Introduction to FDRCRYPT Backup Encryption

FDRCRYPT is an additional cost FDR facility for encrypting and decrypting backup files. FDRCRYPT protects your backups by insuring that they cannot be read without the proper encryption keys. It is intended to protect backups that must be sent off-site (such as disaster backup tapes) but can also be used to protect on-site backups if needed.

FDRCRYPT also includes a program, called FDRCAMS, which enhances IDCAMS REPRO to encrypt and decrypt sequential files written and read by REPRO. This can be used to encrypt any sequential file that are sent off site, such as data files shared with other companies or government agencies.

Protection of your off site data may be required by government, industry and corporate privacy, and security laws and regulations, in the USA (such as HIPAA, Sarbanes-Oxley, and DOD requirements) and other countries.

FDRCRYPT enhances:

  • FDR full volume backup and restore
  • FDRDSF data set backup and restore
  • FDRABR volume backup (full-volume and incremental backup) and restore
  • FDRABR archive backup and restore
  • FDRAPPL application backup and restore
  • FDRTCOPY and FDRTSEL backup copy utilities

FDRCRYPT encrypts your data using either AES or TDES algorithms, driven by an encryption key. The encryption keys can be user-specified or they can be randomly generated by FDRCRYPT so that each DASD volume backed up or sequential REPRO output has a unique key.

The same encryption key must be available when the encrypted files are read to decrypt the data. FDRCRYPT stores the encryption keys used for each file in a special Encryption Keyfile on DASD. For off-site restores (such as disaster recovery), this Encryption Keyfile must be securely transported to the restore site. Alternatively, the keys can be entered by the user into the restore job.

FDRCRYPT also supports an optional master key, which is used to create an encrypted copy of the actual key used to encrypt the data. The encrypted key is saved on the encrypted file itself. The master key can be used to decrypt any file created by FDRCRYPT using that master key, in case the actual keys or the Encryption Keyfile is not available. Obviously, master keys must be kept extremely secure.

FDRCAMS also supports RSA public key encryption, which is used to encrypt the actual encryption key used with a RSA public key. At decryption time, a matching RSA private key is used to decrypt the actual encryption key, which is then used to decrypt the data. This is similar to a master key but is intended for use when exchanging data with another organization.

Important

FDRCRYPT does not support compression and decompression using zEDC (zEnterprise Data Compression); thus, the ZEDC=YES option should not be specified.

Backup encryption overview

For FDR and FDRABR backups, FDRCRYPT normally compresses the backup data before it is encrypted. After compression, FDRCRYPT uses one of the user-selected encryption algorithms. These algorithms provide increasing levels of encryption strength, but each is more expensive in CPU time. FDRCRYPT customers can balance the sensitivity of the data being backed up with the increased CPU and elapsed time required to encrypt it by selecting the appropriate algorithm. Because backups may involve encrypting terabytes of data every week, the CPU cost of backup encryption may be significant.

The encryption algorithms are:

  • AES - This uses the Advanced Encryption Standard algorithm, as approved by the US National Institute of Standards and Technology (NIST). AES uses the encryption key to do a repetitive transformation of the data that is extremely secure; key lengths of 128, 192 and 256 bits are supported. AES is the current standard for US Government encryption.
  • TDES - Triple Data Encryption Standard (DES). TDES uses the DES algorithm three (3) times, with three (3) different keys of 64 bits each (192 bits total), to encrypt the data. Although single DES has been decertified by the US Commerce Dept, TDES is still approved but discouraged.

You may choose any of the algorithms for any given backup. The type of encryption can be specified globally for a given FDR step by an operand on the DUMP statement. Alternatively, you can specify or override the encryption method for specific backups.

The encryption algorithms are implemented in software in FDR modules and do not depend on any installed encryption hardware or assist. However, FDRCRYPT uses hardware assist on IBM processors if enabled. FDRCRYPT does not use IBM ICSF encryption software for any of the algorithms. This insures that your data can be decrypted at any disaster site with any processor type and any operating system.

FDRCAMS REPRO encryption overview

FDRCAMS is a program that is executed instead of the IBM program IDCAMS, in other words, you code PGM=FDRCAMS instead of PGM=IDCAMS. Under FDRCAMS, all the normal functions of IDCAMS are available, using the normal IDCAMS statements and JCL. However, for any REPRO function, FDRCAMS can optionally encrypt or decrypt any sequential data set written or read by that REPRO statement.

