Converting from Legacy DES Algorithm to AES

book

Article ID: 125680

calendar_today

Updated On:

Products

CA Datacom - DB CA Datacom CA Datacom - AD CA Datacom - Server CA CIS CA Common Services for z/OS CA 90s Services CA Database Management Solutions for DB2 for z/OS CA Common Product Services Component CA Common Services CA Datacom/AD CA ecoMeter Server Component FOC CA Easytrieve Report Generator for Common Services CA Infocai Maintenance CA IPC Unicenter CA-JCLCheck Common Component CA Mainframe VM Product Manager CA Chorus Software Manager CA On Demand Portal CA Service Desk Manager - Unified Self Service CA PAM Client for Linux for zSeries CA Mainframe Connector for Linux on System z CA Graphical Management Interface CA Web Administrator for Top Secret CA CA- Xpertware

Issue/Introduction



We are converting from Legacy DES Algorithm to AES Algorithm Password Encryption on all of our Mainframe LPARS.
We need to know if this will have any impact to Datacom.

Environment

z/OS
CA Datacom

Resolution

There is no direct impact to Datacom.
Datacom does a call to the external security package ( Top Secret/ACF2/RACF) to validate a user and password.
If the external security package supports AES then all is fine.
CA Top Secret and CA ACF2 do but an increase in CPU utilization occurs for AES256 password encryption during System Entry Validation (LOGON), password verifications, and password changes.
Check with IBM for RACF.