2
Preface This issue contains papers on recent advances in cryptography that are embodied in the Common Cryptographic Architecture (CCA) and associated technology for managing single-key crypto- graphic systems. We are indebted to R. C. Elander of the IBM Kingston Programming Center in Kingston, New York, and C. L. Symes of IBM Enterprise Systems in Poughkeepsie, New York, for their contributions to the planning and prep- aration of this issue. Single-key cryptographic systems are those in which the sender and receiver share a private key that allows them to encode and decode a message transmitted between them. In contrast, public- key systems have different keys for the sender and receiver, and neither can derive the other's key. The single-key approach to message-level secure communication was selected by the Na- tional Security Agency and the National Bureau of Standards, as it was then known, in the mid- 1970s. In 1977, they adopted as a standard an IBM-designed single-key security algorithm, which became known as the Data Encryption Al- gorithm (DEA) and Data Encryption Standard (DES). DEA and DES remain today as the standard single-key technology, having resisted concerted efforts to find general methods for cracking the resulting codes. In the intervening years there have been many advances in single-key secure communications and in the implementation of such security sys- tems. All of this activity has created a require- ment for an overall architecture for secure com- munications programming. IBM has answered that requirement with the Common Cryptographic Ar- chitecture (CCA) and has built products based on that architecture. This issue has six papers on single-key cryptography and its architectural and technical support. Johnson, Dolan, Kelly, Le, and Matyas discuss the CAA Cryptographic Application Programming Interface (Cryptographic API), which has been an- 128 PREFACE nounced by IBM. It simplifies use of cryptographic services specified by the CCA. The authors de- scribe advanced user features and provide typical application scenarios to show how easily these new callable key-management services can be used. Symes has provided a sidebar that gives background information for those not familiar with general product features and support for cryptography and computer security. Much of the current technology for cryptography is based on the management of security keys that are associated with resources and people. Matyas describes how CCA implements keys through con- trol vectors that define permitted uses of that key in the context of a DEA-basedsystem. The key is cryptographically linked to the control vector, and the resulting token is the basic unit for secure processing and distribution. He also contrasts control vectors with another means of key man- agement, namely variants. Matyas, Le, and Abraham contribute a paper an management of keys using a scheme that is part of the new IBM Transaction Security System. That system is supported by special instructions that form the secure hardware basis of the Trans- action Security System cryptographic facility (CF). The advantage of the control vector ap- proach is shown to be programs that are simpler and that operate on a robust data structure. Within the context of the CCA, there is a require- ment for a new approach to cryptography-one that is implemented through special instructions in general-purpose computers. The result is the ESA/390 Integrated Cryptographic Facility (ICRF), which directly supports key management and control vectors in the hardware. Yeh and Smith describe the ICRF, its objectives, applica- tions, key management, and physical security. Abraham, Dolan, Double, and Stevens discuss in detail the IBM Transaction Security System as an IBM SYSTEMS JOURNAL, VOL 3D, NO 2, 1991

Preface

  • Upload
    gene-f

  • View
    212

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Preface

Preface

This issue contains papers on recent advances incryptography that are embodied in the CommonCryptographic Architecture (CCA) and associatedtechnology for managing single-key crypto-graphic systems. We are indebted to R. C.Elander of the IBM Kingston Programming Centerin Kingston, New York, and C. L. Symes of IBMEnterprise Systems in Poughkeepsie, New York,for their contributions to the planning and prep-aration of this issue.

Single-key cryptographic systems are those inwhich the sender and receiver share a private keythat allows them to encode and decode a messagetransmitted between them. In contrast, public-key systems have different keys for the senderand receiver, and neither can derive the other'skey. The single-key approach to message-levelsecure communication was selected by the Na-tional Security Agency and the National Bureauof Standards, as it was then known, in the mid-1970s. In 1977, they adopted as a standard anIBM-designed single-key security algorithm,which became known as the Data Encryption Al-gorithm (DEA) and Data Encryption Standard(DES). DEA and DES remain today as the standardsingle-key technology, having resisted concertedefforts to find general methods for cracking theresulting codes.

In the intervening years there have been manyadvances in single-key secure communicationsand in the implementation of such security sys-tems. All of this activity has created a require-ment for an overall architecture for secure com-munications programming. IBM has answered thatrequirement with the Common Cryptographic Ar-chitecture (CCA) and has built products based onthat architecture. This issue has six papers onsingle-key cryptography and its architectural andtechnical support.

Johnson, Dolan, Kelly, Le, and Matyas discussthe CAA Cryptographic Application ProgrammingInterface (Cryptographic API), which has been an-

128 PREFACE

nounced by IBM. It simplifies use of cryptographicservices specified by the CCA. The authors de-scribe advanced user features and provide typicalapplication scenarios to show how easily thesenew callable key-management services can beused. Symes has provided a sidebar that givesbackground information for those not familiarwith general product features and support forcryptography and computer security.

Much of the current technology for cryptographyis based on the management of security keys thatare associated with resources and people. Matyasdescribes how CCA implements keys through con-trol vectors that define permitted uses of that keyin the context of a DEA-based system. The key iscryptographically linked to the control vector,and the resulting token is the basic unit for secureprocessing and distribution. He also contrastscontrol vectors with another means of key man-agement, namely variants.

