AES Security Mechanism Configuration
Advanced settings for AES Encryption include the following in CBF. Typically, no changes are required. For more information on these parameters, see online help.
Security, System, Mechanisms, aes, enabled = true
Security, System, Mechanisms, aes, module = gcsaes
Security, System, Mechanisms, aes, entry = gcs_aes
Security, System, Mechanisms, aes, aes_key_size = 128
Security, System, Mechanisms, aes, rsa_key_size = 1024
Security, System, Mechanisms, aes, rsa_key_scope = process
Performance Impact of RSA Key Settings
RSA key generation for an AES encrypted connection can significantly impact the time required to make a new connection. Consider these settings:
• Using the rsa_key_scope=process option can reduce the amount of time for establishing subsequent connections when a process makes more than one connection.
• Increasing rsa_key_size may increase the security level but will likely cause longer connect times because larger RSA keys take longer to generate.
Note: RSA key settings do not affect performance after the connection is made.