16.20 - TDGSS Support for AES-GCM Quality of Protection - Teradata Database - Teradata Vantage NewSQL Engine

Teradata Vantageā„¢ NewSQL Engine Release Summary

Product
Teradata Database
Teradata Vantage NewSQL Engine
Release Number
16.20
Published
March 2019
Content Type
Release Notes
Publication ID
B035-1098-162K
Language
English (United States)
Last Update
2019-05-03

This feature provides a new set of TDGSS Quality of Protection (QoP) algorithms to meet current security standards for message encryption and integrity. The following cipher modes have been added:

  • Galois/Counter Mode (GCM)
  • Counter with Cipher Block Chaining-MAC (CCM)
  • Counter Mode (CTR)

Benefits

  • New QoPs are backwards compatible with current QoPs and can be configured to work together.
  • This feature provides compliance with National Institute of Standards and Technology (NIST) standards and recommendations for block cipher modes, secure hash standards, and keyed-hash message authentication codes.

Considerations

  • GCM and CCM are authenticated encryption modes.
  • CCM mode is not supported in Java.
  • GCM mode is supported in Java 1.8 and later.
  • Enabling QoPs or modes other than those that are enabled by default requires a TPA restart.
  • TDGSS must be upgraded to enable this feature on Unity.

Additional Information

For more information on AES-GCM Quality of Protection, see Teradata Vantageā„¢ NewSQL Engine Security Administration, B035-1100.