Matyas, Le, and Abraham contribute a paper anmanagement of keys using a scheme that is partof the new IBM Transaction Security System.That system is supported by special instructionsthat form the secure hardware basis of the Trans-action Security System cryptographic facility(CF). The advantage of the control vector ap-proach is shown to be programs that are simplerand that operate on a robust data structure.

Within the context of the CCA, there is a require-ment for a new approach to cryptography-onethat is implemented through special instructionsin general-purpose computers. The result is theESA/390™ Integrated Cryptographic Facility(ICRF), which directly supports key managementand control vectors in the hardware. Yeh andSmith describe the ICRF, its objectives, applica-tions, key management, and physical security.

Abraham, Dolan, Double, and Stevens discuss indetail the IBM Transaction Security System as an

IBM SYSTEMS JOURNAL, VOL 3D, NO 2, 1991

Page 2: Preface

implementation of the CCA. Since there is no com-plete and final algorithmic solution for computerand data security, they show how engineering andcommon sense can be used to form the basis forthe development of practical cryptographic sys-tems, and especially for the Transaction SecuritySystem in CCA.

The Transaction Security System, as discussedabove, fully implements the CCA. But, as Johnsonand Dolan show in the final paper of this issue, italso provides extensions to CCA to satisfy addi-tional customer requirements. Extensions de-scribed in this paper include programmer supportthrough intuitive security mechanisms, paramet-ric enhancements to the Cryptographic API, andmasking of complexity through a layered ap-proach, among others.

The next issue of the Journal will contain severalpapers related to computer communications,along with papers on such subjects as softwarequality, REXX partial compilation, and multi-media for education.

Gene F. HoffnagleEditor

IBM SYSTEMS JOURNAL, VOL 30, NO 2, 1991 PREFACE 129


Preface - unipa.it

Preface - unipa.it

Documents
Preface TYPE

Preface TYPE

Documents
MEDENTIKA PreFace Abutments und PreFace Abutmenthalter · 2016-12-14 · »MEDENTIKA® PreFace® Abutments und PreFace® Abutmenthalter « KATALOG 2017 Datron D5® Dental Concept

MEDENTIKA PreFace Abutments und PreFace Abutmenthalter · 2016-12-14 · »MEDENTIKA® PreFace® Abutments und PreFace® Abutmenthalter « KATALOG 2017 Datron D5® Dental Concept

Documents
Preface...Preface Thisprefaceincludesthefollowingsections: •Audience,onpagei •DocumentConventions,onpagei •RelatedDocumentationforCiscoNexus9000SeriesSwitches,onpageii

Preface...Preface Thisprefaceincludesthefollowingsections: •Audience,onpagei •DocumentConventions,onpagei •RelatedDocumentationforCiscoNexus9000SeriesSwitches,onpageii

Documents
Preface Mango

Preface Mango

Documents
Kreitner Preface

Kreitner Preface

Documents
PREFACE - UNY

PREFACE - UNY

Documents
Preface Ack

Preface Ack

Documents
Hilton7e Preface

Hilton7e Preface

Documents
PREFACE - CGA

PREFACE - CGA

Documents
Preface chhilli

Preface chhilli

Technology
RealChipDesign Preface

RealChipDesign Preface

Documents
Preface 11.14.2009

Preface 11.14.2009

Documents
Preface 12

Preface 12

Documents
International Public Sector Accounting Standards Board · 11 PREFACE PREFACE TO INTERNATIONAL PUBLIC SECTOR ACCOUNTING STANDARDS History of the Preface The Preface was issued in 2000

International Public Sector Accounting Standards Board · 11 PREFACE PREFACE TO INTERNATIONAL PUBLIC SECTOR ACCOUNTING STANDARDS History of the Preface The Preface was issued in 2000

Documents
Preface (2486.0K)

Preface (2486.0K)

Documents
Preface - MIDH

Preface - MIDH

Documents
02 Preface

02 Preface

Documents
Preface - GraceKennedy

Preface - GraceKennedy

Documents
PREFACE - VEMW

PREFACE - VEMW

Documents
Oracle · Oracle Global Human Resources Cloud Implementing Absence Management Preface i Preface This preface introduces information sources …

Oracle · Oracle Global Human Resources Cloud Implementing Absence Management Preface i Preface This preface introduces information sources …

Documents
Sedra Preface

Sedra Preface

Documents
Sebesta Preface

Sebesta Preface

Documents
Preface T510UserManual - TetranPreface T510UserManual I Preface FirstlythankyouforpurchasingourT510seriesconverters. ThismanualintroduceshowtouseT510seriesconvertercorrectly.Beforeusing

Preface T510UserManual - TetranPreface T510UserManual I Preface FirstlythankyouforpurchasingourT510seriesconverters. ThismanualintroduceshowtouseT510seriesconvertercorrectly.Beforeusing

Documents
PrefAce - Pearson

PrefAce - Pearson

Documents
Preface 111

Preface 111

Documents
Download Preface

Download Preface

Documents
Preface - nabiramahavidyalayakatol.com

Preface - nabiramahavidyalayakatol.com

Documents
01Uvod Preface

01Uvod Preface

Documents
en.tetran.com.cn · Preface T600UserManual I Preface FirstlythankyouforpurchasingourT600seriesconverters. ThismanualintroduceshowtouseT600seriesconvertercorrectly.Beforeusing

en.tetran.com.cn · Preface T600UserManual I Preface FirstlythankyouforpurchasingourT600seriesconverters. ThismanualintroduceshowtouseT600seriesconvertercorrectly.Beforeusing

Documents