In addition to changing the PGM= in the step, you must include an FDRCRYPT DD statement which provides FDRCAMS encryption options. In these options, you specify which sequential REPRO files are to be encrypted or decrypted and the encryption algorithms and keys to be used.

When encrypting, FDRCAMS defaults to AES-128, but you can specify any of the encryption algorithms listed above for backups (AES or TDES). FDRCAMS does not compress the data before encrypting.

FDRCAMS may be used to encrypt data files that are exchanged with other companies or government agencies. The receiving company may not be licensed for FDRCRYPT, so a no-charge licensed copy of FDRCAMS, called FDRDECRY, can be installed for use on any z/OS system. This no-charge copy can be used to decrypt a file encrypted by FDRCAMS; it can also be used to encrypt data in a way that can be decrypted only by FDRCAMS, for sending data in the reverse direction.

Key management overview

When encrypting, you can specify the FDRCRYPT encryption keys to be used, or you can let FDRCRYPT randomly generate the keys (for backups, this means that a different key is used for each DASD volume backed up). If you specify the keys, you can provide different keys for different DASD volumes or REPRO files, even in the same step.

Although it may seem simpler to use the same encryption key for all files, this reduces the security of your files, since if an unauthorized person gets the key for one file, they have access to all your data. It is far better to let FDRCRYPT generate random keys (different for each file or backup).

The FDRCRYPT optional master key allows FDRCRYPT to reconstruct the actual encryption key used for a given file, in case the actual keys are lost or unavailable. You may choose to use a single master key for all your FDRCRYPT outputs, or use unique master keys for different sets of files and backups. The master keys must be kept very secure, known only to select trusted individuals. You can specify the master key on an FDRCRYPT control statement, or you can securely store master keys in special security system (for example, IBM RACF) profiles that only FDRCRYPT can access.

FDRCRYPT stores the encryption key used for each file in an FDR “Encryption Keyfile” on DASD. This Encryption Keyfile must be kept secure. Only those individuals who need to initialize or display the Encryption Keyfile should have authority to use it (FDRCRYPT users do not have to be authorized to use the Encryption Keyfile).

In the output listing of each FDR, FDRABR, or FDRCAMS job using encryption, FDRCRYPT displays the encryption key used for each encrypted file, unless you include an operand to suppress that display. This allows the listings to serve as a backup source for the encryption keys, but those listings must also be stored securely. The master key is never displayed.

When restoring from an encrypted FDR backup or reading an encrypted file with REPRO, the encryption key used to create the file must be supplied. If the Encryption Keyfile is available, the keys for each file read are read from it. If not, you can specify the encryption key or provide the master key (if a master was used) or the RSA private key (if a RSA public key was used).

Warning

If the actual encryption key or the master/private key is not available, then there is no way to restore from the encrypted backup tape or to decrypt the encrypted sequential file.

Copying encrypted backups

The FDR backup copy utilities FDRTCOPY and FDRTSEL are enhanced by FDRCRYPT to allow you to encrypt or decrypt while copying a backup. You can create an unencrypted copy from an encrypted backup, or create an encrypted copy from an unencrypted backup. Encrypted copies are recorded in an FDRCRYPT Encryption Keyfile.

By default, these copy utilities copy an encrypted backup as is, without changing the encryption. In fact, they usually copy the encrypted data without decrypting or re-encrypting it. The only exceptions are functions that must examine or modify the copied backup, such as the FDRTSEL ARCEDIT function; in this case, the data is decrypted, modified or examined, and re-encrypted.

It is possible to copy an encrypted file and change the encryption on the output copy, using a different encryption algorithm and/or encryption keys. Please contact BMC Support for guidance if you have a need to do this.

Important

You must not copy or read an encrypted sequential file created with FDRCAMS REPRO with any other program or access method (even IDCAMS REPRO). Only FDRCAMS REPRO can be used to read and decrypt the file.

zEDC restriction

zEDC (zEnterprise Data Compression), an optional compression accelerator on z12 and z13 CPUs, designed for fast compression with low CPU overhead, cannot be used with FDRCRYPT.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*