what mother never told you about cryptography

WAVV 2007, Green Bay, WI

What Mother Never Told You What Mother Never Told You about Cryptographyabout Cryptography

Don StoeverDon Stoever

Product DevelopmentProduct Development

CSI InternationalCSI International


Cryptography FundamentalsCryptography Fundamentals

Cryptography is the key building Cryptography is the key building block for many other security block for many other security servicesservices

Without it:Without it: No privacyNo privacy No authenticationNo authentication No integrityNo integrity



Cryptography algorithms used Cryptography algorithms used to provide:to provide: ConfidentialityConfidentiality AuthenticationAuthentication IntegrityIntegrity



Symmetric algorithmsSymmetric algorithms Block ciphers – DES, AES, etcBlock ciphers – DES, AES, etc

Asymmetric algorithmsAsymmetric algorithms RSA, Diffie-HellmanRSA, Diffie-Hellman

Digest algorithmsDigest algorithms SHA-256, SHA-1, MD5SHA-256, SHA-1, MD5

Digital SignaturesDigital Signatures MAC, HMACMAC, HMAC


Must Have Crypto Reading Must Have Crypto Reading

Applied Cryptography Applied Cryptography Bruce Schneier Bruce Schneier Considered the bible of crypto…Considered the bible of crypto…

RSA Security’s official Guide to RSA Security’s official Guide to CryptographyCryptography Steve Burnett + Stephen Pain Steve Burnett + Stephen Pain

Cracking DES Cracking DES Electronic Frontier FoundationElectronic Frontier Foundation

SSL and TLS EssentialsSSL and TLS Essentials Stephen ThomasStephen Thomas

SSL and TLS SSL and TLS Eric RescorlaEric Rescorla


Symmetric EncryptionSymmetric Encryption

Same key used for:Same key used for: Encryption and DecryptionEncryption and Decryption

Decryption is same code same Decryption is same code same keyskeys Just different input = encrypted Just different input = encrypted

datadata What if many parties want to What if many parties want to

securely communicate? How securely communicate? How many keys do we need? How do many keys do we need? How do we manage these keys?we manage these keys?



Data encrypted block by block Data encrypted block by block according to the algorithm and keyaccording to the algorithm and key DES uses a 8 byte(64-bit) blockDES uses a 8 byte(64-bit) block AES uses a 16 byte(128-bit) blockAES uses a 16 byte(128-bit) block

DES key sizesDES key sizes Single DES uses a 8 byte key, butSingle DES uses a 8 byte key, but Only 56-bits of the key are usedOnly 56-bits of the key are used

Bits 8, 16, 24, 32, 40, 48, 56, and 64 are Bits 8, 16, 24, 32, 40, 48, 56, and 64 are ignored...ignored...

56-bit effective strength56-bit effective strength Triple DES uses a 24 byte keyTriple DES uses a 24 byte key

168-bit effective strength168-bit effective strength



AES uses a 16 byte(128-bit) blockAES uses a 16 byte(128-bit) block AES Key sizesAES Key sizes

128, 192, or 256 bit key, and128, 192, or 256 bit key, and All bits used(unlike DES which only used All bits used(unlike DES which only used

7-bits of each byte)7-bits of each byte) AES superior to DES AES superior to DES

More efficientMore efficient More secure?More secure?


Block EncryptionBlock Encryption

How is encryption is actually performed?How is encryption is actually performed? Block by block. Meaning we take a block of data Block by block. Meaning we take a block of data

(64-bits for DES, 128-bits for AES) and encrypt it (64-bits for DES, 128-bits for AES) and encrypt it using the algorithm and key.using the algorithm and key.

Repeat that for the full message block by block.Repeat that for the full message block by block. What are the potential problems of this What are the potential problems of this

approach?approach? 1. A given cleartext will create the same 1. A given cleartext will create the same

cyphertext. That means an attacker can cyphertext. That means an attacker can potentially determine patterns and therefore potentially determine patterns and therefore analyze the cryptographic system.analyze the cryptographic system.

