Encryption algorithms supported by IBM Personal Communications 6.0

Technote (FAQ)


Question

What are the encryption algorithms that IBM Personal Communications version 6.0 supports?

Cause

This is to document the encryption algorithms that Personal Communications supports.

Answer

IBM Personal Communications version 6 uses two security providers:

  • Microsoft Cryptographic API (MSCAPI)
  • IBM Global Security Kit (GSKIT).

The cipher suites used in MSCAPI are described in Cipher Suites in Schannel.

However, it depends on the underlying Windows operating system. Also there is a way to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.

The GSKIT Cipher Specs can be either SSLv3 (not FIPS supported) or TLS1.0

Here is the list of available cipher specs:

SSLv3 (In May 2008 an update of FIPS 140-2 Guidance from NIST shows that SSL V3 has been specifically excluded from being allowed in FIPS 140-2 Approved Mode. Therefore products should disable SSLV3 when entering FIPS 140-2 mode.)

GSK_V3_CIPHER_SPECS
00 - NULL NULL
01 - NULL MD5
02 - NULL SHA
03 - RC4 MD5 Export
04 - RC4 MD5 US
05 - RC4 SHA US
06 - RC2 MD5 Export
09 - DES SHA Export
62 - DES SHA Export1024
64 - RC4-56 SHA Export1024
0A - Triple DES SHA US
2F - TLS_RSA_WITH_AES_128_CBC_SHA
35 - TLS_RSA_WITH_AES_256_CBC_SHA

The default value is "05040A62640306090201"

TLSv1 (FIPS supported) Setting GSK_TLS_CIPHER_SPECS will only have an effect if FIPS mode processing is turned on. If FIPS processing mode is off, the new buffer option will be ignored and the value of GSK_V3_CIPHER_SPECS will be used instead.

Allowed TLS 1.0 Cipher Specs:
Same as SSL V3

The FIPS / NIST approved ciphers GSKIT supports are:
TLS1.0 -- AES (35, 2F) 3DES (0A)

Related information

Personal Communications Information Center

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Personal Communications
General Information

Software version:

6.0

Operating system(s):

Windows

Reference #:

1430531

Modified date:

2013-07-01

Translate my page

Machine Translation

Content navigation