|
|
|
|
|
|
Link-Level Encryption
Link-level encryption (LLE) establishes data privacy for messages moving over the network links that connect the machines in a BEA Tuxedo application. It employs the symmetric key encryption technique (specifically, RC4), which uses the same key for encryption and decryption.
When LLE is being used, the BEA Tuxedo system encrypts data before sending it over a network link and decrypts it as it comes off the link. The system repeats this encryption/decryption process at every link through which the data passes. For this reason, LLE is referred to as a point-to-point facility.
LLE can be used on the following types of BEA Tuxedo links:
There are three levels of LLE security: 0-bit (no encryption), 56-bit (International), and 128-bit (United States and Canada). The International LLE version allows 0-bit and 56-bit encryption. The United States and Canada LLE version allows 0, 56, and 128-bit encryption.
How LLE Works
LLE control parameters and underlying communication protocols are different for various link types, but the setup is basically the same in all cases:
The first configuration parameter is the minimum encryption level that a process will accept. It is expressed as a key length: 0, 56, or 128 bits. The second configuration parameter is the maximum encryption level a process can support. It also is expressed as a key length: 0, 56, or 128 bits.
For convenience, the two parameters are denoted as (min, max) in the discussion that follows. For example, the values "(56, 128)" for a process mean that the process accepts at least 56-bit encryption but can support up to 128-bit encryption.
Encryption Key Size Negotiation
When two processes at the opposite ends of a network link need to communicate, they must first agree on the size of the key to be used for encryption. This agreement is resolved through a two-step process of negotiation.
Determining Min-Max Values
When either of the two processes starts up, the local BEA Tuxedo software (1) checks the bit-encryption capability of the installed LLE version by checking the LLE licensing information in the lic.txt file and (2) checks the LLE min-max values for the particular link type as specified in the two configuration files. The local software then proceeds as follows:
After the min-max values are determined for the two processes, the negotiation of key size begins. The negotiation process need not be encrypted or hidden. Once a key size is agreed upon, it remains in effect for the lifetime of the network connection.
The following table shows which key size, if any, is agreed upon by two processes when all possible combinations of min-max values are negotiated. The header row holds the min-max values for one process; the far left column holds the min-max values for the other.
|
|
(0, 0) |
(0, 56) |
(0, 128) |
(56, 56) |
(56, 128) |
(128, 128) |
|---|---|---|---|---|---|---|
|
(0, 0) |
0 |
0 |
0 |
ERROR |
ERROR |
ERROR |
|
(0, 56) |
0 |
56 |
56 |
56 |
56 |
ERROR |
|
(0, 128) |
0 |
56 |
128 |
56 |
128 |
128 |
|
(56, 56) |
ERROR |
56 |
56 |
56 |
56 |
ERROR |
|
(56, 128) |
ERROR |
56 |
128 |
56 |
128 |
128 |
|
(128, 128) |
ERROR |
ERROR |
128 |
ERROR |
128 |
128 |
The BEA Tuxedo system offers some backward compatibility for LLE.
Interoperating with Release 6.5 BEA Tuxedo Software
The following table shows which key size, if any, is agreed upon by two BEA Tuxedo processes when one of them is running under Release 6.5 and the other under Release 7.1 or later. The header row holds the min-max values for the process running under Release 7.1 or later; the far left column holds the min-max values for the process running under Release 6.5.
|
|
(0, 0) |
(0, 56) |
(0, 128) |
(56, 56) |
(56, 128) |
(128, 128) |
|---|---|---|---|---|---|---|
|
(0, 0) |
0 |
0 |
0 |
ERROR |
ERROR |
ERROR |
|
(0, 40) |
0 |
56 |
56 |
56 |
56 |
ERROR |
|
(0, 128) |
0 |
56 |
128 |
56 |
128 |
128 |
|
(40, 40) |
ERROR |
56 |
56 |
56 |
56 |
ERROR |
|
(40, 128) |
ERROR |
56 |
128 |
56 |
128 |
128 |
|
(128, 128) |
ERROR |
ERROR |
128 |
ERROR |
128 |
128 |
If your current BEA Tuxedo installation is configured for (0, 56), (0, 128), (56, 56), or (56, 128), and you want to interoperate with a Release 6.5 BEA Tuxedo system that is configured for a maximum LLE level of 40 bits, then any negotiation results in an automatic upgrade to 56.
