Peter, I'll agree that using the APIs will be more expensive than using the native CPACF instructions directly, however, I think the performance depends on how you implement. Rob Schramm pointed to a crypto performance whitepaper for the z10 in a later post. There is also a whitepaper for the z196, both are available at http://www-03.ibm.com/systems/z/advantages/security/z10cryptography.html (despite the URL referencing the z10).
These reports reflect that the performance impact depends on multiple factors especially blocksize. For example using AES-128 bit encryption via the native instructions you can drive 973.4 operations per second and encrypt 1020.7*10^6 bytes per second. (see p. 10 of the z10 report). When using the API you can drive 951.6 operations per second and encrypt 997.8*10^6 bytes per second (p. 13). So the APIs are only slightly less efficient than the instructions. The overhead does increase with the smaller blocksizes, which makes sense as you incur the API overhead for each call. I suspect that your test environment simply used the same key looped driving the KM/KMC instruction with the same key value over and over. If you used the same logic with the API, even though you are using the same key you would go thru the overhead of retrieving the key from the keystore each time. I think your numbers would be significantly better in that case because you would avoid the repeated overhead of the keystore access. Note however, that for security reasons, you must run authorized to retrieve the clear key. As you noted in a later post, the secure key metrics are in the 10^3 range, so secure key is more expensive than clear key. Note that metrics for Protected Key are in the z196 version of the report. Protected key provides an intermediate step between the two (although it's closer to clear key than secure key). However, as Rob pointed out, you do require the Crypto Express card, because the protected key begins life as a secure key and you do not need to run authorized to create those keys. Those numbers are all significantly better than performing the encryption work via software routines (MVC, SLL, Multiply instructions). See Ernie Nachtigall's TechDoc, IBM z10 DES Cryptographic Hardware Performance versus z/OS Software DES at http://www-03.ibm.com/support/techdocs/atsmastr.nsf/WebIndex/WP101240. You must decide for each application what is the appropriate trade-off between security and performance. Greg Boyd IBM Advanced Technical Support Supporting Crypto on System z ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
