Below you can fined some remarks for the use of AEs within the different compression modes of FLAM4.
FLAM uses this algorithm for encrypting compressed data. Keys of up to 64 characters can be specified (see also the description of the PASSWORD parameter in version 3). Internally, a key of 128 bits is derived (AES- 128) and data security is enhanced by the insertion of verification fields created also with AES (hash-MACs).
This encryption method is activated by setting the parameters CRYPTOMODE=AES and CRYPTOKEY=key and is available with compression modes ADC and NDC (MODE=ADC or MODE=NDC). With CRYPTO-MODE=AES the compression mode defaults to ADC when no MODE-parameter is set.
This fast algorithm, combined with the ADC compression, enables the user to encrypt large amounts of data with a worldwide accepted algorithm.
Using CRYPTOMODE=AES and MODE=ADC/NDC the full FLAMFILE is secured. Any manipulationes will be detected. Therfore a VSAM-KSDS-FLAMFILE cannot be used with this feature. It is created to insert, update, delete any records in the file. This is not allowed.
In some cases it is not necessary to guarantee the completeness of the whole file (file transfer!) but the records must be encrypted. The file itself is not moved.
Using CRYPTOMODE=AES and MODE=CX8/VR8 the full functionality as without encryption is possible for a VSAM-KSDS-FLAMFILE. You can update, delete, insert any original record as before. All records are com-pressed in CX8/VR8 mode, encrypted with an AES-256 algorithm.
It is still a FLAMFILE, but all segments are secured independent from each other and not all together.
At least FLAM (MVS) V4.7 is required for decryption.