Yes, it is AES-256, secure (encrypted using MK), but there is also
another requirement for CSFKEYS profile.
--
Radoslaw Skorupka
Lodz, Poland
W dniu 09.06.2022 o 02:48, Mark Jacobs pisze:
I found this in a 2017 IBM Security presentation. So it looks like it's XTS-AES.
Key label: 64-byte label of an existing key in the ICSF CKDS used for access
method encryption/decryption. Encryption type: AES-256 bit data key (XTS,
protected key). Note: AES-256 key must be generated as a secure key (i.e.
protected by crypto express AES Master Key)
Mark Jacobs
Sent from ProtonMail, Swiss-based encrypted email.
GPG Public Key -
https://api.protonmail.ch/pks/lookup?op=get&search=markjac...@protonmail.com
------- Original Message -------
On Wednesday, June 8th, 2022 at 8:38 PM, Phil Smith III <li...@akphs.com> wrote:
Radoslaw's question makes me ask a pure curiosity question: what AES mode is
used by z/OS data set encryption? I Googled but all I found was "256-bit
AES", which doesn't answer the question.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN