As I understand it CPACF is basically some hardware instructions you can invoke from assembler code (I've been using AES128 and SHA1 for our inter-system communication software for quite some time). CEXx is a subsystem which can only be accessed via various APIs (ICSF). Although CPACF now supports protected keys, this probably in practice requires use of ICSF and a CEX3 facility. While one can no doubt load CPACF protected keys oneself it makes little sense to me to use protected key without secure key and the feature is more intended to improve the efficiency and security of the CEX operations, I guess.
That said, the CPACF MSA functions are synchronous, and get executed like any other hardware instructions (more or less). Although there is no doubt a little bit of setup when the keys are clear text there's no great overhead. I would not expect the size of blocks to be such a major consideration above a sensible minimum size, as seems to be borne out by the white paper. The operations are just for symmetric encryption and hash generation (and PRNG). CEX otoh is accessed via a queuing mechanism. It is asynchronous and suspends the executing work unit until the crypto-operation is complete (along with encrypting and decrypting keys etc). Obviously this is an enormous overhead compared to MSA and the size of data would play a much more significant role. Of course it also does a lot more like handling SSL protocols, asymmetric encryption and protecting crypto-keys. Costs you more cash as well. Interested to know if this is a reasonable summary (if this has all been discussed in previous parts of the thread, then sorry). -----Ursprüngliche Nachricht----- Von: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] Im Auftrag von Greg Boyd Gesendet: Sonntag, 8. Juli 2012 22:54 An: IBM-MAIN@LISTSERV.UA.EDU Betreff: Re: Secure Encryption Keys vs Protected Keys Replying again to finish the last sentence! I'll point you to the IBM Crypto performance whitepapers, available at www.ibm.com/systems/z/advantages/security/z10cryptography.html. (Look on the right under 'Learn More' for your machine type.) The numbers are very ivory tower, and your mileage will vary, however, you can use these numbers to compare clear key, secure key and protected key. Rob: Protected key does rely on one trip to the Crpyto Express card. Since a protected key begins life as a secure key, the operational key must first be decrypted from under the master key (inside the CEX3) but then it is wrapped using the wrapping key. That operational key is then unwrapped inside the CPACF hardware. And as Phil and Rob point out, blocking can have a significnat impact on performance. That's easy to see in the white papers too since they provide results for various blocksizes. The crypto hardware (both CPACF and CEX card) is designed to handle large blocks of data and you'll get the best throughput with large blocks. So your application design can have a major impact on your performance. Greg Boyd IBM Advanced Technical Support Supporting Crypto on System z ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
