CCA Release 2.54
General Data Encryption Processes
Although the fundamental concepts of ciphering (enciphering and deciphering) data
are simple, different methods exist to process data strings that are not a multiple of
eight bytes in length. Two widely used methods for enciphering general data are
defined in these ANSI standards:
ANSI X3.106 (CBC)
ANSI X9.23.
Note: These methods also differ in how they define the initial chaining value (ICV).
This section describes how the Encipher and Decipher verbs implement these
methods.
Single-DES and Triple-DES for General Data
The IBM 4758 Model 002 supports the use of triple-DES in addition to the classical
“single-DES.” In the subsequent descriptions of the CBC method and ANSI X9.23
method, the actions of Encipher and Decipher encompass both single-DES and
triple-DES. The triple-DES processes are depicted in Figure D-2 where “left key”
and “right key” refer to the two halves of a double-length DES key.
Cleartext, 8 bytes Ciphertext, 8 bytes
────────┬───────── ─────────┬─────────
││
┌───────────────────┐ ┌───────────────────┐
││ ││
Left Key──────│ Encipher │ Left Key──────│ Decipher │
││ ││
└─────────┬─────────┘ └─────────┬─────────┘
││
┌───────────────────┐ ┌───────────────────┐
││ ││
Right Key─────│ Decipher │ Right Key─────│ Encipher │
││ ││
└─────────┬─────────┘ └─────────┬─────────┘
││
┌───────────────────┐ ┌───────────────────┐
││ ││
Left Key──────│ Encipher │ Left Key──────│ Decipher │
││ ││
└─────────┬─────────┘ └─────────┬─────────┘
││
Ciphertext Cleartext
Figure D-2. Triple-DES Data Encryption and Decryption
D-6 IBM 4758 CCA Basic Services, Release 2.54, February 2005