Technical Solutions for COBOL

English |


Redvers Hashing Algorithm - Frequently Asked Questions

Why have you written this product in COBOL?

We've taken the unusual step of writing and delivering this software in the form of COBOL source code subroutines because we understand how important it is to have a product that is easily integrated with existing applications.

Another advantage is that customers already running COBOL applications will already be familiar with the terminology, characteristics and capabilities of COBOL based programs.

How do I install this software?

The Redvers Hashing Algorithm is sold in COBOL source code form and installed by copying to your site source code library and running your standard COBOL compiler. Compilation at client sites enables installation on multiple platforms and ensures complete compatibility with all other COBOL applications on the platform.

In order to protect both clients and ourselves from unauthorized code changes, the source code has been "cloaked" using the Redvers Cloaking Device. This process makes no logical difference to the code but renders it unintelligible to humans.

What are the technical limitations?

As the product is written in COBOL and compiled using the standard site compiler, the limitations are the same as those placed on all other applications at the site.

Is this software compatible with ASCII as well as EBCDIC based character sets?

Yes, all our products run on ASCII and EBCDIC platforms. No code changes are necessary.

Is this software compatible with sites using "little-endian" binary storage?

Yes, all our products run on "big-endian" and "little-endian" platforms. No code changes are necessary.

Can I use a hash total instead of encryption?

Although SHA hashing can be used to safely represent confidential information, it cannot be used as a substitute for data encryption if the original data string needs to be recovered. This is because data information is destroyed in the hashing process, making it impossible to recover the original data string from a message digest. If decryption is required, an NIST validated encryption/decryption algorithm like the Redvers Encryption Module is recommended.

What's the difference between the SHA-1, SHA-2 and SHA-3 hash totals?

SHA-1 always produces a hash total of 160 bits (20 bytes). SHA-2 and SHA-3 hash totals can be 224 bits (28 bytes), 256 bits (32 bytes), 384 bits (48 bytes) or 512 bits (64 bytes) long depending on the last three digits of the algorithm name. Therefore, SHA-2-224 produces a hash 224 bits long and SHA-3-512 produces a hash 512 bits long. The longer the hash, the less chance of a hash total "collision" - when two different message texts produce the same hash total.

Although there is no visible difference between SHA-2 and SHA-3 hash totals of the same length, the hash (message digest) will have been built using very different algorithms. SHA-2 is based on block cipher techniques, while the newer SHA-3 algorithm, also known as the Keccak algorithm, is a sponge type construction. While SHA-1 may have security vulnerabilities, SHA-2 and SHA-3 are both regarded as safe by NIST.

Do you support truncated SHA 512 functions, SHA-512/224 and SHA-512/256?

Yes. Truncated SHA 512 functions, SHA-512/224 and SHA-512/256 are now supported with a simple SET ... TRUE in the calling communication block. Resulting logic conforms to the SHA-512/224 and SHA-512/256 definitions described in NIST's FIPS Publication 180-4.

Do you also support the latest SHA-3, SHAKE128 and SHAKE256 algorithms?

Yes. Following the final publication of FIPS Publication 202 in August 2015, we have updated the block padding requirements as defined in FIPS 202 and included logic for Extendable-Output functions SHAKE128 and SHAKE256.

You haven't answered the question I had in mind.

If your question isn't listed above, please use our Contact page to ask any questions you may have and we will provide an answer as soon as possible.

Download a free 30 day trial here...