PGP® Command Line for IBM Mainframes:Specifications & Standards

PGP Integration: PGP Command Line for z/OS Mainframes provides full support for all native functions of PGP including LDAP integration, Additional Decryption Key (ADK), PGP Key Server, and XML configuration.

Encryption is NOT Optional !

Data security is mandated by law:

•  SOX
•  PCI DSS
•  FFIEC

•  GLBA
•  HIPAA
•  HITECH

PGP on z/OS: PGP Command Line supports native z/OS batch operations with JCL and ISPF, as well as providing a USS implementation for use with shell scripts.

Encryption Standards: PGP solutions are built on the widely trusted OpenPGP standard (RFC 2440, RFC 3156).

PGP Corporation has released PGP source code for peer review and validation. The code has undergone more than a decade of intense review by the world's best cryptographers.

The PGP Software Development Kit has been validated to the Federal Information Processing Standard (FIPS) of the U.S. National Institute of Standards and Technology (NIST): FIPS 140-2.

PGP encryption is one of two e-mail encryption standards recommended by the NIST "Guidelines on Electronic Mail Security": NIST 800-45 (*.pdf, 1.35MB).

Versions
• Current: PGP Command Line 9
• Coming 2011: PGP Command Line 10

Operating Systems
• IBM z/OS 1.7 and above
• IBM z/OS USS

Scripting & Batch Interfaces
• z/OS JCL, ISPF, & others
• z/OS USS shell scripts

Public Key Formats
• OpenPGP RFC 2440
• X.509 v3

Directory Servers
• PGP Universal™ Server
• PGP Global Directory
• LDAP

Public Key Algorithms
• Diffie-Hellman
• DSA
(Digital Signature Algorithm FIPS 186-2)
• RSA (up to 4096-bit keys)

Compression Algorithms
• Zip
• Bzip2
• Zlib

Symmetric Key Algorithms
• AES (up to 256-bit keys)
(Advanced Encryption Standard, FIPS 197)
• CAST5
• TripleDES (FIPS 46-3)
• IDEA
• Twofish
• Blowfish*

Hash Algorithms
• SHA-1, SHA-256, SHA-384, SHA-512
(Secure Hash Algorithm, FIPS 180-1, 180-2)
• MD5
• RIPEMD-160

* Support for Blowfish is limited to decrypting existing messages encrypted with Blowfish or encrypting to existing keys that specify Blowfish as the preferred cipher.

PGP Command Line

Pretty Good Privacy works like this...
PKI	Infrastructore provides: Key pairs Signed certificates Find public keys Backup private keys Revocation list

Recipient	Sends public-key_R in certificate to Source.

Source	Authenticates certificate Trusts public-key_R Encrypts w/ public-key_R Hashes & signs w/ private-key_S

Recipient	Decrypts w/ private-key_R Decrypts signature w/ public-key_S Authenticates message against hash from signature

	Mainframe Software	Netview Replacement	Tivoli Netview for z/OS	Netview Mainframe	Netview REXX
	Mainframe FTP	Mainframe SFTP	zOS FTP	z OS TCP/IP	Enterprise Extender