ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Converting from Legacy DES Algorithm to AES

book

Article ID: 125680

calendar_today

Updated On:

Products

Datacom DATACOM - AD CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services Datacom/AD CA ecoMeter Server Component FOC EASYTRIEVE REPORT GENERATOR FOR COMMON SERVICES INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA On Demand Portal CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware

Issue/Introduction



We are converting from Legacy DES Algorithm to AES Algorithm Password Encryption on all of our Mainframe LPARS.
We need to know if this will have any impact to Datacom.

Environment

z/OS
CA Datacom

Resolution

There is no direct impact to Datacom.
Datacom does a call to the external security package ( Top Secret/ACF2/RACF) to validate a user and password.
If the external security package supports AES then all is fine.
CA Top Secret and CA ACF2 do but an increase in CPU utilization occurs for AES256 password encryption during System Entry Validation (LOGON), password verifications, and password changes.
Check with IBM for RACF.