Password encryption method used by Top Secret
search cancel

Password encryption method used by Top Secret

book

Article ID: 195367

calendar_today

Updated On: 05-30-2024

Products

Top Secret Top Secret - LDAP WEB ADMINISTRATOR FOR TOP SECRET

Issue/Introduction

What hashing method is used to compare passwords entered at the terminal with the extracted password from the security file?

Environment

Release : 16.0

Component : Top Secret for z/OS

Resolution

AES 128bit, AES 256bit, or triple DES (the old TSS proprietary encryption method).

Control option AESENC controls the encryption method used. The security file needs to be formatted with the AESENCRYPT keyword when running TSSMAINS sample JCL to format the security file if you want to use AES encryption.

Top Secret does one way encryption. It never decrypts the password. So, when entering a password on the terminal, that password is encrypted using the encryption method, then compared to the encrypted password on the security file.

See Implement 256-Bit AES Encryption for Passwords and Password Phrases, Create the Security File, and AESENC—Select the AES Encryption Key for more information.