Encryption takes place using one of the standard symmetrical methods AES or DES (the encryption method is defined with a system option in the system parameter FILECRYP) and a crypto password that must be entered. To permit the unencrypted content of an encrypted file to be accessed, this crypto password must be entered on a task-local basis.
File encryption is defined in a protection attribute in the file attributes, but in technical terms also affects the file format.
The system parameter FILECRYP can be modified at any time, for instance from AES to DES. The system parameter affects (only) the selection of the method in the event of conversion to an encrypted file (ENCRYPT-FILE). Files already encrypted maintain their encryption attributes (also the method used) in the catalog entry and remain unaffected by a modification of the system parameter.
Encrypted files are maintained on the pubset disks, encrypted on a page basis. Here all pages of a file are encrypted in the same way. The key for encrypting/decrypting for read or write access to the file is derived from the check of the crypto password when an encrypted file is opened.
Encryption/decryption is implemented using the Crypt subsystem.
Different files can have identical or different crypto passwords. As a result, identical or different keys are used for encryption.
When a file is converted into an encrypted file (ENCRYPT-FILE) the crypto password can also be taken over from a reference file that is already encrypted. This supports the assignment of identical crypto passwords for associated files. The system parameter FREFCRYP enables the introduction of new crypto passwords to be restricted to files of a particular user ID. Files outside this user ID can then only be assigned a crypto password taken over from a reference file.
The catalog entry for an encrypted file contains the encryption indicator, the encryption method and a check pattern for checking the crypto password.
The crypto password and the key are not stored in the system.
The use of DAB (Disk Access Buffer) reduces the inputs/outputs to disk by means of buffering. When encrypted files which use DAB buffering are accessed, this obviates the need for inputs/output to disk and also encryption/decryption.
Homogeneous transfer and integration into existing applications
In the event of homogeneous transfer of an encrypted file, the encrypted content is transferred 1:1 to a target file which has the same encryption attributes as the source file.
This homogeneous transfer is used for:
homogeneous COPY-FILE
saving and restoring (SAVE/RESTORE) with HSMS/ARCHIVE
migrating and recalling (MIGRATION/RECALL) with HSMS
moving files within an SM pubset to another volume set
file transfer (homogeneous only; for information on unhomogeneous file transfer see Restrictions on "Preconditions and restrictions for file encryption")
Thus in the event of homogeneous transfer no decryption takes place, and no key and no crypto password are required. The target file is created in encrypted form, which requires no more time than for the corresponding operation for an unencrypted file.
Systems support can, on the one hand, operate as usual with encrypted files as no crypto password is required for the aforementioned transfers, but then, on the other hand, they will not have access to the decrypted content of encrypted files.
To permit the simple introduction of encrypted files into existing applications, securityrelevant files are converted once into encrypted files. In this case a crypto password must be defined. As with the file passwords, a crypto password can be specified outside the application before the application is then started in the same task. The application then automatically reads and writes the encrypted content of the file in the event of file accesses. On the disks the content of the file remains encrypted. In this way applications do not need to be modified when encrypted files are used.