Skip to main content

Techdocs Library > White papers >

Transporting AES encrypted data keys

Document Author:

Philippe Richard1

Document ID:


Doc. Organization:

IBM Systems

Document Revised:


Product(s) covered:

Crypto Coprocessor; DFSMS/MVS; z13; z13s; z14; z196; zEC12; zEnterprise 196; z/OS

Abstract: Dataset Encryption is one of the major pillars of Pervasive Encryption.
When you start implementing dataset encryption, you will start asking yourself:
• How can I exchange my encrypted data with my other LPARs or remote site?
• How can I exchange my encrypted data with my business partners?
• Should I send my data along with its encryption key?
• How can I exchange my secured keys?
The purpose of this document is to describe the procedures that can be used to transport secured AES encrypted data keys form one host system to another.
We will cover different scenarios that we have implemented, and for each we will describe the procedures that we have used to perform the key transportation.

Transporting AES DATA keys new.pdfTransporting AES DATA keys new.pdf


Hardware; Software




IBM Security Solution


IBM System z Family




CPACF crypto express pervasive encryption CEX6S CEX5S protected keys AES wrapping key labels

The Techdocs Library
Is this your first visit to Techdocs (the Technical Sales Library)?

Learn more

Techdocs QuickSearch