TDGSS Mode Attribute | Teradata Vantage - 17.10 - Mode - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

The Mode class defines the encryption mode types supported by TDGSS. The Mode attribute values shown in the Quality of Protection (QOP) must appear on this list.

If you use Java Cryptography Extensions (JCE), the mode types must match the mode types supported by TDGSS.
Mode Type Description
NONE Encryption not enabled
CBC Cipher-block Chaining

An operational mode for a block cipher, in which a set number of bits is encrypted as a single unit or block with a cipher key applied to the entire block.

CFB Ciphertext Feedback

An operational mode for block cipher, in which plaintext values are encrypted and transferred one at a time.

ECB Electronic Code Book

An operational mode for a block cipher in which each possible block of plaintext has a defined corresponding ciphertext value.

For compatibility with legacy Teradata systems only.

OFB Output Feedback

An operational mode for a block cipher that permits encryption of differing block sizes, but the output of the encryption block function is the feedback instead of the cipher text.

For compatibility with legacy Teradata systems only.

GCM Galois/Counter Mode

An operational mode for block cipher that uses universal hashing over a binary Galois field to provide authenticated encryption.

CCM Counter with Cipher Block Chaining-MAC

An operational mode for block cipher that combines counter mode encryption and CBC-MAC authentication.

CTR Counter Mode

An operational mode for block cipher that turns a block cipher into a stream cipher. It generates the next key stream block by encrypting successive values of a "counter."

This list of supported modes does not change unless you install a new release of TDGSS that supports a different set of encryption modes.