CryptographyConcepts and Business Considerations

Rich DiedrichIBM Lab Servicesrichd@us.ibm.com

CryptographyHistory and Concepts

Cryptography is the study and practice of techniques to keep messages and data secure

A D

B E

C F

... ...

X A

Y B

Z C

Symmetric key algorithms require that both the senderand receiver know the same key

Encrypt Decrypt

Symmetric key algorithms are most commonly implementedas block ciphers or stream ciphers

BlockCipher

P L A I N C I P H E R

K E Y

StreamCipher

K E Y

P L A I N

+ + + + + + + + +

K E Y S T R E A M

↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓

C I P H E R

Asymmetric key algorithms use different, but related, keysfor the sender and the receiver

Encrypt Decrypt

Secure hash algorithms generate a fixed length value from variable length data in a way that cannot be reversed

Hash

There a variety of cryptographic algorithms incurrent use

Abbreviation Full Name Notes

DES Data Encryption Standard

Designed for hardwareFIPS PUB 46 in 197756 bit key version broken

AES AdvancedEncryptionStandard

Designed for softwareFIPS PUB 197 in 2001128, 192, 256 bit keys

RSA RivestShamirAdleman

Published 1978Asymmetric Key Algorithm

ECC Elliptic Curve Cryptography

Suggested 1985, Wide use 2004-2005Asymmetric Key AlgorithmSmaller key sizes than RSA

SHA-1 SecureHashAlgorithm

FIPS PUB 180-1 in 1995160 bit hash

SHA-2 SecureHashAlgorithm

FIPS PUB 180-2 in 2002224, 256, 384, 512 bit hashSHA-256 is SHA-2 with 256 bit hash

Random numbers are critical for secure cryptography

Initialization Vector

Cryptographic protocols describe in detail how one or morecryptographic algorithms are used for a particular purpose

TLS (SSL) Client TLS (SSL) Server

ClientHello- Protocol versions- Random number- Ciphers

→

← ServerHello- Protocol version- Random number- Cipher

← Certificate

ClientKeyExchange- Encrypted PreMasterSecret

→

ChangeCipherSpec →

← ChangeCipherSpec

Data →

← Data

Certificates and trusted Certificate Authorities (CAs) are used to manage public keys and defend against man-in-the-middle attacks

CryptographyBusiness Considerations

Cryptography is used for securing data during transmissionand at rest

Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Praesent scelerisque. Mauris et dolor. Vestibulum non arcu a ante feugiat vestibulum. Nullam sapien mauris, venenatis at, fermentum at, tempus eu, urna. Curabitur lorem risus, sagittis vitae, accumsan a, iaculis id, metus. Morbi turpis arcu, egestas congue, condimentum quis, tristique cursus, leo. Nullam sapien mauris, venenatis at, fermentum at, tempus eu, urna. Quisque arcu ante, cursus in, ornare quis, viverra ut, justo. Ut eu metus id lectus vestibulum ultrices. Pellentesque condimentum felis a sem. Praesent a eros. Phasellus hendrerit. Suspendisse viverra placerat tortor. Fusce nonummy commodo dui. Aliquam sed erat. Phasellus hendrerit.

In commodo, dolor quis fermentum ullamcorper, urna massa volutpat massa, vitae mattis purus arcu nec nulla. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Vivamus eu orci. In consectetuer, lorem eu lobortis egestas, velit odio imperdiet eros, sit amet sagittis nunc mi ac neque. Phasellus auctor enim eget sem. Quisque dictum quam vel neque. Pellentesque sit amet dui vel justo gravida auctor. Praesent lacus. Mauris tincidunt aliquam ante. Aenean ligula. Aenean ligula. Suspendisse viverra placerat tortor. Phasellus hendrerit. Aenean scelerisque metus eget sem. Integer accumsan. Quisque pretium rutrum ligula. Praesent lacus. Aliquam velit dui, commodo quis, porttitor eget, convallis et, nisi. Praesent aliquet, neque pretium congue mattis, ipsum augue dignissim ante, ac pretium nisl lectus at magna. Nulla sed lacus. Mauris tempus diam.

