6947ch05.fm

Draft Document for Review April 7, 2004 6:15 pm

5.1 Cryptographic function support

The z990 includes both standard cryptographic hardware and optional cryptographic features, to give flexibility and growth capability. IBM has a long history of providing hardware cryptographic solutions, from the development of Data Encryption Standard (DES) in the 1970s to delivering the only integrated cryptographic hardware in a server to achieve the US Government's highest FIPS 140-2 Level 4 rating for secure cryptographic hardware.

The z990 cryptographic functions include the full range of cryptographic operations needed for e-business, e-commerce, and financial institution applications. In addition, custom cryptographic functions can be added to the set of functions that the z990 offers.

Today, e-business applications are increasingly relying on cryptographic techniques to provide the confidentiality and authentication required in this environment. Secure Sockets Layer (SSL) technology is a key technology for conducting secure e-commerce using Web servers, and it is in use by a rapidly increasing number of e-business applications, demanding new levels of security and performance.

5.1.1 Cryptographic Synchronous functions

For clear key functions only, the hardware includes implementation of the following:

￿Data encryption/decryption algorithms

Data Encryption Standard (DES)

Double length-key DES

Triple length- key DES (TDES)

￿Hashing algorithms SHA-1

￿Message authentication code (MAC):

single-key MAC

double-key MAC

5.1.2Cryptographic Asynchronous functions

For secured key functions, Cryptographic Asynchronous functions process messages that are passed to it.

￿Data encryption/decryption algorithms

Data Encryption Standard (DES)

Double length-key DES

Triple length- key DES

￿DES key generation and distribution

￿PIN generation, verification and translation functions

￿Pseudo Random Number (PRN) Generator

￿Public Key Algorithm (PKA) Facility

These commands are intended for application programs using public key algorithms, including:

Importing RSA public-private key pairs in clear and encrypted forms.

Rivest-Shamir-Adelman (RSA)

Key generation, up to 2048-bit.

Signature Verification, up to 2048-bit.

120IBM eServer zSeries 990 Technical Guide

Page 133 Page 135
Page 134
Image 134
IBM 990 manual Cryptographic function support, Cryptographic Synchronous functions, Cryptographic Asynchronous functions
Page 133 Page 135

990 specifications

The IBM 990 series, often referred to in the context of IBM's pioneering efforts in the realm of mainframe computing, represents a unique chapter in the history of information technology. Introduced in the late 1960s, the IBM 990 series was designed as a powerful tool for enterprise-level data processing and scientific calculations, showcasing the company's commitment to advancing computing capabilities.

One of the main features of the IBM 990 was its architecture, which was built to support a wide range of applications, from business processing to complex scientific computations. The system employed a 32-bit word length, which was advanced for its time, allowing for more flexible and efficient data handling. CPUs in the IBM 990 series supported multiple instructions per cycle, which contributed significantly to the overall efficiency and processing power of the machines.

The technology behind the IBM 990 was also notable for its use of solid-state technology. This provided a shift away from vacuum tube systems that were prevalent in earlier computing systems, enhancing the reliability and longevity of the hardware. The IBM 990 series utilized core memory, which was faster and more reliable than the magnetic drum memory systems that had been standard up to that point.

Another defining characteristic of the IBM 990 was its extensibility. Organizations could configure the machine to suit their specific needs by adding memory, storage, and peripheral devices as required. This modular approach facilitated the growth of systems alongside the technological and operational demands of the business environments they served.

In terms of software, the IBM 990 series was compatible with a variety of operating systems and programming environments, including FORTRAN and COBOL, enabling users to access a broader array of applications. This versatility was a significant advantage, making the IBM 990 an appealing choice for educational institutions, research facilities, and enterprises alike.

Moreover, the IBM 990 was engineered to support multiprocessing, which allowed multiple processes to run simultaneously, further increasing its effectiveness in tackling complex computing tasks.

In summary, the IBM 990 series represents a significant advancement in computing technology during the late 20th century. With a robust architecture, versatile configuration options, and a focus on solid-state technology, the IBM 990 facilitated substantial improvements in data processing capabilities, making it a cornerstone for many businesses and academic institutions of its time. Its impact can still be seen today in the continued evolution of mainframe computing.
Top Page Image Contents