What hashing method is used to compare passwords entered at the terminal with the extracted password from the security file?

Release : 16.0

Component : Top Secret for z/OS

AES 128bit, AES 256bit, or triple DES (the old TSS proprietary encryption method).

Control option AESENC controls the encryption method used. The security file needs to be formatted with the AESENCRYPT keyword when running TSSMAINS sample JCL to format the security file if you want to use AES encryption.

Top Secret does one way encryption. It never decrypts the password. So, when entering a password on the terminal, that password is encrypted using the encryption method, then compared to the encrypted password on the security file.

See Implement 256-Bit AES Encryption for Passwords and Password Phrases, Create the Security File, and AESENC—Select the AES Encryption Key for more information.