Phasellus hendrerit. Fusce consectetuer tellus ut nisl. Nunc metus. Etiam fermentum. Etiam sodales orci nec ligula. Aenean justo ipsum, luctus ut, volutpat laoreet, vehicula in, libero. In consectetuer, lorem eu lobortis egestas, velit odio imperdiet eros, sit amet sagittis nunc mi ac neque. Morbi turpis arcu, egestas congue, condimentum quis, tristique cursus, leo. Nulla facilisi. Morbi a mauris. Proin diam augue, semper vitae, varius et, viverra id, felis. Donec nonummy lacinia leo.

Transmitted Data● Standard Protocols● Minimal Application Impacts

Data at Rest● Standard Algorithms● More Application Impacts

Cryptography is just one piece of a secure solution

Cryptography Application Design

Cryptography

KeyManagement

PhysicalSecurity

Implementing cryptography in an application properly usuallyrequires application changes

Transparent Encryption Layer

It is critical that the actual requirements of a cryptographic solution be understood

Comments

What data do we actually need to store?

If the actual data is not needed, do not keep it

What applications need access to the actual data?

Think in terms of how the data should be used

What applications need access to masked data?

Some applications only need masked data like the last 4 digits of a credit card

Do we need to decrypt the value or just check it?

Passwords and related information should not be retrievable

Do we need to search on the encrypted data?

This presents challenges for non-exact matches and performance

What standards do we have to meet?

PCI DSS, HIPAA, other?

What are our key change requirements?

Changing keys used by millions of records can be a problem if not included in the design

How will we manage access to the keys?

Encryption allows many secrets to be protected by one secret, how will that be managed

The security of encrypted data depends on proper keymanagement

Key Type Notes

Master Key Combination of parts entered by more than one personStored securelyLoss will result in loss of all encrypted data

Data Key Often generated, stored, and used without external accessEncrypted under master key when storedAccess required to encrypt or decrypt dataLoss will result in loss of data encrypted with specific key

Key Encryption Key Used for transferring keysIf compromised, can compromise other keys

The security of encrypted data is only as good asthe weakest link

CryptographyIBM i Support

IBM i provides a variety of cryptographic capabilities

IBM i provides secure storage for cryptographic master keys

Master Key Purpose Notes

1-8 Cryptographic Services APIs

Associated with keystore

Auxiliary Storage Pool (ASP)

Encrypted ASPs

Save/Restore Saving and restoring master keys

Default valueChange before SAVSYS

Master Key Registers

New Current Old

Accumulate key parts Standard Use Translate keys

Keystore files contain operational keys encrypted undera master key

There are a wide variety of Cryptographic Services user andapplication interfaces available on IBM i

● Key management● APIs● Commands● GUI

● Encryption and Decryption● Hash● Signature● Pseudorandom numbers

The cryptographic services APIs are available as OPM or ILE interfaces

d EncryptData pr extproc('Qc3EncryptData') d InputData * value d InputLength 10i 0 const d InputFormat 8 const d AlgDesc 64 const options(*varsize) d AlgFormat 8 const d KeyDesc 268 const options(*varsize) d KeyFormat 8 const d CryptService 1 const d CryptDevice 10 const d OutputData * value d OutputSize 10i 0 const d OutputLength 10i 0 d ErrorCode 64 options(*varsize)

The cryptographic services APIs are easily used from ILE RPG

// Encrypt stream file // Setting the Provided bytes to 0 will cause the exception to // be sent through errorcode.Provided = 0; // Generate the IV GenRandom(%addr(iv):%size(iv):rnd_type_real:rnd_no_parity:errorcode); // Create a context for repeated encryption calls algorithm.ContextToken = createContext(iv:cs_pkcs5); // This flag will be changed for the last operation algorithm.FinalFlag = cs_continue; keydesc = *allx'00'; keydesc.Keystore = 'KEYSTORE CRPXMP'; keydesc.Label = 'TESTAPP.1'; // Open the stream files infile = IFSopen('/richd/plaindata.txt':O_RDONLY); outfile = IFSopen('/richd/encdata.bin':O_WRONLY + O_CREATE + O_TRUNC: S_IRWXU); // Write the IV IFSwrite(outfile:%addr(iv):%size(iv)); // Start reading the data readsize = IFSread(infile:%addr(inbuffer):%size(inbuffer)); dow readsize > 0; EncryptData(%addr(inbuffer):readsize:'DATA0100': algorithm:'ALGD0100':keydesc:'KEYD0400': cs_software:' ':%addr(outbuffer):%size(outbuffer): writesize:errorcode); IFSwrite(outfile:%addr(outbuffer):writesize); readsize = IFSread(infile:%addr(inbuffer):%size(inbuffer)); enddo; // Reading is complete // Finish off any padding algorithm.FinalFlag = cs_final; EncryptData(%addr(inbuffer):0:'DATA0100': algorithm:'ALGD0100':keydesc:'KEYD0400': cs_software:' ':%addr(outbuffer):%size(outbuffer): writesize:errorcode); if writesize > 0; IFSwrite(outfile:%addr(outbuffer):writesize); endif; IFSclose(infile); IFSclose(outfile); DltAlgContext(algorithm.ContextToken:errorcode);

