|
RSS Feed - WebSphere MQ Support
|
RSS Feed - Message Broker Support
|
|
|
Relative overhead of different MQ ciphers z/OS |
« View previous topic :: View next topic » |
Author |
Message
|
zpat |
Posted: Wed Oct 16, 2024 5:02 am Post subject: Relative overhead of different MQ ciphers z/OS |
|
|
Jedi Council
Joined: 19 May 2001 Posts: 5859 Location: UK
|
We have a busy (1200 per second messages counting both ways) QM sender/receiver to a third-party QM - they use MQ 9.3 on z/OS and we use MQ 9.2 on z/OS.
The channel is active all the time due to the high volume 24x7 traffic.
Currently the cipher is ECDHE_RSA_AES_128_GCM_SHA256 but a proposed change would be to use ECDHE_RSA_AES_256_GCM_SHA384.
Would using the latter cipher cause more overhead on the mainframe? I am just a bit concerned about MIPS usage increasing.
Has IBM published any relative performance or cost figures for these ciphers?
Thanks for any advice. _________________ Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error. |
|
Back to top |
|
|
bruce2359 |
Posted: Wed Oct 16, 2024 10:24 am Post subject: |
|
|
Poobah
Joined: 05 Jan 2008 Posts: 9445 Location: US: west coast, almost. Otherwise, enroute.
|
Wow. I haven't heard MIPS used in decades. MIPS lost most of its meaning with z specialty engines for accomplishing certain workloads (to reduce costs for users) rather than in CP/CPUs.
It depends... on z model hardware and configuration of crypto features. I'd suggest you test this with known test messages.
Search google for 'ibm z hardware cryptography'.
For how, have the z folks on both ends enable RMF and SMF to capture and report on resource usage with current configuration and proposed configuration. _________________ I like deadlines. I like to wave as they pass by.
ב''ה
Lex Orandi, Lex Credendi, Lex Vivendi. As we Worship, So we Believe, So we Live. |
|
Back to top |
|
|
zpat |
Posted: Fri Oct 18, 2024 12:10 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001 Posts: 5859 Location: UK
|
Thanks
I am looking for published figures on the ciphers relative performance.
Actually we might use TLS 1.3 - TLS_AES_256_GCM_SHA384. _________________ Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error. |
|
Back to top |
|
|
|
|
|
|
Page 1 of 1 |
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|
|
|