CP Assist for Cryptographic Functions (CPACF)

CPACF instructions provide the potential for significantly improved performance of cryptographic operations. CPACF supports various symmetric algorithms, including DES, TDES, and AES, algorithms for elliptic curve cryptography (ECC), and SHA-based digest algorithms:

• On IBM z15™ and later: ECC algorithms for curves P-256, P-384, P-521, Curve25519, and Curve448 for clear and protected keys are available.
• On IBM z14® and later: SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHAKE128, and SHAKE256 algorithms are available. A true random number generator is available.
• On z114 systems and later: SHA-224, SHA-256, SHA-384, and SHA-512 algorithms are available.
• On all IBM Z® systems: SHA-1 algorithm is available. AES, DES, and TDES algorithms for clear and protected keys are available and random number generation is provided.

The feature code LIC #3863 must be activated before you can use CPACF on the system. However, hash functions can be performed by CPACF without this feature code.

As of IBM z14, every central processor (CP) has one CPACF for every central processor (CP), and therefore, CPACF encryption throughput roughly scales with the number of CPs in the system.

The CPACF hardware that performs the symmetric key operations (AES, TDES, DES), and SHA functions, operates synchronously to CP operations. The CP cannot execute any other instruction while a CPACF cryptographic operation is being processed. The hardware has a fixed set up time per request and a fixed operation speed for the unit of operation. Therefore maximum performance can typically be achieved for larger blocks of data. These instructions operate on buffers of arbitrary length, up to a hardware defined limit.

For information about how to exploit the protected key facilities of CPACF read libzpc - A Protected-Key Cryptographic Library.