A standard approach for implementing cryptography in applications involves the use of a surrogate value (or token) and a new table

Field Description

Token Replacement value for existing fields

Encrypted Value Original value encrypted with symmetric algorithm like AES 256

Key version A key version is necessary for incremental key changes

IV An initialization vector is a best practice

Secure Hash Necessary to search for a value if key version and/or IV is used

Masked Value Decryption not needed to show this value

The FIELDPROC support added to IBM i in V7R1 allows an exit point to be associated with a column (field) in a DB2 table (physical file)

● Exit point for transparent access● Requires program● Program can provide encryption and/or masking● Program needs to determine access allowed

● Features● Stored data can have different format than field● Masked data can be handled

● Disadvantages● Performance impact● Transparent

CryptographyPCI Implementation

The first step in designing a solution is understandingthe requirements

● System to handle Payment Card Industry (PCI) data

● IBM i

● Minimize PCI audit scope

● "Appliance"

● Interfaces

● Existing applications

– Out of PCI scope

– Stored procedure interface

● Web site

– Accept credit cards

– Stored procedure interface

● Point of sale (POS) device

– Accept credit cards

● Acquiring bank

– Authorize credit cards

The development process included the critical parties fromthe very beginning

● High level design session● Customer● Lab Services● PCI expert

● Design reviewed by PCI expert● Focus on PCI scope● Design modified early

The design of a Payment Card Industry (PCI) solution includesmany considerations beyond cryptography

IBM iExisting

Application

IBM iPCI

Partition

Web Application(Java)

AcquiringBank

Interface(Java)

POS Device

The solution included several critical design points

● PCI data is never on production system● Accessed by token● PCI data input from web and POS device

● No interface to retrieve PCI data● PCI data is encrypted● Access to PCI partition is limited

● Limited users● Dual authentication

Thank YouAny Questions?

CryptographyConcepts and Business Considerations

Rich DiedrichIBM Lab Servicesrichd@us.ibm.com

IBM Lab Services – 20 yearsCryptography – 10+ years for customers

CryptographyHistory and Concepts

Understand basic conceptsCryptography used 1000s of years in militaryImportant for commerceCritical for web commerce

Cryptography is the study and practice of techniques to keep messages and data secure

A D

B E

C F

... ...

X A

Y B

Z C

Cryptography – hidden or secret writingSteganography – concealed writing (Greek covered

or protected)Herodotus – 499 BCE a message was sent by tattooScytale – 3rd century BCEOther transposition ciphersCaeser cipher – 1st century BCE) named for Julius,

shifts the letter by 3, effective because of low literacy

Code and Cipher definitionsOne if by land, two if by sea, by air (8 years off)Enigma machine invented at the end of WW I, used

in WW II, multiple rotors to shift the alphabetModern cryptography – secure the transmission and

storage of dataIt uses the concepts of substitution and transposition

Symmetric key algorithms require that both the senderand receiver know the same key

Encrypt Decrypt

Historical systems were symmetric key algorithms, both the sender and the receiver needed to know the algorithm and the key

Modern systems use specified algorithms, the secrecy is carried in the keys

Feistel networkPGP – 1991 Phil Zimmermann – first algorithm easily

brokenEach pair of communicators require their own keysThis leads to the key distribution problem, the

number of keys goes up with the square of the number of communicators

Symmetric key algorithms are most commonly implementedas block ciphers or stream ciphers

