|
New
AES Encryption for AS/400 and iSeries!
This
month we released a major enhancement to
the Alliance encryption capabilities. Alliance
AES encryption now supports encrypting
individual fields in an AS/400 DB2 database file
and the creation of self-decrypting archive
files for the secure distribution of data and
reports over the Internet. AES (Advanced
Encryption Standard) is an encryption method
approved by the United States National Institute
of Standards and Technology. The AES support in
Alliance uses 256-bit encryption that provides
very strong protection. This new capability will
be good news for AS/400 customers concerned
about new federal and state regulations
concerning identity theft and the protection of
personal information.
The
DB2 database encryption support is delivered as
a set of Application Program Interfaces (APIs)
that you can use to encrypt and decrypt fields
in a file. They are easy to incorporate into RPG
and Cobol programs, and do not require that you
change the definitions of your files. The APIs
are ideal for encrypting social security
numbers, credit card numbers, or any other
sensitive data. When used properly the APIs can
securely encrypt even very small fields of one
or two bytes in length.
The
Alliance self-decrypting archive support lets
you encrypt any DB2 file or IFS file and
distribute it as a Windows executable file. The
data payload is encrypted with Alliance AES
encryption, and then converted to a Windows
executable. The recipient runs the program,
enters a pass phrase, and the file is decrypted
and extracted to their hard drive. The advantage
of self-decrypting archives is that no
third-party software is required to decrypt the
file.
Alliance
provides a complete key management application
to help you manage and securely store AES keys.
A complete set of command interfaces is provided
to make it easy to integrate AES functions into
your AS/400 applications. Our goal is to
take some of the mystery and hard work out of
encryption technology and make it available to
AS/400 developers.
Alliance
AES encryption is available as a part of the
base Alliance FTP Manager application. Existing
Alliance FTP Manager customers can upgrade now
to receive the AES encryption support at no
additional charge. New customers can install the
base Alliance FTP Manager product to begin using
AES encryption and the many other security
features in this product.
Finally,
just a personal note: I’ve always felt a
strong commitment to the relationship we develop
with our customers, and that means working to
enhance and improve our products over time. When
we add significant technologies to our products,
such as the new AES encryption capability, we
generally provide them at no charge to our
existing customers. It’s our way of thanking
you for your continuing support.
----
Patrick Townsend
Click
here for more details
AES
Technical Tip
Using
the Alliance DB2 encryption API to encrypt a
file in your interactive programs is easy.
Alliance provides a single API that you can use
to encrypt and decrypt data. The API uses an AES
key that you create with Alliance AES key
management configuration. After you create the
key you can use the API. For ILE programs the
API procedure name is AESEncrypt. When used in
an ILE RPG program the code would look like
this:
d
KeyName
s
10a
inz(' ')
d
InpData
s 32767a
inz(' ')
d
InpLength
s
8b 0 inz(0)
d
RecordID
s
8b 0
d
OutData
s
32767a
inz(' ')
d
ReplyCode
s
8b 0
c*
Set up the AES key name
c
Eval
KeyName = 'SAMPLE'
c*
Encrypt the field SMCARD which contains a credit
c*
card number
c*
c
Eval
InpData = SMCARD
c
Eval
InpLength = 16
c*
Define a unique record ID. In this case we will
use the customer
c*
number from the database record
c
Movel
SMCUST
RecordID
c*
Clear the output fields
c
Eval
OutData = ' '
c
Eval
ReplyCode = 0
c*
Encrypt the data
c
Callb(d)
'AESCrypt'
c
Parm
KeyName
c
Parm
InpData
c
Parm
InpLength
c
Parm
RecordID
c
Parm
OutData
c
Parm
ReplyCode
c*
Check for an error
c
ReplyCode
ifne
0
c****
Error handling goes here
c
endif
Since
the AES decryption logic is symetrical you can
use exactly the same call to the AESCrypt API to
decrypt the data. As you can see a small about
of code can add powerful encryption technology
to your applications.
All
of the Alliance APIs return a code to indicate
the success or failure of the operation. Always
be sure to check the return code and handle
errors appropriately.
The
above logic is best for interactive programs
that do one or two encryption requests at a
time. For batch operations where you will be
doing many encryption requests you will probably
want to use the AESGetKey and crypt256 functions
as these will perform better for multiple
transactions. Please see the example code in the
product library.
Support News
YOU
NEED SUPPORT!!!
and
WE
HEAR YOU!!!
The
fastest and most effective way to get support is
to start a ticket.
When
you start a ticket, someone on the support staff
will let you know we received your ticket and
will work to get an answer back to you as
quickly as possible.
If
you Click
here for support
you will see a link to "Technical
Support" and "start a support
ticket". When you start a ticket, PLEASE
give
as much information as you possibly can.
Let
us know what version of the product you are on
(if you look at the
Alliance main menu you'll see it there) and tell
us what version of the operating system you are
running.
Give us as
much detail as you can about what you are doing
and the results you are getting.~~~~~~AND
MOST IMPORTANT~~~~~~ Please
send us a log!
|