Solution: Cipher Block ChainingSolution: Cipher Block Chaining 2. What if I have a data stream that I want to 2. What if I have a data stream that I want to

encrypt or less than the block size?encrypt or less than the block size? Solution: Padding in last blockSolution: Padding in last block


Cipher Block ChainingCipher Block Chaining Problem we are trying to address:Problem we are trying to address:

2 identical Plaintext blocks will result in 2 identical 2 identical Plaintext blocks will result in 2 identical Cyphertext. This may allow an attacker to gather Cyphertext. This may allow an attacker to gather information on the type of traffic and assist in the information on the type of traffic and assist in the attack of the key.attack of the key.

So we want 2 identical plaintext to result in 2 different So we want 2 identical plaintext to result in 2 different Cyphertext.Cyphertext.

Basic idea: Instead of encrypting the plaintext, Basic idea: Instead of encrypting the plaintext, perform an XOR of the plaintext with the previous perform an XOR of the plaintext with the previous blocks’ Cyphertext. Then encrypt that result.blocks’ Cyphertext. Then encrypt that result.

Question what do you do for the message’s first Question what do you do for the message’s first block?block? Answer: Use a predetermined data block to XOR the Answer: Use a predetermined data block to XOR the

first block with it.first block with it. This initial block is known as the “Initialization Vector” This initial block is known as the “Initialization Vector”

or “IV”or “IV”


Cipher Block ChainingCipher Block Chaining

Cipher Block Chaining (CBC)

m1 m2 m3

IV (+) (+) (+)

E E E Key

c1 c2 c3

The 1st 64-bit message segment isXOR'edwith an initial vector (IV). Each followingmessage segment isXOR'edwith thepreceding ciphertext segment. 1


TripleDES Encrypt of 1 megabyte

520

4212

0

100

200

300

400

500

600

VSE-VM P390 OS/ 2

VSE-VM MP3000P30(60mips)VSE-VM on IBM2064(239 mips)


Triple-DES Encrypt of 16meg 2048 Times

1036 2

86016

0

10000

20000

30000

40000

50000

60000

70000

80000

90000

100000

VM-VSE-Z990Assembler CodeVM-VSE-Z990Crypto-Assist KMCVM-VSE MP3000Assembler Code


Triple-DES vs. AES128 Encrypt/Decrypt of 16meg 1000 Times

275

238

0

50

100

150

200

250

300

z990 KMC Triple-DES-CBCz990 KMC AES128-CBC


Triple-DES vs. AES128 Encrypt/Decrypt of 16meg 1000 Times

275238

610

0

100

200

300

400

500

600

700

z9-109 KMC Triple-DES-CBCz9-109 KMC AES128-CBCz890 KMC Triple-DES-CBC


Asymmetric EncryptionAsymmetric Encryption

Most important breakthrough in Most important breakthrough in crypto science in 4000 years…crypto science in 4000 years…

Public Key encryption uses 2 keys Public Key encryption uses 2 keys that are linked together by that are linked together by mathematical propertiesmathematical properties

One key used to encrypt the other One key used to encrypt the other used to decryptused to decrypt

Freely distribute your public keyFreely distribute your public key Keep private key privateKeep private key private


Asymmetric EncryptionAsymmetric Encryption

MisconceptionsMisconceptions More secure than symetricMore secure than symetric

Depends on key lengthDepends on key length Makes conventional obsoleteMakes conventional obsolete

Much larger overheadMuch larger overhead (1000x of DES)(1000x of DES)

Key distribution is easyKey distribution is easy Need method to distribute public keysNeed method to distribute public keys Private key must be carefully protectedPrivate key must be carefully protected Certicate Authorities used, but…Certicate Authorities used, but…

Future WAVV session on PKI…Future WAVV session on PKI…


Asymmetric/Public Key OverviewAsymmetric/Public Key Overview

Simple concept Simple concept (complicated (complicated math theory math theory behind)behind)

One key can One key can encrypt, the encrypt, the other can other can decrypt decrypt


Asymmetric CryptographyAsymmetric Cryptography

It’s computationally easy to generate a pair It’s computationally easy to generate a pair of keysof keys

It’s computationally easy to encrypt It’s computationally easy to encrypt It’s computationally easy to decryptIt’s computationally easy to decrypt It is computationally infeasible for an It is computationally infeasible for an

opponent to derive the private key from opponent to derive the private key from the known public keythe known public key

It is computationally infeasible for an It is computationally infeasible for an opponent to recover the original message opponent to recover the original message from the ciphertext knowing only the public from the ciphertext knowing only the public key.key.