BlockCipher

P L A I N C I P H E R

K E Y

StreamCipher

K E Y

P L A I N

+ + + + + + + + +

K E Y S T R E A M

↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓ ↓

C I P H E R

A block cipher takes a block of data and using a complex combination of substitutions and transpositions determined by the algorithm and the key generates a cipher block

Since the same block encrypted with the same key results in the same encrypted data, chaining techniques and an IV must can be used to prevent leaking repeated data

A stream cipher converts a key into a keystream which is combined character by character (byte by byte) with the plaintext to form the ciphertext

If the same stream is used to encrypt more than one text stream, the plaintext streams can be found easily

Break DOS game code in Turbo Pascal

Asymmetric key algorithms use different, but related, keysfor the sender and the receiver

Encrypt Decrypt

Asymmetric key algorithms are used to solve the key distribution problem

Whitfield Diffie and Martin Hellman presented the concept in 1976, Ralph Merkle came up with the concept independently in the same time frame

In 1997 it was disclosed that Ellis, Cocks, and Williamson developed algorithms in 1973 at the UK Government Communications Headquarters

RSA is widely used today. It is based on the difficulty of factoring very large numbers (2048 bit keys are in common use)

RSA is based on number theory, showing that even pure mathematics can have practical use over the objects of mathematicians

RSA is computationally expensive and has large block size, usually used for key exchange

Weaknesses if text can be chosen

Secure hash algorithms generate a fixed length value from variable length data in a way that cannot be reversed

Hash

Secure hash algorithms are one way functionsThey are designed to make it computationally

infeasible to:●Reverse the operation●Generate another document that hashes to the

same value●Have a low probability of collisionsThey are used to:●Ensure that a value has not been changed●Digitally sign a value●Allow a lookup of a value

There a variety of cryptographic algorithms incurrent use

Abbreviation Full Name Notes

DES Data Encryption Standard

Designed for hardwareFIPS PUB 46 in 197756 bit key version broken

AES AdvancedEncryptionStandard

Designed for softwareFIPS PUB 197 in 2001128, 192, 256 bit keys

RSA RivestShamirAdleman

Published 1978Asymmetric Key Algorithm

ECC Elliptic Curve Cryptography

Suggested 1985, Wide use 2004-2005Asymmetric Key AlgorithmSmaller key sizes than RSA

SHA-1 SecureHashAlgorithm

FIPS PUB 180-1 in 1995160 bit hash

SHA-2 SecureHashAlgorithm

FIPS PUB 180-2 in 2002224, 256, 384, 512 bit hashSHA-256 is SHA-2 with 256 bit hash

DES was based on IBM's Lucifer algorithm●NSA assisted in the analysis●There were suspicians about the analysis●Subsequent discoveries explained the analysis●8 byte block●56 bit keys are too short, $10,000 hardware

solutions can brute force a key in less than a day●Triple DES variant can still be used (until 2030)AES is based on Rijndael algorithm●16 byte blockRSA●Public key (asymmetric algorithm)●2048 bit keysSHA-1 is still in use, but is being phased out due to

collision attacksSHA-3 – Keccak has been selected (Oct 2012) will

be added to FIPS 180-4

Random numbers are critical for secure cryptography

Initialization Vector

Random numbers are hard to generateAnyone who considers arithmetical methods of

producing random digits is, of course, in a state of sin.

John Von Neumann, 1951Standard software random number generators are

not enoughThere are hardware devicesThere are algorithms that are considered

cryptographically secureOne time pad

Cryptographic protocols describe in detail how one or morecryptographic algorithms are used for a particular purpose

TLS (SSL) Client TLS (SSL) Server

ClientHello- Protocol versions- Random number- Ciphers

→

← ServerHello- Protocol version- Random number- Cipher

← Certificate

ClientKeyExchange- Encrypted PreMasterSecret

→

ChangeCipherSpec →

← ChangeCipherSpec

Data →

← Data

Algorithms are basic building blocks, in order to have something like a secure web page, a protocol is needed

●Client sends list of versions and ciphers along with a random number to server

●Server picks the best supported version and cipher and another random number

●Server sends certificate, which is server information, public key and is hashed and digitally signed by CA

