographic problems. This article examines the new host library with the latest CryptoExpress3 card and expands on the four primary areas affected:
- Personal Identification Number (PIN) security was enhanced to implement the processing restrictions as described in the American National Standards Institute (ANSI) X9.8 standard.
- An additional key wrapping method was added for CCA keys.
- Hash Message Authentication Code (HMAC) was expanded with several new verbs.
- A new Elliptic Curve Cryptography (ECC) algorithm, which can be used for digital signature generation and verification, was added.
For more on what’s new for Linux for System z in the 4.1.0 release of the CCA host library, see the latest version of the Secure Key Solution with the Common Cryptographic Architecture Application Programmer’s Guide (SC33-8294-02). You can access this book by selecting the Library tab at www.ibm.com/security/cryptocards/pciecc/overview.shtml. Here’s a brief description of the new functions and features available to both C and Java programs:
Enhanced PIN security mode: This was added to help block PIN attacks. This new support is needed to implement restrictions required by the ANSI X9.8 PIN standard to help block attacks that might come, for example, from rogue Automated Teller Machine (ATM) transactions. It’s important to protect these kinds of transactions from well-documented attacks. The first step to enforcing these restrictions and thwarting such attacks is to enable three new access control points:
- ANSI X9.8 PIN—Enforce PIN block restrictions
- ANSI X9.8 PIN—Allow modification of PAN_01_0350
- ANSI X9.8 PIN—Allow only ANSI PIN block_01_0350.
These new access control points affect the Clear PIN Generate Alternate (CSNBCPA), Encrypted PIN Translate (CSNBPTR), and Secure Messaging for PINs (CSNBSPN) verbs.