Just for fun, here is a little history of crypto for the mainframe systems.
1977 – IBM 3845 DES encryption unit (channel attached)
1979 – IBM 3848 DES encryption unit (channel attached) - Faster, adds Triple-DES
1989 - IBM 4753 channel-attached crypto unit - uses 4755 crypto adapter
internally,
Hi Todd,
Are you saying that the Redbook SG24-7848-00 System z Crypto andTKE Update is
just plain wrong ?
Actually, I cannot figure out what that text from the RedBook is trying to say
:-)
All protected-mode keys are stored as CCA secure key tokens, wrapped by the
master key of the Crypto
Hi Todd,
Are you saying that the Redbook SG24-7848-00 System z Crypto andTKE Update
is just plain wrong ?
Actually, I cannot figure out what that text from the RedBook is trying to
say :-)
OK, I looked at the RedBook and I see what it's talking about now. It's sort
of a halfway way of
W dniu 2013-09-20 16:00, Lloyd Fuller pisze:
No. The crypto cards preceded the z machines. They were available as part of
the 9672s. There are several different ones with slightly different
capabilities. They are all on the I/O bus so they are slightly slower than the
CPACF hardware for
W dniu 2013-09-20 06:48, Timothy Sipples pisze:
Radoslaw Skorupka writes:
Form the other hand, inside the BOOK, inside the MCM (multi-chip-module)
there is CPACF chip (actually it's share between 2 CPs depending on the
CPC model).
A couple perhaps pedantic points:
1. Some machine models with
Let me add my comments on some of this discussion.
ICSF will try to use whatever is best for any particular requested operation.
For example, if you want to do a clear-key TDES encryption of some data, it
will use the CPACF even if you also have a Crypto Express (CEX) coprocessor.
It does
On Thu, 19 Sep 2013 12:19:37 -0400, Farley, Peter x23353 wrote:
QTE6CVllcywgdGhlIGNsZWFyLWtleSBJQ1NGIGVuY3J5cHQvZGVjcnlwdCBmdW5jdGlvbnMgKHdo
aWNoIHVzZSBvbmx5IHRoZSBDUEFDRiBDUFUgaW5zdHJ1Y3Rpb25zLCBubyBjcnlwdG8tY2FyZCBu
[. . .]
But it was readable before I quoted it using the listserv web
On Fri, 20 Sep 2013 07:48:23 -0500, Todd Arnold arno...@us.ibm.com wrote:
Let me add my comments on some of this discussion.
One post said It may be ... that the recently announced protected clear
keys can be used without a coprocessor, increasing the security level even for
clear keys. This
On 09/20/13 09:45, John Chase wrote:
On Thu, 19 Sep 2013 12:19:37 -0400, Farley, Peter x23353 wrote:
QTE6CVllcywgdGhlIGNsZWFyLWtleSBJQ1NGIGVuY3J5cHQvZGVjcnlwdCBmdW5jdGlvbnMgKHdo
aWNoIHVzZSBvbmx5IHRoZSBDUEFDRiBDUFUgaW5zdHJ1Y3Rpb25zLCBubyBjcnlwdG8tY2FyZCBu
[. . .]
But it was readable before I
W dniu 2013-09-20 15:52, Doug Henry pisze:
On Fri, 20 Sep 2013 07:48:23 -0500, Todd Arnold arno...@us.ibm.com wrote:
Let me add my comments on some of this discussion.
One post said It may be ... that the recently announced protected clear keys can
be used without a coprocessor, increasing
From: R.S. r.skoru...@bremultibank.com.pl
To: IBM-MAIN@LISTSERV.UA.EDU
Sent: Thursday, September 19, 2013 3:55 PM
Subject: Re: ICSF Without Crypto Card?
W dniu 2013-09-19 17:04, Tiegox QQ pisze:
Are coprocessors supposed resided in CPU book?crypto card
Hi, List,
On z/OS 1.13:
Q1: Is there anything to be gained, running ICSF without any cryptographic
coprocessors installed?
Q2: Is anything lost by NOT running ICSF without cryptographic coprocessors
installed?
TIA,
-jc-
On 09/19/13 10:48, John Chase wrote:
Hi, List,
On z/OS 1.13:
Q1: Is there anything to be gained, running ICSF without any cryptographic
coprocessors installed?
Q2: Is anything lost by NOT running ICSF without cryptographic coprocessors
installed?
TIA,
-jc-
Are coprocessors supposed resided in CPU book?crypto card is different.
发自我的 iPhone
在 2013年9月19日,22:48,John Chase jonboy...@gmail.com 写道:
Hi, List,
On z/OS 1.13:
Q1: Is there anything to be gained, running ICSF without any cryptographic
coprocessors installed?
Q2: Is anything
Sent: Thursday, September 19, 2013 10:49 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: ICSF Without Crypto Card?
Hi, List,
On z/OS 1.13:
Q1: Is there anything to be gained, running ICSF without any cryptographic
coprocessors installed?
Q2: Is anything lost by NOT running ICSF without cryptographic
Right
Some examples:
- The HMAC and Cipher calls that are better on CPACF than card anyway
- With the latest (A0) level of ICSF, the Unix /dev/random and /dev/urandom
devices will work if ICSF is started, and no longer require a co-processor
card
Both of these examples will significantly
, September 19, 2013 10:48 AM
Subject: ICSF Without Crypto Card?
Hi, List,
On z/OS 1.13:
Q1: Is there anything to be gained, running ICSF without any cryptographic
coprocessors installed?
Q2: Is anything lost by NOT running ICSF without cryptographic coprocessors
installed?
TIA,
-jc
On Thu, 19 Sep 2013 23:04:26 +0800, Tiegox QQ tie...@qq.com wrote:
Are coprocessors supposed resided in CPU book?crypto card is different.
This is incorrect. The crypto card is configured as a coprocessor (or can also
be used in accelerator mode).
.
John Chase jonboy...@gmail.com wrote :
Hi,
On Thu, 19 Sep 2013 09:00:21 -0700, Scott Ford scott_j_f...@yahoo.com wrote:
I had the same question ..can a vendor query where the crypto card is
installed or not ? so it could be used...?
The Redbook I referenced earlier has a Rexx Exec that shows how to uses CSFIQF
interface to display
W dniu 2013-09-19 16:48, John Chase pisze:
Hi, List,
On z/OS 1.13:
Q1: Is there anything to be gained, running ICSF without any cryptographic
coprocessors installed?
Q2: Is anything lost by NOT running ICSF without cryptographic coprocessors
installed?
TIA,
-jc-
W dniu 2013-09-19 17:04, Tiegox QQ pisze:
Are coprocessors supposed resided in CPU book?crypto card is different.
Since z990 (approx. 10 years) you can have crypto cards - the cards are
similar in format to ESCON, FICON or OSA cards.
The card is named CryptoExpress. The card inside contains
Kirk Wolf wrote:
Some examples:
- The HMAC and Cipher calls that are better on CPACF than card anyway
- With the latest (A0) level of ICSF, the Unix /dev/random and /dev/urandom
devices will work if ICSF is started, and no longer require a co-processor
card
Both of these examples will
Radoslaw Skorupka writes:
Form the other hand, inside the BOOK, inside the MCM (multi-chip-module)
there is CPACF chip (actually it's share between 2 CPs depending on the
CPC model).
A couple perhaps pedantic points:
1. Some machine models with CPACF have neither processor books nor MCMs.
The
23 matches
Mail list logo
