Open topic with navigation

ENCRYPTION-ALGORITHM

  (server version 5.06 or later - updated 5.57)

(Default = 2 / S-Series and older 5)      

ENCRYPTION-ALGORITHM  0 .. 5                                                                   

Specifies the type of data encryption used between the MOMI PC Client and the MOMI Server in the TCP/IP data flow.

The following settings are available:

0 - None

 

1 - FAS

 

2 - AES 

 

3 - FAS No Port

 

4 - AES No Port

 

5 - FAS 2

 

0 - None means that normal MOMI traffic is not encrypted. This provides the highest level of performance with the lowest CPU cost.

1 - FAS uses a proprietary algorithm with a 256 bit asymmetric key to provide a "Fast and Simple" encryption of the data. A fairly high level of performance is obtained with a modest CPU cost.

2 - AES uses the Advance Encryption Standard with a 256 bit key with an industry standard algorithm. The performance impact varies depending on the NonStop CPU. The System should be checked after selecting this option to insure no adverse amount of processor is being consumed.

3 - FAS No Port uses a proprietary algorithm with a 256 bit asymmetric key to provide a "Fast and Simple" encryption of the data. A fairly high level of performance is obtained with a modest CPU cost. This algorithm may be is automatically selected if the TCP/IP dynamic port varies between the MOMI PC Client and MOMI Server.

4 - AES No Port uses the Advance Encryption Standard with a 256 bit key with an industry standard algorithm. The performance impact varies depending on the NonStop CPU. The System should be checked after selecting this option to insure no adverse amount of processor is being consumed. This algorithm may be is automatically selected if the TCP/IP dynamic port varies between the MOMI PC Client and MOMI Server.

5 - FAS 2 uses a proprietary algorithm with a 256 bit asymmetric key to provide a "Fast and Simple" encryption of the data. A fairly high level of performance is obtained with a modest CPU cost. This implementation is improved over the original 1 - FAS algorithm.

Regardless of the chosen setting note the following:

• Logon information is always (and always has been) encrypted.

 

• Header and control information in the data flow may not be encrypted.

 

• The encryption level may be automatically downgraded to comply with US export controls.

 

Generally speaking, MOMI takes advantage of the multiple processing running within its environment and pushes encryption processing down-to the level where a request is actually serviced. This push helps to limit the amount of encryption overhead that occurs in the higher priority processes of a MOMI subsystem. See Process Priority for additional information on how MOMI divides its workload.

Example:

                                       == Encrypt type AES

ENCRYPTION-ALGORITHM 2