The customer is requesting help responding to an audit documentation request. The request is worded as follows:
Please provide details on Top Secret (white paper, configuration settings) that demonstrates that strong encryption is used for the storage or hashing of passwords (algorithm, key size).
I've looked through the Top Secret manuals, and could not find anything that addresses this. Do you know if this stated anywhere?
Release : 3.0
Component : CA Top Secret for z/VSE
The CA Top Secret Security File formatting and encryption is proprietary information. Aside from the proprietary formatting, key security areas are additionally encrypted using DES.
Currently, this is our official statement regarding encryption due to its proprietary nature.