This feature provides a new set of TDGSS Quality of Protection (QoP) algorithms to meet current security standards for message encryption and integrity. The following cipher modes have been added:
- Galois/Counter Mode (GCM)
- Counter with Cipher Block Chaining-MAC (CCM)
- Counter Mode (CTR)
Benefits
- New QoPs are backwards compatible with current QoPs and can be configured to work together.
- This feature provides compliance with National Institute of Standards and Technology (NIST) standards and recommendations for block cipher modes, secure hash standards, and keyed-hash message authentication codes.
Considerations
- GCM and CCM are authenticated encryption modes.
- CCM mode is not supported in Java.
- GCM mode is supported in Java 1.8 and later.
- Enabling QoPs or modes other than those that are enabled by default requires a TPA restart.
- TDGSS must be upgraded to enable this feature on Unity.
Additional Information
For more information on AES-GCM Quality of Protection, see Teradata Vantageā¢ NewSQL Engine Security Administration, B035-1100.