Motorola Wireless Broadband Platform User Manual

Page 9

Advertising
background image

5

Key/Number

Description

Session Key

The session key is calculated separately by the
SM and the BAM, using the Authentication
Key, the ESN, and the random number. This
key is sent to the AP by the BAM – like the
other keys, it never goes over the air. The
network operator or the subscriber never sees
this key. This key is either 56 bits (DES) or
128 bits (AES) in length.

Random Number

A random number is generated by the BAM
and used during each attempt by an SM to
register and authenticate. The subscriber or
network operator never sees this number. This
is a 128 bit number.

Of the three numbers presented in Table 2, only the Authentication Key is settable by the
network operator and it must be set both in the BAM and in the SM. Further information
about Canopy’s authentication process is detailed in Bandwidth and Authentication
(BAM) User Guide.

E

NCRYPTION

The Canopy system also has provisions for the industry-accepted DES with key
management via the Telecommunications Industry Association (TIA) standard BRAID
cryptosystem. In addition, the Canopy system provides for AES for customers who
require the most secure networks available. These encryption techniques are transparent
to network firewalls, Dynamic Host Configuration Protocol (DHCP) servers and Network
Address Translation (NAT) devices.

Data Encryption Standard (DES)

DES is an encryption standard that uses an encryption technique developed in the mid
1970s by IBM and then adopted by the Federal government as a federal standard in 1977
for protecting sensitive, but not classified data. DES was designed so that even if
someone knows some of the plain text data and the corresponding ciphertext, there is no
way to determine the key without trying all possible keys. The strength of DES
encryption based security rests on the size of the key and the proper protection of the
key.

1

The following paragraphs discuss details of DES from the document entitled,

Federal Information Processing Standards (FIPS) PUB 46-3 Data Encryption Standard
(DES):

The Data Encryption Standard (DES) specifies two Federal Information
Processing Standards (FIPS) approved cryptographic algorithms as required by
FIPS 140-1. Encrypting data converts it to an unintelligible form called cipher.

1

Security Complete, Adapted from Active Defense, by Chris Brenton with Cameron Hunt.

Advertising
Popular Brands
Popular manuals