As Radoslaw says in his post, RACF and the usual Z host security is indeed very, very good, but they do not protect you against everything. For example, an insider attack by a sufficiently-authorized person could disclose keys protected by RACF - there are people who can get to data on disk or in memory, even though it has things like RACF protection - and there are probably people with authority to remove the RACF protection. When your keys are protected by the Crypto Express HSM, none of those attacks are possible. Once the keys are under protection of the Crypto Express HSM, there is no way to see them except in encrypted form. The HSM has no functions to give you the key in unencrypted form, and any attempt to attack the HSM itself (e.g. opening it and reading its internal memory) will cause immediate destruction of the keys it contains, which makes the externally-stored encrypted keys unusable.
So - the amount of security you need depends on your application. For many people, it is sufficient to use CPACF with cleartext keys, where the keys are protected in ways like you described. Other people want more protection, and they use Protected Keys with CPACF - in that case, the keys are protected by the Crypto Express, but they are used by CPACF to give you higher performance. Other people, who want the highest possible degree of security, use the Crypto Express to protect the keys and to perform the cryptographic operations that use them. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