●Client confirms certificate and that it trusts the CA●Client generates another random number, encrypts it

using server public key●Client uses the previous random numbers to

generate symmetric key used for communication●Both side notify the other that the data will be

encrypted

Certificates and trusted Certificate Authorities (CAs) are used to manage public keys and defend against man-in-the-middle attacks

Certificates and CAs are used to defend against man-in-the-middle attacks

CAs have to be trusted●Public CAs are generally trusted●Private CAs can be used, but must be added to trust

storesThere have been some CA key leaks

CryptographyBusiness Considerations

Now that we have a complete understanding of cryptography, we can start looking at how it fits in a business environment

Cryptography is used for securing data during transmissionand at rest

Lorem ipsum dolor sit amet, consectetuer adipiscing elit. Praesent scelerisque. Mauris et dolor. Vestibulum non arcu a ante feugiat vestibulum. Nullam sapien mauris, venenatis at, fermentum at, tempus eu, urna. Curabitur lorem risus, sagittis vitae, accumsan a, iaculis id, metus. Morbi turpis arcu, egestas congue, condimentum quis, tristique cursus, leo. Nullam sapien mauris, venenatis at, fermentum at, tempus eu, urna. Quisque arcu ante, cursus in, ornare quis, viverra ut, justo. Ut eu metus id lectus vestibulum ultrices. Pellentesque condimentum felis a sem. Praesent a eros. Phasellus hendrerit. Suspendisse viverra placerat tortor. Fusce nonummy commodo dui. Aliquam sed erat. Phasellus hendrerit.

In commodo, dolor quis fermentum ullamcorper, urna massa volutpat massa, vitae mattis purus arcu nec nulla. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Vivamus eu orci. In consectetuer, lorem eu lobortis egestas, velit odio imperdiet eros, sit amet sagittis nunc mi ac neque. Phasellus auctor enim eget sem. Quisque dictum quam vel neque. Pellentesque sit amet dui vel justo gravida auctor. Praesent lacus. Mauris tincidunt aliquam ante. Aenean ligula. Aenean ligula. Suspendisse viverra placerat tortor. Phasellus hendrerit. Aenean scelerisque metus eget sem. Integer accumsan. Quisque pretium rutrum ligula. Praesent lacus. Aliquam velit dui, commodo quis, porttitor eget, convallis et, nisi. Praesent aliquet, neque pretium congue mattis, ipsum augue dignissim ante, ac pretium nisl lectus at magna. Nulla sed lacus. Mauris tempus diam.

Phasellus hendrerit. Fusce consectetuer tellus ut nisl. Nunc metus. Etiam fermentum. Etiam sodales orci nec ligula. Aenean justo ipsum, luctus ut, volutpat laoreet, vehicula in, libero. In consectetuer, lorem eu lobortis egestas, velit odio imperdiet eros, sit amet sagittis nunc mi ac neque. Morbi turpis arcu, egestas congue, condimentum quis, tristique cursus, leo. Nulla facilisi. Morbi a mauris. Proin diam augue, semper vitae, varius et, viverra id, felis. Donec nonummy lacinia leo.

Transmitted Data● Standard Protocols● Minimal Application Impacts

Data at Rest● Standard Algorithms● More Application Impacts

Historically cryptography was used for transmitting data, even today that is the more common use

There are standard protocols for using cryptography in data transmission: HTTPS, Secure FTP (multiple types), SSH (tunnelling)

There is a standard infrastructure for dealing with transmission

Things to watch CAs, warningsData at rest is more interesting (less defined)While there are standard algorithms, how those

algorithms are put together (protocols) are a less defined

Data at rest is relatively simple in a single user environment (keys can be protected with passwords)

Data at rest in a multi-user environment is more difficult

Cryptography is just one piece of a secure solution

Cryptography Application Design

Cryptography

KeyManagement

PhysicalSecurity

Cryptography is a tool that can be used in building a solution for securing data at rest

Be very careful about transparent or bolt-on cryptographic solutions

There used to be more of a problem with custom algorithms – PGP story – my DOS story

How will keys be managed and secured, particularly in multi-user enviroments

Embedding keys in application code not a good idea, but where then? Infinite regress problem

Can user perform bulk decryption and generate reports or files?

Implementing cryptography in an application properly usuallyrequires application changes

Transparent Encryption Layer

People often want transparent (no application change solutions)

Encrypt data to meet some standard like PCI, meet letter of the law

Does it really add security?Some options that I have seen- Disk encryption- SQL Views- Field proceduresDo users or applications have access to the

decrypted data?

It is critical that the actual requirements of a cryptographic solution be understood

Comments

What data do we actually need to store?

If the actual data is not needed, do not keep it

What applications need access to the actual data?

Think in terms of how the data should be used

What applications need access to masked data?

Some applications only need masked data like the last 4 digits of a credit card

Do we need to decrypt the value or just check it?

Passwords and related information should not be retrievable

Do we need to search on the encrypted data?

This presents challenges for non-exact matches and performance

What standards do we have to meet?

PCI DSS, HIPAA, other?

What are our key change requirements?

Changing keys used by millions of records can be a problem if not included in the design

How will we manage access to the keys?

Encryption allows many secrets to be protected by one secret, how will that be managed

I have been in situations where the client wants everything encrypted, the client doesn't want to change anything, the only concern is meeting the letter of the rule, the data has to be encrypted tomorrow, the client hasn't looked at what data should be encrypted, etc

A proper implementation of a cryptographic solution, particularly for data at rest requires work

If not, the solution is not likely to be secure, performance will suffer, or functionality will suffer.

The security of encrypted data depends on proper keymanagement

Key Type Notes

Master Key Combination of parts entered by more than one personStored securelyLoss will result in loss of all encrypted data

Data Key Often generated, stored, and used without external accessEncrypted under master key when storedAccess required to encrypt or decrypt dataLoss will result in loss of data encrypted with specific key

Key Encryption Key Used for transferring keysIf compromised, can compromise other keys

Many solutions have capability for good master key techniques

- More than one person enters value, is it actually done?

- Securely stored- Tools to translate (re-encrypt) keystoresData key management is trickier- Users need access to keys to do job- How are the keys protected?Key encryption keysActually used to be more important, public key

techniques can be used now

The security of encrypted data is only as good asthe weakest link

There are many components to handling secure data, what is your weakest link?

Question for application developers:Ask your best and most hacker like developers what

they could do to your system given their knowledge and low level user access to the system

The goal should be that they could do nothing outside of that user's job responsibilities and nothing that could cause harm

One more thing – export restrictions

CryptographyIBM i Support

IBM i provides a variety of cryptographic capabilities

Tape EncryptionASP EncryptionExternal StorageAPIsMI instructionsCryptographic coprocessor- Acceleration- CCA APIsDCM- Web sites- Clients- Object signingSSL- Web, telnet, FTP, Host serversSSHDB2 supportSQL views, field procedures

IBM i provides secure storage for cryptographic master keys

Master Key Purpose Notes

1-8 Cryptographic Services APIs

Associated with keystore

Auxiliary Storage Pool (ASP)

Encrypted ASPs

Save/Restore Saving and restoring master keys

Default valueChange before SAVSYS

Master Key Registers

New Current Old

Accumulate key parts Standard Use Translate keys

Master keys 1-8 are for applications, since they are master keys, you don't need many. They should be split by application area or to handle HA solutions

Critical to translate key storesThe ASP key is to handle encrypted disksThe Save/Restore key does come with a default to

protect customers who don't configure things properly. It should be changed

Keystore files contain operational keys encrypted undera master key

This shows the attributes of a key in a keystore fileExplain the attributes

There are a wide variety of Cryptographic Services user andapplication interfaces available on IBM i

● Key management● APIs● Commands● GUI

● Encryption and Decryption● Hash● Signature● Pseudorandom numbers

Explain key management functionsExplain APIs

The cryptographic services APIs are available as OPM or ILE interfaces

d EncryptData pr extproc('Qc3EncryptData') d InputData * value d InputLength 10i 0 const d InputFormat 8 const d AlgDesc 64 const options(*varsize) d AlgFormat 8 const d KeyDesc 268 const options(*varsize) d KeyFormat 8 const d CryptService 1 const d CryptDevice 10 const d OutputData * value d OutputSize 10i 0 const d OutputLength 10i 0 d ErrorCode 64 options(*varsize)

Explain function and parameters

The cryptographic services APIs are easily used from ILE RPG

// Encrypt stream file // Setting the Provided bytes to 0 will cause the exception to // be sent through errorcode.Provided = 0; // Generate the IV GenRandom(%addr(iv):%size(iv):rnd_type_real:rnd_no_parity:errorcode); // Create a context for repeated encryption calls algorithm.ContextToken = createContext(iv:cs_pkcs5); // This flag will be changed for the last operation algorithm.FinalFlag = cs_continue; keydesc = *allx'00'; keydesc.Keystore = 'KEYSTORE CRPXMP'; keydesc.Label = 'TESTAPP.1'; // Open the stream files infile = IFSopen('/richd/plaindata.txt':O_RDONLY); outfile = IFSopen('/richd/encdata.bin':O_WRONLY + O_CREATE + O_TRUNC: S_IRWXU); // Write the IV IFSwrite(outfile:%addr(iv):%size(iv)); // Start reading the data readsize = IFSread(infile:%addr(inbuffer):%size(inbuffer)); dow readsize > 0; EncryptData(%addr(inbuffer):readsize:'DATA0100': algorithm:'ALGD0100':keydesc:'KEYD0400': cs_software:' ':%addr(outbuffer):%size(outbuffer): writesize:errorcode); IFSwrite(outfile:%addr(outbuffer):writesize); readsize = IFSread(infile:%addr(inbuffer):%size(inbuffer)); enddo; // Reading is complete // Finish off any padding algorithm.FinalFlag = cs_final; EncryptData(%addr(inbuffer):0:'DATA0100': algorithm:'ALGD0100':keydesc:'KEYD0400': cs_software:' ':%addr(outbuffer):%size(outbuffer): writesize:errorcode); if writesize > 0; IFSwrite(outfile:%addr(outbuffer):writesize); endif; IFSclose(infile); IFSclose(outfile); DltAlgContext(algorithm.ContextToken:errorcode);

Step through the code

A standard approach for implementing cryptography in applications involves the use of a surrogate value (or token) and a new table

Field Description

Token Replacement value for existing fields

Encrypted Value Original value encrypted with symmetric algorithm like AES 256

Key version A key version is necessary for incremental key changes

IV An initialization vector is a best practice

Secure Hash Necessary to search for a value if key version and/or IV is used

Masked Value Decryption not needed to show this value

Explain fieldsKey version – Encrypt uses current version (stored

somewhere), Decrypt uses version stored in row.Without key version, entire table must be locked for

translationProcedure for encrypting and decrypting values

The FIELDPROC support added to IBM i in V7R1 allows an exit point to be associated with a column (field) in a DB2 table (physical file)

● Exit point for transparent access● Requires program● Program can provide encryption and/or masking● Program needs to determine access allowed

● Features● Stored data can have different format than field● Masked data can be handled

● Disadvantages● Performance impact● Transparent

FIELDPROC implementationCryptographic best practices conflict with good

performance for index fieldsLimited information to determine what access

restrictions

CryptographyPCI Implementation

Complete solution

The first step in designing a solution is understandingthe requirements

● System to handle Payment Card Industry (PCI) data

● IBM i

● Minimize PCI audit scope

● "Appliance"

● Interfaces

● Existing applications

– Out of PCI scope

– Stored procedure interface

● Web site

– Accept credit cards

– Stored procedure interface

● Point of sale (POS) device

– Accept credit cards

● Acquiring bank

– Authorize credit cards

The development process included the critical parties fromthe very beginning

● High level design session● Customer● Lab Services● PCI expert

● Design reviewed by PCI expert● Focus on PCI scope● Design modified early

The design of a Payment Card Industry (PCI) solution includesmany considerations beyond cryptography

IBM iExisting

Application

IBM iPCI

Partition

Web Application(Java)

AcquiringBank

Interface(Java)

POS Device

Talk through properties of solutionEncrypted data in partition – card data, signatureAccess to partitionPush and pull interfacesPCI scope

The solution included several critical design points

● PCI data is never on production system● Accessed by token● PCI data input from web and POS device

● No interface to retrieve PCI data● PCI data is encrypted● Access to PCI partition is limited

● Limited users● Dual authentication

Thank YouAny Questions?