Asymmetric RSA AlgorithmAsymmetric RSA Algorithm

RSA key generation based on RSA PKCS-1RSA key generation based on RSA PKCS-1 Select a positive integer Select a positive integer ee as its public as its public

exponentexponent 3 and 65537 are commonly used…3 and 65537 are commonly used…

Randomly select two distinct odd primes Randomly select two distinct odd primes pp and and qq ((pp1) and 1) and ee have no common divisors have no common divisors ((qq1) and 1) and ee have no common divisors. have no common divisors.

public modulus public modulus nn shall be product of shall be product of prime factors prime factors pp and and qq:: nn = = pqpq . .

Private exponent is a positive integer Private exponent is a positive integer dd dede1 is divisible by both 1 is divisible by both pp1 and 1 and qq1.1.



RSA encryption process quite simpleRSA encryption process quite simple Data formatted into block size of modulousData formatted into block size of modulous

64(512), 128(1024), 256(2048) byte block(bit) 64(512), 128(1024), 256(2048) byte block(bit) sizessizes

Specific rules used for paddingSpecific rules used for padding Raise the formatted block to the power of Raise the formatted block to the power of

the public exponentthe public exponent So for RSA with a 128 byte keySo for RSA with a 128 byte key

128*8 = 1024 bits128*8 = 1024 bits Use public exponent to raise a 1024-bit Use public exponent to raise a 1024-bit

number to power of 1024 bit exponentnumber to power of 1024 bit exponent Public exponent always 3 or 65,537…Public exponent always 3 or 65,537… 1024 * 1024 = 2048 bit number 1024 * 1024 = 2048 bit number Divide by modulous keep the remainder and Divide by modulous keep the remainder and

repeat… repeat…



RSA decryption also quite simpleRSA decryption also quite simple Raise the encrpyted block to the power Raise the encrpyted block to the power

of the private exponentof the private exponent Private exponent true random 1024-bit Private exponent true random 1024-bit

number…number… Much slower(100x) than encrypt because Much slower(100x) than encrypt because

exponent is much larger…exponent is much larger… Same process as encryptSame process as encrypt

Raises 1024-bit number to power of 1024-bit Raises 1024-bit number to power of 1024-bit numbernumber

Divide by modulous keep the remainder and Divide by modulous keep the remainder and repeat… repeat…

Not that bad…Not that bad… But remember…But remember…



2 to power of 31 VSE addressing 2 to power of 31 VSE addressing limit(2gig)limit(2gig) 2,147,483,6482,147,483,648

2 to the power of 642 to the power of 64 18,446,744,073,709,551,61618,446,744,073,709,551,616

Each bit doubles the number space…Each bit doubles the number space… 2 to power of 10242 to power of 1024

Number size > number of atoms in know Number size > number of atoms in know universeuniverse

Lots of primes in this size number spaceLots of primes in this size number space RSA based on difficulty of factoring primes…RSA based on difficulty of factoring primes…

Very computationally intensive Very computationally intensive



Can be speeded up using math Can be speeded up using math tricks:tricks: Modular mathModular math Chinese Remainder TheoremChinese Remainder Theorem

But best handled in hardware…But best handled in hardware…


RSA 1024-bit Encrypt-Decrypt 1000 times

4966

646

530

1000

2000

3000

4000

5000

6000

VSE-VM P390 OS/ 2

VSE-VM MP3000P30(60 mips)

VSE-VM on IBM2064(239 mips) withPCICA Crypto-Coprocessor


Cryptography Digest AlgorithmsCryptography Digest Algorithms

Basically a hash of any amount Basically a hash of any amount of dataof data

Also referred to as a Also referred to as a “fingerprint”“fingerprint” MD5 creates 16 byte digestMD5 creates 16 byte digest

16*8 = 128 bit number16*8 = 128 bit number SHA-1 creates 20 byte digestSHA-1 creates 20 byte digest

20*8 = 160 bit number20*8 = 160 bit number No collisionsNo collisions

SHA-256 creates 32 bytes digestSHA-256 creates 32 bytes digest 32*8 = 256 bit number 32*8 = 256 bit number


