How are passwords protected with strong cryptography during transmission and storage in CA Top Secret?

book

Article ID: 16803

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP

Issue/Introduction

Please advise on how passwords are protected with strong cryptography during transmission and storage in CA Top Secret.



How are passwords protected with strong cryptography during transmission and storage in CA Top Secret?

Environment

Release: TOPSEC00200-15-Top Secret-Security
Component:

Resolution

CA Top Secret encrypts the password with your choice DES, AES128 or AES256 encryption.

AES256 encryption is the strongest.

CA Top Secret employs one way encryption which means once they are encrypted and stored on the security file, they are never decrypted again. When password validation occurs, the password being validated is first encrypted and then compared to the encrypted password on the security file.

When passwords are transported, they are in the encrypted state.

Even if someone were to steal your security file, they would also have to steal your user defined encryption key. Without the security file encryption key, they security file cannot be used. The security file encryption key is checked when CA Top Secret initializes.