ADSM-L
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Encryption

2005-06-15 12:53:44
Subject: Re: Encryption
From: Alexei Kojenov <kojenova AT US.IBM DOT COM>
To: ADSM-L AT VM.MARIST DOT EDU
Date: Wed, 15 Jun 2005 09:38:30 -0700 
Hello Bill,

>    How are people maintaining the encryption keys for recoveries,
>    specifically disaster recovery (not stored in the TSM.PWD)?

One needs to either remember the encryption key password(s) or store them
in a safe place. Once the password is lost, there is no way to restore the
encrypted data.


>    What effects does it have on backup/restore performance.

Generally, it will slow down backup/restore operations.
Encryption/decryption speed relies on the processor and RAM performance.
The overhead will vary depending on these two factors, and may be not very
big.
Our tests also showed that the new 128-bit AES encryption available in 5.3
client is faster than the legacy 56-bit DES. I'd also recommend using AES
because of its improved encryption strength.


>    Is there much impact to the amount of data?

No. In case of DES, the encrypted length equals to the original data
length. For AES, the encrypted data may grow a little, only up to 15 bytes
per file.



Alexei Kojenov
TSM Client Development
kojenova AT us.ibm DOT com
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Bare Metal Restore for  Windows 2003 / Disaster recovery of Windows 2003, Egon Blouder
Next by Date:  Re: TSM dsmserv loadformat errors, Lawrence Clark
Previous by Thread:  Encryption, William Sherrill
Next by Thread:  Re: Encryption, Thomas Denier
Indexes:  [Date] [Thread] [Top] [All Lists]