The RACF KDFAES algorithm
- Each instance of a RACF® password injects randomly generated text into the encryption process. This prevents the use of pre-computed password hashes. That is, an offline attack must perform the full encryption process for every password guess, as opposed to simply comparing the password hash against a list of pre-computed values. This slows down the attack, making it take much longer to guess passwords.
- Thousands of hash operations are performed against the password and random text in order to generate a key which is then used to encrypt the user ID. This also serves to slow down an offline attack, which must perform the same number of operations for each password guess. However, the authorized user logging on to the system using his clear text password will not notice the increased overhead.
SETROPTS PASSWORD(ALGORITHM(KDFAES))When KDFAES is enabled, existing DES passwords will continue to evaluated properly by RACF. User passwords do not need to be changed. When the user next changes his password, it will be encrypted using the KDFAES algorithm. The PWCONVERT operand of the ALTUSER command can be used to transform a DES password (but not a password phrase) into a KDFAES password without requiring the password to be changed.
Keep in mind that if you have backups of the RACF database containing passwords that were encrypted using DES or masking, they are more susceptible to offline attacks. If the hash represents the same clear text password as the user's current password, and an attacker is able to guess the value, it can be used to log on to the user's account even if the current password is encrypted using KDFAES. The EXPIRED operand of the ALTUSER command can be used to mark a password as expired, requiring it to be changed at the next logon. This can help accelerate the password change process.