Redvers Encryption Module - Frequently Asked Questions
Why have you written this product in COBOL?
We've taken the unusual step of writing and delivering this software in the form of COBOL source code subroutines because we understand how important it is to have a product that is easily integrated with existing applications.
Another advantage is that customers already running COBOL applications will already be familiar with the terminology, characteristics and capabilities of COBOL based programs.
How do I install this software?
The Redvers Encryption Module programs are sold in COBOL source code form and are installed by copying to your site source code library and running your standard COBOL compiler. Compilation at client sites enables installation on multiple platforms and ensures complete compatibility with all other COBOL applications on the platform.
In order to protect both clients and ourselves from unauthorized code changes, the source code has been "cloaked" using the Redvers Cloaking Device. This process makes no logical difference to the code but renders it unintelligible to humans.
What are the technical limitations?
As the product is written in COBOL and compiled using the standard site compiler, the limitations are the same as those placed on all other applications at the site.
Can I use another product to decrypt data encrypted by the Redvers Encryption Module?
Yes. The Redvers Encryption Module uses the standard AES algorithm to encrypt and decrypt data, therefore other products conforming to the FIPS PUB 197 and Special Publication 800-38A or Special Publication 800-38G specifications will be able to decrypt ciphertext generated by the Redvers Encryption Module.
In addition, the Redvers Encryption Module will also be able to decrypt ciphertext generated by other standard AES encryption products.
Can the NSA decrypt ciphertext created by the Redvers Encryption Module?
Almost certainly not. The NSA had no input or influence over the design of the Rijndael algorithm (developed by two Belgian cryptographers, Vincent Rijmen and Joan Daemen) which later became the Advanced Encryption Standard (AES) algorithm. Even the NSA uses AES to secure their own top secret information. Redvers Consulting has no contact or agreement with the NSA.
As far as concerns about data leakage or the use of "backdoors", this would be an impossible task for a COBOL subroutine to perform without using file SELECT, OPEN and CLOSE statements. The Redvers Encryption Module is delivered in COBOL source code form and compiled on site, using the standard site compiler. It is therefore simply not possible for our subroutines to secretly access any external communication channel.
For more information, see comments by security expert Bruce Schneier.
Is this software compatible with ASCII as well as EBCDIC based character sets?
Yes, all our products run on ASCII and EBCDIC platforms. No code changes are necessary.
Is this software compatible with sites using "little-endian" binary storage?
Yes, all our products run on "big-endian" and "little-endian" platforms. No code changes are necessary.
Can the Redvers Encryption Module produce a format-preserved ciphertext?
Yes, Format-Preserving Encryption is now available using one of five additional confidentiality modes: FFN, FFU, FFL, FFM and FFA to produce any numeric, upper case, lower case, mixed case or alphanumeric ciphertext respectively. The algorithm used (FF2), is defined in NIST Special Publication 800-38G.
Although Special Publication 800-38G is currently in draft status, the final publication is unlikely to result in any significant alteration to the underlying FF2 algorithm. If a significant change is required, Redvers Consulting will issue an update to the format-preserving logic.
What are the benchmark statistics?
Encryption rates are 125,000 bytes per second running ECB confidentiality mode with a 256 bit key. Decryption rates are 60,000 bytes per second running ECB mode with a 256 bit key. Decryption rates similar to encryption rates can be achieved if CFB, OFB or CTR confidentiality modes are used, as these modes use the forward cipher for encryption and decryption. All benchmark timings were performed on an IBM zSeries mainframe running z/OS 1.10.
You haven't answered the question I had in mind.
If your question isn't listed above please use our Contact page to ask any questions you may have and we will provide an answer as soon as possible.