search cancel

Difference Between AES_ENCRYPTION(Active,256) And AESENC(128) In TSS MODIFY Output

book

Article ID: 258306

calendar_today

Updated On:

Products

Top Secret

Issue/Introduction

What is the difference between the below mentioned parameters displayed in the TSS MODIFY STATUS output?
                                                      
AES_ENCRYPTION(Active,256) 
...
AESENC(128)

Environment

Release : 16.0

Resolution

AES_ENCRYPTION(Active,256) in the TSS9661I CA Top Secret FEATURES Status section means the security file was allocated with AES256ENCRYPT in the SECPARMS. 

AESENC(128) is a control option in the Top Secret parameter file that is currently set.  The AESENC control option is used to determine which AES encryption algorithm (128-bit or 256-bit) to use for encrypting user passwords and password phrases.