Cipher Adapter

The Cipher adapter encrypts and decrypts data by using the Advanced Encryption Standard (AES) established by the U.S. National Institute of Standards and Technology (NIST). A single cryptographic key enciphers (encrypts) and deciphers data. The cryptographic key is stored in a master key file (MKF) in an AES-based encrypted format. As long as the MKF is not compromised or lost, the enciphered data is cryptographically secure.

Encrypted data is preceded by a unique header that identifies the specific master key used for encryption, similar to the following example:
[HIP id=13104 iv=7804721d4eb50b8de9185960a587ee45 m=a h=15B333C7]
In the header example:
id= Encryption master key ID
iv= GSKit cipher initialization vector (IV)
m=a
m=b
ASCII or binary encryption mode
h= Internal checksum

To decrypt the data, the specified MKF must contain the master key ID that’s specified in the header of the encrypted data. The encryption mode can be ASCII or binary. Decryption automatically uses the mode that’s appropriate for the encrypted data.

In Integration Platform, encrypted files are interchangeable between Windows and UNIX operating systems. For example, you can encipher a file on a Windows system and run a map on a UNIX system to decipher it.

Because z/OS® systems use a different encryption format, you cannot decipher file on a z/OS system that you encrypted on a Windows or UNIX system.