SHA-1 Message Digest of 4k 1000 times

80

51

0

10

20

30

40

50

60

70

80

90

VSE-VM P390 OS/ 2

VM-VSE-MP3000P30(60mips)VSE-VM on IBM2064(239 mips)


SHA-1 Message Digest of 8k 100,000 times

4074

454

0

500

1000

1500

2000

2500

3000

3500

4000

4500

VM-VSE-Z990Assembler CodeVM-VSE-Z990 usingKLMD


MD5 Message Digest of 4k 1000 times

22

2

37

0.50

5

10

15

20

25

30

35

40

VSE-VM P390 OS/ 2

VSE-VM MP3000P30(60 mips)

VSE-Socket to PCCrypto Server onIntel P3(700mhz)VSE-VM on IBM2064(239 mips)


Cryptography MACCryptography MAC

MAC or HMAC will mix in a MAC or HMAC will mix in a secret with the hash secret with the hash

Create a MD5 or SHA hash of Create a MD5 or SHA hash of any amount of data + “secret”any amount of data + “secret”

RFC2104RFC2104 HMAC: Keyed-Hashing for Message HMAC: Keyed-Hashing for Message

AuthenticationAuthentication


Cryptography Digital SignatureCryptography Digital Signature

Create a MD5 or SHA-1 hash of any Create a MD5 or SHA-1 hash of any amount of data…amount of data… PDF document, etc.PDF document, etc.

RSA encrypt the hash with my RSA encrypt the hash with my private keyprivate key

Now anyone can use my RSA public Now anyone can use my RSA public key tokey to Verify that I signed itVerify that I signed it Verify it has not be modifiedVerify it has not be modified



Algorithms must be:Algorithms must be: Secure and ReliableSecure and Reliable

Secret Algorithm’sSecret Algorithm’s Unknown to attackersUnknown to attackers Only creator and his “friends” know Only creator and his “friends” know

weaknessesweaknesses Back door’s possibleBack door’s possible

Public Algorithm’sPublic Algorithm’s Subject to crypto-analysisSubject to crypto-analysis Attacked with “brute force”Attacked with “brute force” Known published weaknessesKnown published weaknesses



Secret Algorithm’sSecret Algorithm’s ““Hidden” in hardware or compiled codeHidden” in hardware or compiled code

In software could be reverse engineeredIn software could be reverse engineered In hardware much harder to analyze but In hardware much harder to analyze but

secrecy can be compromised by:secrecy can be compromised by: Disgruntled employeeDisgruntled employee Careless vendorCareless vendor

If algorithm has a “flaw” data may be If algorithm has a “flaw” data may be decryptable without the keydecryptable without the key

Not subject to analysis that may identify Not subject to analysis that may identify weakness before deploymentweakness before deployment

The only method to guarantee a The only method to guarantee a algorithm has a weakness is to allow algorithm has a weakness is to allow cryptographic analysts to study it…cryptographic analysts to study it…


Secret AlgorithmsSecret Algorithms

Cable/Sat TV ScramblingCable/Sat TV Scrambling Rely on hardware Rely on hardware

encoding/scramblingencoding/scrambling Many places you can find “cheap” Many places you can find “cheap”

descrambler for sale.descrambler for sale. Manufacturer relies on difficulty to Manufacturer relies on difficulty to

analyze hardware functions and analyze hardware functions and reproduce it.reproduce it.



DVD EncodingDVD Encoding Movie industry spent years developing a Movie industry spent years developing a

standard for encryption.standard for encryption. After development they simply released it. Not After development they simply released it. Not

for review, but the full product (DVD) that relied for review, but the full product (DVD) that relied on the standard. on the standard.

Encryption keys were assigned to manufacturers Encryption keys were assigned to manufacturers and decryption keys based on them were and decryption keys based on them were distributed to all DVD reader manufacturers to distributed to all DVD reader manufacturers to build in all DVD readers.build in all DVD readers.

Two “ooppps” happened:Two “ooppps” happened: A DVD software reader improperly protected one A DVD software reader improperly protected one

decryption key and it was made public.decryption key and it was made public. Several (2 initially I think) “security technologists” Several (2 initially I think) “security technologists”

(“SoupaFr0g” and “Canman”) reversed engineered (“SoupaFr0g” and “Canman”) reversed engineered decoded the encryption algorithm used.decoded the encryption algorithm used.



