NSA Suite B Cryptography in IBM MQ
This topic provides information about how to configure IBM® MQ on Windows, Linux®, and UNIX to conform to the Suite B compliant TLS 1.2 profile.
Over time, the NSA Cryptography Suite B Standard is updated to reflect new attacks against encryption algorithms and protocols. For example, some CipherSpecs might cease to be Suite B certified. When such changes occur, IBM MQ is also updated to implement the latest standard. As a result, you might see changes in behavior after applying maintenance. The IBM WebSphere® MQ 7.5 readme file lists the version of Suite B enforced by each product maintenance level. If you configure IBM MQ to enforce Suite B compliance, always consult the readme file when planning to apply maintenance.
| Security level | Allowed CipherSpecs | Allowed digital signature algorithms |
|---|---|---|
| 128-bit |
ECDHE_ECDSA_AES_128_GCM_SHA256
ECDHE_ECDSA_AES_256_GCM_SHA384 |
ECDSA with SHA-256
ECDSA with SHA-384 |
| 192-bit | ECDHE_ECDSA_AES_256_GCM_SHA384 | ECDSA with SHA-384 |
| Both 1 |
ECDHE_ECDSA_AES_128_GCM_SHA256
ECDHE_ECDSA_AES_256_GCM_SHA384 |
ECDSA with SHA-256
ECDSA with SHA-384 |
- It is possible to configure both the 128-bit and 192-bit security levels concurrently. Since the Suite B configuration determines the minimum acceptable cryptographic algorithms, configuring both security levels is equivalent to configuring only the 128-bit security level. The cryptographic algorithms of the 192-bit security level are stronger than the minimum required for the 128-bit security level, so they are permitted for the 128-bit security level even if the 192-bit security level is not enabled.
CipherSpec conformation to Suite B
Although the default behavior of IBM MQ is not to comply with the Suite B standard, IBM MQ can be configured to conform to either, or both security levels on Windows, UNIX and Linux systems. Following the successful configuration of IBM MQ to use Suite B, any attempt to start an outbound channel using a CipherSpec not conforming to Suite B results in the error AMQ9282. This activity also results in the MQI client returning the reason code MQRC_CIPHER_SPEC_NOT_SUITE_B. Similarly, attempting to start an inbound channel using a CipherSpec not conforming to the Suite B configuration results in the error AMQ9616.
For more information about IBM MQ CipherSpecs, see Enabling CipherSpecs
Suite B and digital certificates
Suite B restricts the digital signature algorithms which can be used to sign digital certificates. Suite B also restricts the type of public key which certificates can contain. Therefore IBM MQ must be configured to use certificates whose digital signature algorithm and public key type are allowed by the configured Suite B security level of the remote partner. Digital certificates which do not comply with the security level requirements are rejected and the connection fails with error AMQ9633 or AMQ9285.
For the 128-bit Suite B security level, the public key of the certificate subject is required to use either the NIST P-256 elliptic curve or the NIST P-384 elliptic curve and to be signed with either the NIST P-256 elliptic curve or the NIST P-384 elliptic curve. At the 192-bit Suite B security level, the public key of the certificate subject is required to use the NIST P-384 elliptic curve and to be signed with the NIST P-384 elliptic curve.
To obtain a certificate suitable for Suite B compliant operation, use the runmqakm command and specify the -sig_alg parameter to request a suitable digital signature algorithm. The EC_ecdsa_with_SHA256 and EC_ecdsa_with_SHA384 -sig_alg parameter values correspond to elliptic curve keys signed by the allowed Suite B digital signature algorithms.
Creating and requesting digital certificates
To create a self-signed digital certificate for Suite B testing, see Creating a self-signed personal certificate on UNIX, Linux, and Windows
FIPS 140-2 and Suite B
IBM Crypto for Ccryptographic module. The certificate for this module has been moved to the Historical status. Customers should view the IBM Crypto for C certificate and be aware of any advice provided by NIST. A replacement FIPS 140-3 module is currently in progress and its status can be viewed by searching for it in the NIST CMVP modules in process list.
The Suite B standard is conceptually similar to FIPS 140-2, as it restricts the set of enabled cryptographic algorithms in order to provide an assured level of security. The Suite B CipherSpecs currently supported can be used when IBM MQ is configured for FIPS 140-2 compliant operation. It is therefore possible to configure IBM MQ for both FIPS and Suite B compliance simultaneously, in which case both sets of restrictions apply.
The following diagram illustrates the relationship between these subsets:
Configuring IBM MQ for Suite B compliant operation
For information about how to configure IBM MQ on Windows, UNIX and Linux for Suite B compliant operation, see Configuring IBM MQ for Suite B.
IBM MQ does not support Suite B compliant operation on the IBM i and z/OS® platforms. The IBM MQ Java and JMS clients also do not support Suite B compliant operation.