The negotiation result in this case is the same as the negotiation result for two sites running Release 6.5 and configured for a maximum LLE level of 40 bits. In both scenarios, the negotiation results in an automatic upgrade to 56.
Interoperating with Pre-Release 6.5 BEA Tuxedo Software
The following table shows which key size, if any, is agreed upon by two BEA Tuxedo processes when one of them is running under pre-Release 6.5 and the other under Release 7.1 or later. The header row holds the min-max values for the process running under Release 7.1 or later; the far left column holds the min-max values for the process running under pre-Release 6.5.
|
|
(0, 0) |
(0, 56) |
(0, 128) |
(56, 56) |
(56, 128) |
(128, 128) |
|---|---|---|---|---|---|---|
|
(0, 0) |
0 |
0 |
0 |
ERROR |
ERROR |
ERROR |
|
(0, 40) |
0 |
40 |
40 |
ERROR |
ERROR |
ERROR |
|
(0, 128) |
0 |
40 |
128 |
ERROR |
128 |
128 |
|
(40, 40) |
ERROR |
40 |
40 |
ERROR |
ERROR |
ERROR |
|
(40, 128) |
ERROR |
40 |
128 |
ERROR |
128 |
128 |
|
(128, 128) |
ERROR |
ERROR |
128 |
ERROR |
128 |
128 |
If your current BEA Tuxedo installation is configured for (0, 56) or (0, 128), and you want to interoperate with a pre-Release 6.5 BEA Tuxedo system that is configured for a maximum LLE level of 40 bits, then the result of any negotiation is 40.
If your current BEA Tuxedo installation is configured for (56, 56), (56, 128), or (128, 128), then your system cannot interoperate with a pre-Release 6.5 BEA Tuxedo system that is configured for a maximum LLE level of 40 bits. Attempts to negotiate a common key size fail.
WSL/WSH Connection Timeout During Initialization
The length of time a Workstation client can take for initialization is limited. By default, this interval is 30 seconds in an application not using LLE, and 60 seconds in an application using LLE. The 60-second interval includes the time needed to negotiate an encrypted link. This time limit can be changed when LLE is configured by changing the value of the MAXINITTIME parameter for the Workstation Listener (WSL) server in the UBBCONFIG file, or the value of the TA_MAXINITTIME attribute in the T_WSL class of the WS_MIB(5).
LLE Installation and Licensing
As part of the BEA Tuxedo system, LLE software is delivered on the BEA Tuxedo CD-ROM. If you have a BEA Tuxedo Release 7.1 license to use LLE in the United States and Canada, you can use 56-bit or 128-bit encryption. If you have a license to use LLE on a BEA Tuxedo system outside the United States and Canada, you can use 56-bit encryption.
All BEA Tuxedo licenses are stored in the $TUXDIR/udataobj/lic.txt file on a UNIX host machine, or in the %TUXDIR%\udataobj\lic.txt file on a Windows NT host machine.
The following listing is an excerpt from a sample license file for running LLE in the United States and Canada.
[BEA Tuxedo]
VERSION=7.1
LICENSEE=ACME CORPORATION
SERIAL=155566678
ORDERID=
USERS=1000
EXPIRATION=2000-01-31
SIGNATURE=TXmtx+AhQdJgr3sjjznBqRB7SP9Jgr3UzAKctjz+e6RmsFSAhUAhStj
znBQdL9n=
[LINK ENCRYPTION]
VERSION=7.1
LICENSEE=ACME CORPORATION
SERIAL=155566678
ORDERID=
USERS=1000
STRENGTH=128
EXPIRATION=2000-01-31
SIGNATURE=TXUAhSPnx2C9kMC0CFG+e6Rgr3UzmsFKRBPdJASAhU7KctjznBqFQsj
jznBdh0h=
.
.
.
See Also
|
|
|
|
|
|
Copyright © 2000 BEA Systems, Inc. All rights reserved.
|