DVD EncodingDVD Encoding Soon after a software program (DeCSS) Soon after a software program (DeCSS)

was released that allows one to pull the was released that allows one to pull the decrypted data off the DVD disk and decrypted data off the DVD disk and play/save it like any other multimedia play/save it like any other multimedia file.file.

What was the movie industry reaction: What was the movie industry reaction: Sue them but the damage is done: Sue them but the damage is done: nobody can order or afford the recall of nobody can order or afford the recall of all DVD players!all DVD players!

Lesson learned: Security by Secrecy Lesson learned: Security by Secrecy does not work! (Unless you work for does not work! (Unless you work for the NSA)the NSA)


Public AlgorithmsPublic Algorithms The algorithm will be scrutinized by experts and if The algorithm will be scrutinized by experts and if

after some time, nobody finds a weakness: chances after some time, nobody finds a weakness: chances are: there are none!are: there are none!

So how do you defeat the encryption? The only way So how do you defeat the encryption? The only way is by going through and trying all possible is by going through and trying all possible decryption keys! This is called a “Brute Force” decryption keys! This is called a “Brute Force” attack.attack.

How many possible keys exist? It depends on the How many possible keys exist? It depends on the length/size of the key.length/size of the key. 40 bits key – 240 bits key – 24040

56 bits key – 256 bits key – 25656

128 bits key – 2128 bits key – 2128128

On average you will need to go through ½ the possible On average you will need to go through ½ the possible keys. However here is a fun question: how do you keys. However here is a fun question: how do you know you found the right key? Can you identify the know you found the right key? Can you identify the plaintext? If it is English (or French for that matter) it plaintext? If it is English (or French for that matter) it is easy but what if it is a binary file?is easy but what if it is a binary file?


Public AlgorithmsPublic Algorithms So how do you protect the secrecy?So how do you protect the secrecy?

Use a longer key!!!Use a longer key!!! However the longer the key, the longer it takes to However the longer the key, the longer it takes to

encrypt/decrypt the data.encrypt/decrypt the data. So we can establish that it will be possible for anybody to decrypt So we can establish that it will be possible for anybody to decrypt

the data: the problem is not IF they can decrypt it but HOW LONG the data: the problem is not IF they can decrypt it but HOW LONG will it take to decrypt it! will it take to decrypt it!

Make the “cost” of running a brute force attack longer than the Make the “cost” of running a brute force attack longer than the value of the data. For example: value of the data. For example:

If it takes you 4 years to decode a credit card number that has a 2 If it takes you 4 years to decode a credit card number that has a 2 years expiration, is it worth trying?years expiration, is it worth trying?

If you need to build a $10,000.00 decryption machine to decrypt If you need to build a $10,000.00 decryption machine to decrypt ordering information that will allow you to hijack $2,000,000.00 worth ordering information that will allow you to hijack $2,000,000.00 worth of data in 3 months, is it worth it?of data in 3 months, is it worth it?

Interesting note: It is believed that, using current technology, one Interesting note: It is believed that, using current technology, one can build a brute force decoder that is able to decrypt a 56/64 bits can build a brute force decoder that is able to decrypt a 56/64 bits encrypted DES traffic in near real time for less than $500,000.00. encrypted DES traffic in near real time for less than $500,000.00.


Case Study: Reliable Algorithm Case Study: Reliable Algorithm with long key: is it safe?with long key: is it safe?

If you use an algorithm that has If you use an algorithm that has no known weakness (for no known weakness (for example AES) with a long example AES) with a long enough key (for example 128 enough key (for example 128 bits) you are safe from bits) you are safe from eavesdropping. Is that really eavesdropping. Is that really true? What could go wrong?true? What could go wrong?



Case example: Law enforcement vs. Case example: Law enforcement vs. child pornographer.child pornographer. In 1998, Law enforcement hired a well In 1998, Law enforcement hired a well

recognized cryptanalyst to apprehend an recognized cryptanalyst to apprehend an individual suspected of transmitting individual suspected of transmitting child pornography.child pornography.

