ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » AES-256 Encryption and Decryption in IIB

Post new topic  Reply to topic
 AES-256 Encryption and Decryption in IIB « View previous topic :: View next topic » 
Author Message
itzsk
PostPosted: Fri Jul 24, 2020 12:44 am    Post subject: AES-256 Encryption and Decryption in IIB Reply with quote

Newbie

Joined: 24 Jul 2020
Posts: 3

Hi,

We have a requirement to encrypt and decrypt messages in IIB 10.
Can you please refer to any documentation or ideas around it ?
Back to top
View user's profile Send private message
abhi_thri
PostPosted: Fri Jul 24, 2020 1:49 am    Post subject: Reply with quote

Knight

Joined: 17 Jul 2017
Posts: 516
Location: UK

hi...you could write java to do the encryption/decryption or reuse one of the existing java modules which provides such functionality and call it from IIB.

Found an IIB plugin which deals with encryption/decryption but only supports RSA,

https://www.ibm.com/developerworks/websphere/library/techarticles/1412_mohta/1412_mohta.html
Back to top
View user's profile Send private message
gbaddeley
PostPosted: Sun Jul 26, 2020 7:57 pm    Post subject: Reply with quote

Jedi

Joined: 25 Mar 2003
Posts: 2492
Location: Melbourne, Australia

Can you elaborate on the requirement? There may be other approaches.

Are you looking at private key encryption or PKI ?

Key management is a big issue. The private keys or certificates must be very securely stored.

Java supports AES encryption, so you could build a wrapper library for IIB flows.
_________________
Glenn
Back to top
View user's profile Send private message
itzsk
PostPosted: Tue Jul 28, 2020 10:40 pm    Post subject: Reply with quote

Newbie

Joined: 24 Jul 2020
Posts: 3

Hi,

We need to implement the AES-256 encryption and decryption.
I was trying to understand if there is a possibility to store the keys in keystore and retrive them with a label name.
One approach was to build a IIB node to encrypt and decrypt and have a property for label to pick the right certificate from keystore.

Please let me know if I am thinking in the right direction.
Back to top
View user's profile Send private message
gbaddeley
PostPosted: Wed Jul 29, 2020 5:24 pm    Post subject: Reply with quote

Jedi

Joined: 25 Mar 2003
Posts: 2492
Location: Melbourne, Australia

itzsk wrote:
Hi,
We need to implement the AES-256 encryption and decryption.
I was trying to understand if there is a possibility to store the keys in keystore and retrive them with a label name.
One approach was to build a IIB node to encrypt and decrypt and have a property for label to pick the right certificate from keystore.
Please let me know if I am thinking in the right direction.

OK. What is the payload coming in & going out? MQ messages? Is the encryption / decryption confined to the broker, or will other external apps also be encrypting / decrypting payloads?. ie. Are you securing payloads within IIB, or across integration paths (eg. MQ, http, DB) ?
_________________
Glenn
Back to top
View user's profile Send private message
itzsk
PostPosted: Mon Aug 03, 2020 10:32 pm    Post subject: Reply with quote

Newbie

Joined: 24 Jul 2020
Posts: 3

We need to encrypt a message from an internal system using AES 256 in IIB and send it to an external system using http REST Service. Decryption will happen in an external system outside our network.

When an external system sends an encrypted message, we need to decrypt the message and deliver to internal system again.
Back to top
View user's profile Send private message
gbaddeley
PostPosted: Tue Aug 04, 2020 4:07 pm    Post subject: Reply with quote

Jedi

Joined: 25 Mar 2003
Posts: 2492
Location: Melbourne, Australia

itzsk wrote:
We need to encrypt a message from an internal system using AES 256 in IIB and send it to an external system using http REST Service. Decryption will happen in an external system outside our network.
When an external system sends an encrypted message, we need to decrypt the message and deliver to internal system again.

Is the security requirement for protection of data across the network? HTTPS would meet this requirement, and you wouldn't need to worry about private key management.
_________________
Glenn
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » AES-256 Encryption and Decryption in IIB
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
 
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.