Encryption and security

The data types Crypto, and CryptoX are used to encrypt passwords and other types of confidential information. The Java™ Cryptography Extension (JCE) is used to perform encryption.

JCE can use variables to transform the input data into encrypted data. By default, the DESede encryption algorithm and its defaults are used for the other values. Crypto and CryptoX use the DESede encryption algorithm.

The following table describes the data types Crypto and CryptoX.
Table 1. Crypto and CryptoX data types
Data type Data stored Algorithm
CryptoX User passwords
  • One-way encryption
  • Stores password in encrypted format (cannot be decrypted or displayed)
  • Internally, the encrypted version is used
Crypto Information that you want to decrypt or display
  • Two-way encryption
  • Information can be decrypted and displayed to users
You can configure the encryption settings in the maximo.properties file. You can configure the encryption data types to be consistent with industry guidelines and government guidelines. You can also configure encryption to make your system more secure: key, mode, padding, and spec. The following table describes the encryption settings.
Table 2. Encryption settings
Encryption property Settings for JCE and DESede

mxe.security.crypto.key

mxe.security.cryptox.key

 Length must be a multiple of 24

mxe.security.crypto.mode

mxe.security.cryptox.mode
  • CBC - Cipher Block Chaining Mode
  • CFB - Cipher Feedback Mode
  • ECB - Electronic Codebook Mode
  • OFB - Output Feedback Mode
  • PCBC - Propagating Cipher Block Chaining

mxe.security.crypto.padding

mxe.security.cryptox.padding
  • NoPadding
  • PKCS5Padding

mxe.security.crypto.spec

mxe.security.cryptox.spec

 Length must be a multiple of 8
Parent topic: Security process
Parent topic: Encrypting properties for security