After getting a court order to sniff the After getting a court order to sniff the traffic, they quickly determined that is traffic, they quickly determined that is was strongly encrypted. How did they was strongly encrypted. How did they determine that? Encrypted traffic has determine that? Encrypted traffic has the inherent characteristic of been “very the inherent characteristic of been “very blend”: no patterns, no interesting blend”: no patterns, no interesting characteristics.characteristics.

Large size also gave information on the Large size also gave information on the type of information transmitted: it was type of information transmitted: it was large.large.



Case example: Law enforcement vs. child Case example: Law enforcement vs. child pornographer.pornographer. So how do you defeat that? One solution would So how do you defeat that? One solution would

be to bring in the suspect and interrogate him be to bring in the suspect and interrogate him hoping he will crack. Or… another way: perform hoping he will crack. Or… another way: perform a search at the destination of the traffic. That is a search at the destination of the traffic. That is what they did, they found the destination and on what they did, they found the destination and on the computer found the decryption key in plain the computer found the decryption key in plain view! Then they could decode the traffic and view! Then they could decode the traffic and apprehend the suspect.apprehend the suspect.

What is the lesson? It does not matter how large What is the lesson? It does not matter how large your key is: if it is not protected, it is not safe!your key is: if it is not protected, it is not safe!


IETF StandardsIETF Standards

RFC1321 The MD5 Message-Digest RFC1321 The MD5 Message-Digest AlgorithmAlgorithm

RFC2104 HMAC: Keyed hashing for RFC2104 HMAC: Keyed hashing for message authenticationmessage authentication

RFC2202 Test Cases for HMAC-MD5 RFC2202 Test Cases for HMAC-MD5 and HMAC-SHA-1and HMAC-SHA-1

RFC1113 Universal Printable RFC1113 Universal Printable Character encodingCharacter encoding

RFC2459 Internet x509v3 PKI RFC2459 Internet x509v3 PKI certificatescertificates

Internet draft HTTP over TLSInternet draft HTTP over TLS


FIPS StandardsFIPS Standards

PUB 46-3 Data Encryption Standard PUB 46-3 Data Encryption Standard (DES) (DES)

PUB 81 DES Modes of OperationPUB 81 DES Modes of Operation PUB 197 Advanced Encryption PUB 197 Advanced Encryption

Standard(AES)Standard(AES) PUB 180-1 Secure Hash Standard PUB 180-1 Secure Hash Standard

(SHA-1)(SHA-1) http://www-08.nist.gov/cryptval/des.http://www-08.nist.gov/cryptval/des.

htmhtm http://csrc.nist.gov/pki/nist_crypto/http://csrc.nist.gov/pki/nist_crypto/

welcome.html welcome.html

http://www-08.nist.gov/cryptval/des.htm

http://www-08.nist.gov/cryptval/des.htm


Cryptography Cryptography Fundamentals Books you Fundamentals Books you

must have… must have…

Applied Cryptography Applied Cryptography Bruce Schneier Bruce Schneier Considered the bible or crypto…Considered the bible or crypto…

RSA Security’s official Guide to RSA Security’s official Guide to CryptographyCryptography Steve Burnett + Stephen Pain Steve Burnett + Stephen Pain

Cracking DES Cracking DES Electronic Frontier FoundationElectronic Frontier Foundation

SSL and TLS EssentialsSSL and TLS Essentials Stephen ThomasStephen Thomas

SSL and TLS SSL and TLS Eric RescorlaEric Rescorla


CSI Cryptography ProductsCSI Cryptography Products

SSL for VSESSL for VSE SecureFTPSecureFTP HFSHFS Dr. CryptoDr. Crypto



SSL for VSESSL for VSE Feature of TCP/IPFeature of TCP/IP Allows secure connectionsAllows secure connections Provides API to many crypto Provides API to many crypto

algorithmsalgorithms SecureFTPSecureFTP

Allows secure FTP sessionsAllows secure FTP sessions



HFS Encrypted file systemHFS Encrypted file system DEFINE FILE,DLBL=HFSTST,PUBLIC=HFSTST,DEFINE FILE,DLBL=HFSTST,PUBLIC=HFSTST, TYPE=HFS,RECFM=S,LRECL=4096,TYPE=HFS,RECFM=S,LRECL=4096, CIPHER=SDESCBC-CIPHER=SDESCBC-

