IBM Z Hardware and Operating Systems Ideas Portal


This is the public portal for all IBM Z Hardware and Operating System related offerings. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas

  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Add a new idea Subscribe
Status Not under consideration
Workspace IBM Z and LinuxONE Systems Hardware
Categories Crypto HW
Created by Guest
Created on Jan 20, 2017

RELATED IDEAS

Calculation of ECC public key from private key

An ECC private key in the clear is derived by some function and will be used later for signatures. The corresponding ECC public key can be calculated from the private key.
This function is probably available in the Crypto Express 5 cards of IBM, but not callable from outside.
Thousands of ECC keys will be created by the application.
The ECC curve intended to be used is NIST P256.

Idea priority Urgent
  • Guest
    Reply
    |     Aug 24, 2020

    Due to processing by IBM, this request was reassigned to have the following updated attributes:
    Brand - Servers and Systems Software
    Product family - z Systems Hardware
    Product - z Systems Hardware
    Component - Crypto HW

    For recording keeping, the previous attributes were:
    Brand - Servers and Systems Software
    Product family - z Systems Hardware
    Product - z Systems Hardware
    Component - Security / Crypto

  • Guest
    Reply
    |     Nov 15, 2019

    Not in plan.

  • Guest
    Reply
    |     May 2, 2018

    Is this still a requirement?

    1 reply
  • Guest
    Reply
    |     Mar 10, 2017

    This is our current understanding of your requirement:
    Needed by: October 2017, better June
    UDX Solution Acceptable: UDX only as a temporary solution, possible would also be some C-Source that does the job outside the card/ICSF, based on a development contract to deliver a piece of software
    - Needed only on mainframe (ICSF) (z13 w/CEX5)
    - Only Prime Curve P256 so far
    Your comments concerning performance:
    For one calculation not more than 400ms, the less the better.
    Until Mid 2018 I expect not more than 40 calculations per day.
    Until Mid 2019 I expect 5 calculations per minute.
    After that is unpredictable, but not more than 10 per second (spread over two physical mainframes).

    Based on your schedule, initially we would not be able to provide the support through base z13 MCLs, however another solution path is possible via UDX and we can work with you and the ECCC team in Denmark on the solution until we can make it available in the z13.

    One additional comment. You mentioned the following: "Lately somebody told me that not every random number can be a private key for an elliptic curve, but that both private and public key can be generated from a random number, similar to a seed. A solution like this would be possible also."
    It is our understanding that the ECC private key is a random number bounded by ECC bit length. Then only after knowing ECC Private key can the ECC Public Key be calculated. Elliptic curve cryptography, consisting of a private key d (a randomly selected integer in the interval [1,n-1]) and a public key Q (where Q=dG).

  • Guest
    Reply
    |     Mar 8, 2017

    Sorry for the delay. What month/year do you need the support? Are you open to a UDX as a solution?

  • Guest
    Reply
    |     Feb 26, 2017

    Yes, the private key will be created outside the adapter.
    It will be provided in the clear.
    You can choose the format for the input, maybe a special kind of key token.

    As output a CCA ECC public key token would be possible. It can also be a private key token containing private and public key in the clear - if this exists. In this case your function could just complete the input token.
    We need to be able to extract the public key part from the token. The public key can also be returned just as a byte array if this is easier for you.

    We will create certificates out of the public key under some CA chain later on.

    Please let me know your considerations in short time. We need to decide soon if we wait for an adapter or ICSF solution or look for a third party lib to do the job.

  • Guest
    Reply
    |     Feb 24, 2017

    Are we correct in understanding that you would like to create your own ECC private key outside the adapter have the adapter create the public key?
    If so, will the private key be provided encrypted or in the clear? Do you want the public key returned in a CCA ECC public key token? What is the expected output format?

By clicking the "Post Comment" or "Submit Idea" button, you are agreeing to the IBM Ideas Portal Terms of Use.
Do not place IBM confidential, company confidential, or personal information into any field.