Data Encryption for files sent from OpenVMS to Other Platforms (702 Views)
Reply
Occasional Visitor
Michael Trojak
Posts: 2
Registered: ‎12-20-2006
Message 1 of 14 (702 Views)
Accepted Solution

Data Encryption for files sent from OpenVMS to Other Platforms

Does anyone know of an encryption solution that will encrypt on OpenVMS and decrypt on other (specifically Windows) platforms? I have a situation where we need to transfer sensitive information in text files from our legacy (VMS) system to applications on Windows systems. The Encryption for OpenVMS Version 1.6 states "Inter-system encryption operations with non-OpenVMS platforms are not supported." Has any tried using this product to encrypt on the VMS side and decrypt on another platform? The documentaion states that the VMS Encryption software uses DES standards so it seems likely that they may be done.
Honored Contributor
Karl Rohwedder
Posts: 1,616
Registered: ‎10-29-2003
Message 2 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

There are version of GPG and GnuPG for OpenVMS available, e.g. here:

http://www.antinode.org/dec/sw/gnupg.html

regards Kalle
Honored Contributor
Karl Rohwedder
Posts: 1,616
Registered: ‎10-29-2003
Message 3 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

Btw, the HP OpenVMS homepage has some info also:
http://h71000.www7.hp.com/opensource/opensource.html#gnupg

regards Kalle
HP Pro
Ian Miller.
Posts: 4,371
Registered: ‎06-03-2003
Message 4 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

Encryption for VMS does use standard algorithms to encrypt but as it saves the VMS file attributes etc then its not compatible.

Look at
http://www.gnupg.org/

It's available for VMS at
http://h71000.www7.hp.com/opensource/gnupg.html
____________________
Purely Personal Opinion
Honored Contributor
Steven Schweda
Posts: 9,096
Registered: ‎02-23-2005
Message 5 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

I'd start at:

http://antinode.org/dec/sw/gnupg.html

but I may be biased.

I haven't heard anything (good or bad) about
my GnuPG 1.4.5 kit, and I don't think that
anyone else has tried the (newer) 1.4.6 kit.
I assume that no one is using the stuff in
any very serious way (or perhaps it's all
perfect).

As usual, "text files" can mean many things,
not all of which are easily portable. You
might be wise to start with Stream_LF (or,
perhaps, if the target is Windows, Stream)
record format. The Info-ZIP Zip/UnZip
programs can also attempt to translate text
file line endings, so it might pay to encrypt
a Zip archive instead of the raw text files.
Some experimentation will probably be needed.
Honored Contributor
Andy Bustamante
Posts: 975
Registered: ‎10-24-2003
Message 6 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms


Depending on your business requirements, nother option is to encrypt the link. You can use SSH and port forwarding to create a secure FTP link. See http://h71000.www7.hp.com/doc/83final/BA548_90007/ch05.html for details.

Andy
If you don't have time to do it right, when will you have time to do it over? Reach me at first_name + "." + last_name at sysmanager net
Honored Contributor
Wim Van den Wyngaert
Posts: 4,562
Registered: ‎12-10-2003
Message 7 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

Or use SCP or SFTP of the SSH package.
To transfer big files user smallest number of bits.

Wim
Wim
Respected Contributor
Robert Atkinson
Posts: 797
Registered: ‎07-17-2003
Message 8 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

For a simple solution, you could use ZIP :-

ZIP

UNIX_Options

-P encrypt with specified "password"


Rob.
Honored Contributor
Steven Schweda
Posts: 9,096
Registered: ‎02-23-2005
Message 9 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

> For a simple solution [...]

Simple, but it's not very good encryption.
People offer free programs which claim to
break it, for example.

Also, the documentation suggests using "-e"
(for an interactive password request) as
opposed to "-P password", to avoid
encouraging people to store passwords in
scripts. (But not documenting "-P" has not
eliminated requests for it.)

There is some possibility of the Info-ZIP
programs supporting stronger encryption in
the future, but it may be a while. Depending
on circumstances, currently available
public-key encryption programs might be
better than the currently unavailable
stronger Zip encryption.
Respected Contributor
Robert Atkinson
Posts: 797
Registered: ‎07-17-2003
Message 10 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

As I said, a "simple" solution.
Honored Contributor
Steven Schweda
Posts: 9,096
Registered: ‎02-23-2005
Message 11 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

Death is a simple solution to disease, too,
but it's nice to disclose its side-effects
when obtaining informed consent.
Respected Contributor
Tom O'Toole
Posts: 370
Registered: ‎06-09-2004
Message 12 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms


If VMS is being called 'legacy', a la 'the gartner group', and sensitive data is being moved to windows, maybe informed consent is a little too much to ask...?....

Can you imagine if we used PCs to manage our enterprise systems? ... oops.
Occasional Visitor
Michael Trojak
Posts: 2
Registered: ‎12-20-2006
Message 13 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

Thank goodness there are people out there willing to help secure systems and willing to share the information (GnuPG Project).
Occasional Visitor
Gunnar Schwant
Posts: 3
Registered: ‎02-26-2003
Message 14 of 14 (702 Views)

Re: Data Encryption for files sent from OpenVMS to Other Platforms

Hello,

I had a similar problem as one of our communication partners is running his systems on mainframe architectures (e.g. z/OS). He complained that he cannot use GnuPG because it is not available for mainframes.

I replied that instead of GnuPG one can use any software which is compliant to the OpenPGP standard. There are vendors which provide such software for mainframes. Here are some examples:

MegaCryption: http://www.aspg.com/megacrypt.htm

PGP Command Line: http://www.pgp.com/products/commandline/mainframes/faqs.html#4a

Moreover, it might be interesting for people that MegaCryption received FIPS certification from the National Institute of Standards and Technology recently: http://www.aspg.com/releases/MC_FIPS_Certification_0606.pdf . It supports supports compliancy for a number of state and federal privacy mandates such as: HIPAA, Sarbannes/Oxley, FERPA, Gramm-Leach-Bliley & California SB1386.

Cheers,
Gunnar.
Nobody expects the spanish inquisition!
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.