16.20 - TDGSS Support for AES-GCM Quality of Protection - Teradata Vantage NewSQL Engine

Teradata Vantageā„¢ NewSQL Engine Release Summary

prodname
Teradata Database
Teradata Vantage NewSQL Engine
vrm_release
16.20
created_date
March 2019
category
Release Notes
featnum
B035-1098-162K

This feature provides a new set of TDGSS Quality of Protection (QoP) algorithms to meet current security standards for message encryption and integrity. The following cipher modes have been added:

  • Galois/Counter Mode (GCM)
  • Counter with Cipher Block Chaining-MAC (CCM)
  • Counter Mode (CTR)

Benefits

  • New QoPs are backwards compatible with current QoPs and can be configured to work together.
  • This feature provides compliance with National Institute of Standards and Technology (NIST) standards and recommendations for block cipher modes, secure hash standards, and keyed-hash message authentication codes.

Considerations

  • GCM and CCM are authenticated encryption modes.
  • CCM mode is not supported in Java.
  • GCM mode is supported in Java 1.8 and later.
  • Enabling QoPs or modes other than those that are enabled by default requires a TPA restart.
  • TDGSS must be upgraded to enable this feature on Unity.

Additional Information

For more information on AES-GCM Quality of Protection, see Teradata Vantageā„¢ NewSQL Engine Security Administration, B035-1100.