Db2 security: Modes, settings, links

This blog post is one of those bookmark articles for my own memory. I hope you enjoy it or find it useful nonetheless…

Security modes in Db2

I stumbled over a new page in the Db2 12.1 documentation, titled Security modes in Db2. It shows the three levels of security which Db2 provides to help comply with the government standards such as NIST SP800-131A and FIPS 140-2. The levels are NOFIPS, FIPS compatibility, and STRICT_FIPS mode. The levels can be activated by setting the Db2 registry variable DB2AUTH, or just an environment variable on client side, or similar variables for LDAP security.

The three security modes are needed to offer a choice somewhere between strict security / compliance and keeping applications up and running (usability of security settings). From my perspective it is a consequence of some (NIST--) certified security modules no longer being secure, and seemingly secure replacements not yet certified or deployable.

RSA algorithm and IBM GSKit

At the core for the new settings is a problem in the IBM Global Security Kit (GSKit). Timing attacks in RSA-based decryption can lead to a vulnerability. The possible attack is from 2023 with more details from 2024. Here are the related links for background reading:

Official CVE-2023-33850
IBM GSKit-Crypto information disclosure on the IBM X-Force site. It provides an overview of impacted products and related support notices.
Known Issue (KI) DT223175 for Db2.
The Db2 KI entry points to this Security Bulletin for additional information.

In some documents there is the term “FIPS ICC”. FIPS is NIST-issued “Federal Information Processing Standards” and in the context of cryptography refers to the FIPS 140 series with FIPS 140-2 and FIPS 140-3 used most often. ICC stands for the “IBM® Crypto for C” security module.

The IBM Crypto for C security module has been certified under the NIST Cryptographic Module Validation Program (CMVP). The relevant versions are

IBM Crypto for C version 8.6.0.0 which is used in the GSKit prone to the attack and is/was FIPS 140-2 compliant.
BM Crypto for C version 8.8.1.0 which is secure, used in newer GSKit versions, and FIPS 140-3 compliant.

But there are also non-certified versions of the IBM Crypto for C security module, e.g., to quickly address issues. That creates the dilemma for administrators of opting towards either security or compliance (or usability or some pragmatic mixture).

Security features and settings are constantly changing

So much on some background reading on a new feature. 😅💦.

While looking into the above topic, I also noticed the many security features listed on the Db2 12.1 discontinued functionality page. It is an indicator that security is not static, but constantly changing. There is a mandate/requirement for “crypto agility” that keeps administrator on their heels and challenges organizations.

BTW: Are you quantum-ready…? 😉

If you have feedback, suggestions, or questions about this post, please reach out to me on Mastodon (@data_henrik@mastodon.social) or LinkedIn.