SHA1,CIPHERKEY=SEEDSAMPSHA1,CIPHERKEY=SEEDSAMP CIPHER=KEYMASTER,CIPHERKEY=CIALHFSKCIPHER=KEYMASTER,CIPHERKEY=CIALHFSK CIPHER=TDESCBC-SHA1,CIPHERKEY=CIALHFSKCIPHER=TDESCBC-SHA1,CIPHERKEY=CIALHFSK CIPHER=TDESCBC-NULL,CIPHERKEY=CIALHFSKCIPHER=TDESCBC-NULL,CIPHERKEY=CIALHFSK CIPHER=SDESCBC-NULL,CIPHERKEY=CIALHFSKCIPHER=SDESCBC-NULL,CIPHERKEY=CIALHFSK CIPHER=NULL-SHA1,CIPHERKEY=CIALHFSKCIPHER=NULL-SHA1,CIPHERKEY=CIALHFSK



Dr. CryptoDr. Crypto Encrypted tape filesEncrypted tape files DES, Triple-DESDES, Triple-DES AES with z ICF facilityAES with z ICF facility User definable key stored in Epic User definable key stored in Epic

catalogcatalog Working on keymaster for non-EpicWorking on keymaster for non-Epic


QuestionsQuestions

?


CSI WAVV SessionsCSI WAVV Sessions““What is PNET?”What is PNET?” ─ ─ Ken Meyer, Sunday, 8:00 A.M. (Room B-1/B-2)Ken Meyer, Sunday, 8:00 A.M. (Room B-1/B-2)

““Entrée Entrée ─ ─ Uncut and Unrated (24 x 7 Widescreen Version)”Uncut and Unrated (24 x 7 Widescreen Version)” ─ ─ Tim Kessler, Sunday, 9:15 A.M. (Room A4)Tim Kessler, Sunday, 9:15 A.M. (Room A4)

““VSAM Performance Part 1”VSAM Performance Part 1” ─ ─ John Mycroft, Sunday, 10:30 A.M. (Room B-1/B-2)John Mycroft, Sunday, 10:30 A.M. (Room B-1/B-2)

““CSI TCP/IP Update”CSI TCP/IP Update” ─ ─ Ed Franks, Sunday, 10:30 A.M. (Room A-1)Ed Franks, Sunday, 10:30 A.M. (Room A-1)

““What’s All the Buzz About Data-Miner”What’s All the Buzz About Data-Miner” ─ ─ John Mycroft, Sunday, 5:30 P.M. (Room A-4)John Mycroft, Sunday, 5:30 P.M. (Room A-4)

““TCP/IP Performance for TCP/IP for VSE” TCP/IP Performance for TCP/IP for VSE” ─ ─ John Rankin, Monday, 9:15 A.M. (Room B-1/B-2)John Rankin, Monday, 9:15 A.M. (Room B-1/B-2)


CSI WAVV SessionsCSI WAVV Sessions

““VSAM Performance Part 2”VSAM Performance Part 2” ─ ─ John Mycroft, Monday, 10:30 A.M. (Room A-2)John Mycroft, Monday, 10:30 A.M. (Room A-2)

““CSI Green Bay (Moderated by Jon Henderson)”CSI Green Bay (Moderated by Jon Henderson)” ─ ─ CSI Management Team, Monday, 3:00 P.M. (Room A4)CSI Management Team, Monday, 3:00 P.M. (Room A4)

““VSE Internals”VSE Internals” ─ ─ Ken Meyer, Monday, 3:00 P.M. (Room B-1/B-2)Ken Meyer, Monday, 3:00 P.M. (Room B-1/B-2)

““Tuning Myths”Tuning Myths” ─ ─ Ken Meyer, Monday, 4:15 P.M. (Room B-1/B-2)Ken Meyer, Monday, 4:15 P.M. (Room B-1/B-2)

““Tuning Myths”Tuning Myths” ─ ─ Ken Meyer, Monday, 5:30 P.M. (Room B-1/B-2)Ken Meyer, Monday, 5:30 P.M. (Room B-1/B-2)


Thank you…Thank you…

Enjoy the rest of WAVV!Enjoy the rest of WAVV!

what mother never told you about cryptography

Documents