Message encryption

By using message encryption, a message sender can be sure that the content of the message has not been modified before reaching the recipient.

When an application places a message on a queue, IBM® IBM WebSphere® MQ Advanced Message Security checks if the target queue has an IBM WebSphere MQ Advanced Message Security policy for signing or encryption. If encryption is required, IBM WebSphere MQ Advanced Message Security signs and encrypts the data.

In addition to the signing process, IBM WebSphere MQ Advanced Message Security encrypts the message data with a symmetric key, using the encryption algorithm specified in the IBM WebSphere MQ Advanced Message Security policy associated with the target queue. The message is then addressed to each potential recipient specified in that policy, using the users' public keys.

When an application retrieves the message from the queue, IBM WebSphere MQ Advanced Message Security verifies the signature and decrypts the message data using the private key of the recipient user.