NSA Suite B Cryptography in IBM MQ

This topic provides information about how to configure IBM MQ on Windows, Linux , and UNIX to conform to the Suite B compliant TLS 1.2 profile.

Over time, the NSA Cryptography Suite B Standard is updated to reflect new attacks against encryption algorithms and protocols. For example, some CipherSpecs might cease to be Suite B certified. When such changes occur, IBM MQ is also updated to implement the latest standard. As a result, you might see changes in behavior after applying maintenance. The IBM WebSphere MQ Version 7.5 readme file lists the version of Suite B enforced by each product maintenance level. If you configure IBM MQ to enforce Suite B compliance, always consult the readme file when planning to apply maintenance. See IBM MQ, WebSphere MQ, and MQSeries® product readmes.

On Windows, UNIX, and Linux systems, IBM MQ can be configured to conform to the Suite B compliant TLS 1.2 profile at the security levels shown in Table 1.
Table 1. Suite B security levels with allowed CipherSpecs and digital signature algorithms
Security level Allowed CipherSpecs Allowed digital signature algorithms
128-bit ECDHE_ECDSA_AES_128_GCM_SHA256
ECDHE_ECDSA_AES_256_GCM_SHA384
ECDSA with SHA-256
ECDSA with SHA-384
192-bit ECDHE_ECDSA_AES_256_GCM_SHA384 ECDSA with SHA-384
Both 1 ECDHE_ECDSA_AES_128_GCM_SHA256
ECDHE_ECDSA_AES_256_GCM_SHA384
ECDSA with SHA-256
ECDSA with SHA-384
  1. It is possible to configure both the 128-bit and 192-bit security levels concurrently. Since the Suite B configuration determines the minimum acceptable cryptographic algorithms, configuring both security levels is equivalent to configuring only the 128-bit security level. The cryptographic algorithms of the 192-bit security level are stronger than the minimum required for the 128-bit security level, so they are permitted for the 128-bit security level even if the 192-bit security level is not enabled.
Note: The naming conventions used for the Security level do not necessarily represent the elliptic curve size or the key size of the AES encryption algorithm.


CipherSpec conformation to Suite B

Although the default behavior of IBM MQ is not to comply with the Suite B standard, IBM MQ can be configured to conform to either, or both security levels on Windows, UNIX and Linux systems. Following the successful configuration of IBM MQ to use Suite B, any attempt to start an outbound channel using a CipherSpec not conforming to Suite B results in the error AMQ9282. This activity also results in the MQI client returning the reason code MQRC_CIPHER_SPEC_NOT_SUITE_B. Similarly, attempting to start an inbound channel using a CipherSpec not conforming to the Suite B configuration results in the error AMQ9616.

For more information about IBM MQ CipherSpecs, see Enabling CipherSpecs


Suite B and digital certificates

Suite B restricts the digital signature algorithms which can be used to sign digital certificates. Suite B also restricts the type of public key which certificates can contain. Therefore IBM MQ must be configured to use certificates whose digital signature algorithm and public key type are allowed by the configured Suite B security level of the remote partner. Digital certificates which do not comply with the security level requirements are rejected and the connection fails with error AMQ9633 or AMQ9285.

For the 128-bit Suite B security level, the public key of the certificate subject is required to use either the NIST P-256 elliptic curve or the NIST P-384 elliptic curve and to be signed with either the NIST P-256 elliptic curve or the NIST P-384 elliptic curve. At the 192-bit Suite B security level, the public key of the certificate subject is required to use the NIST P-384 elliptic curve and to be signed with the NIST P-384 elliptic curve.

To obtain a certificate suitable for Suite B compliant operation, use the runmqakm command and specify the -sig_alg parameter to request a suitable digital signature algorithm. The EC_ecdsa_with_SHA256 and EC_ecdsa_with_SHA384 -sig_alg parameter values correspond to elliptic curve keys signed by the allowed Suite B digital signature algorithms.

For more information about the runmqakm command, see runmqckm and runmqakm options. Note: The iKeycmd and iKeyman tools do not support the creation of digital certificates for Suite B compliant operation.


Creating and requesting digital certificates

To create a self-signed digital certificate for Suite B testing, see Creating a self-signed personal certificate on UNIX, Linux, and Windows

To request a CA-signed digital certificate for Suite B production use, see Requesting a personal certificate on UNIX, Linux, and Windows. Note: The certificate authority being used must generate digital certificates which satisfy the requirements described in IETF RFC 6460.


FIPS 140-2 and Suite B

The Suite B standard is conceptually similar to FIPS 140-2, as it restricts the set of enabled cryptographic algorithms in order to provide an assured level of security. The Suite B CipherSpecs currently supported can be used when IBM MQ is configured for FIPS 140-2 compliant operation. It is therefore possible to configure IBM MQ for both FIPS and Suite B compliance simultaneously, in which case both sets of restrictions apply.

The following diagram illustrates the relationship between these subsets:


Configure IBM MQ for Suite B compliant operation

For information about how to configure IBM MQ on Windows, UNIX and Linux for Suite B compliant operation, see Configure IBM MQ for Suite B.

IBM MQ does not support Suite B compliant operation on the IBM i and z/OS® platforms. The IBM MQ Java and JMS clients also do not support Suite B compliant operation.