Password encryption


Article ID: 195367


Updated On:


CA Top Secret CA Top Secret - LDAP CA Web Administrator for Top Secret


What hashing method is used to compare passwords enter at the terminal match the extracted password from the security file?




Release : 16.0

Component : CA Top Secret for z/OS


AES 128bit, AES 256bit and triple DES(The old TSS proprietary encryption method).

Control option keyword AESENC controls the encryption method chosen. Security file needs to be formatted with AESENCRYPT keyword when running TSSMAINS sample JCL to format the security file, if you want to use AES encryption.

Top Secret does one way encryption. It never decrypts the password.

So, when entering a password on the terminal, that password is encrypted using the encryption method, then compared to the encrypted password on the security file.

Here are some links to the doc.:

Implementing 256 bit AES encryption.

Create Security File

AESENC control option