Step 5 is secret. If he told you he would have to kill you. There is also a Step 6, but it is too secret to even list. Oops.
Hey, it is Friday. Charles -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Tony Harminc Sent: Friday, January 14, 2022 4:22 PM To: [email protected] Subject: Re: ICSF key exchange scenario On Fri, 14 Jan 2022 at 13:00, Radoslaw Skorupka <[email protected]> wrote: > > Let's assume two z/OS images and some data exchange. > One of possible methods is symmetric encryption. > However that requires key exchange. > I have the following idea: > 1. Both sides create asymetric key. > 2. Public keys are exported and exchanged. > 3. One side encrypt symm key using public key of another side. > 4. Second side decrypt symm key using it's own private key. > > Does it make sense? Sure.. > Any hints? > What services to use in steps 4. and 5. ? You don't show a point 5... But more generally, I'm not sure what you are really asking. Certainly it makes sense - it is basically what any public-key crypto scheme does. For any such proposal you need a threat model. As Charles says, you have to protect the private key(s) of the asymmetric algorithm, and the single secret key of the symmetric one. You also need to consider MITM/WITM (now called middleperson) attacks. Even if this is - as you say later - a no-network scheme (I'll assume you are exchanging tapes or using RFC 1149 or similar technology), there is no real difference in the attack surface. Someone can intercept and copy (or simply steal) your tape, or interrogate the pigeon, or whatever. For a state-level actor, even middleperson against a hand-carried key exchange against two banks is not impossible. Cloak and Dagger. Realistically, you don't want that secret key ever in clear text outside the crypto hardware. This means using key entry station and such to produce a transportable key. You can use ICSF or on fairly modern z hardware you can use the crypto instructions yourself for all the parts you describe. Well these are all platitudes. If you can say a bit more about what is unique about your problem (e.g. not already done by PGP et al), perhaps you'll get less general answers. Tony H. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
