IBM 2 Computer Hardware User Manual


 
CCA Release 2.54
General Data Encryption Processes
Although the fundamental concepts of ciphering (enciphering and deciphering) data
are simple, different methods exist to process data strings that are not a multiple of
eight bytes in length. Two widely used methods for enciphering general data are
defined in these ANSI standards:
ANSI X3.106 (CBC)
ANSI X9.23.
Note: These methods also differ in how they define the initial chaining value (ICV).
This section describes how the Encipher and Decipher verbs implement these
methods.
Single-DES and Triple-DES for General Data
The IBM 4758 Model 002 supports the use of triple-DES in addition to the classical
“single-DES.” In the subsequent descriptions of the CBC method and ANSI X9.23
method, the actions of Encipher and Decipher encompass both single-DES and
triple-DES. The triple-DES processes are depicted in Figure D-2 where “left key”
and “right key” refer to the two halves of a double-length DES key.
Cleartext, 8 bytes Ciphertext, 8 bytes
────────┬───────── ─────────┬─────────
││

┌───────────────────┐ ┌───────────────────┐
││ ││
Left Key──────│ Encipher Left Key──────│ Decipher
││ ││
└─────────┬─────────┘ └─────────┬─────────┘
││

┌───────────────────┐ ┌───────────────────┐
││ ││
Right Key─────│ Decipher Right Key─────│ Encipher
││ ││
└─────────┬─────────┘ └─────────┬─────────┘
││

┌───────────────────┐ ┌───────────────────┐
││ ││
Left Key──────│ Encipher Left Key──────│ Decipher
││ ││
└─────────┬─────────┘ └─────────┬─────────┘
││

Ciphertext Cleartext
Figure D-2. Triple-DES Data Encryption and Decryption
D-6 IBM 4758 CCA Basic Services, Release 2.54, February 2005