AES-CGM?

[batdude]

anyone know what this is?

i have a module here with OFB/XL/AES-256 and AES-CGM

?

[Astro Spectra]

Galois Counter Mode

It provides authentication and encryption so not only are your comms secure but you can tell for certain who you are talking to.

[batdude]

can you explain that? what is the method of authentication? how is it "loaded"? via the KVL?

[tvsjr]

http://en.wikipedia.org/wiki/Galois/Counter_Mode

Used every day in SSH, TLS/SSL, IPSec... I think it's just another algo in a KVL3K+ but I'm not certain.

[alex]

Probably for P25 Radio Authentication. If you read through the power points / spec's it would make sense that is probably how they are doing the handshake.

[simoco]

It's AES with 256 byte, but encrypts the key id / CKR to be txed, that's the only difference between AES-256

And AES-GCM is what you meen Doug, & GCM is the letter's of the guy name who made it.

Xts5000

[Astro Spectra]

It's a Harris algo. There is a paper from those guys on it somewhere, I'll update this when I find it.

[Astro Spectra]

Can't find the paper I remember, but here's another from Harris:

http://data.memberclicks.com/site/sdf/s ... 202419.pdf

[batdude]

excellent read, thanks for the link.


d

[escomm]

Code: Select all

    Key Features
           High Security 
The EID feature provides data encryption services and utilizes Advance Encryption Standard (AES-GCM) algorithm. Ensuring that data remains encrypted as it is transmitted from the system to subscriber radios and vice versa. 

Secure Transfer of Encrypted Data
                                            Once the feature is enabled and appropriately configured radio users will have the ability to
                                            send, or receive authenticated and encrypted data.

Secure Configuration Update
Users have the flexibility of configuring encryption keys by either using the Key Variable Loader (KVL) to load keys manually or a Key Management Facility (KMF) to encrypt keys centrally. Subscriber radio configuration is done using the Customer Programming Software (CPS).

Receive Clear Data
As an option selected by users in CPS, radio users will have the ability to still receive clear Broadcast Data as well as data from internal and/or external applications.

Full Communication Control
When EID is enabled, radio voice calls will always take priority over data encryption services as
the system is capable of blocking data if a voice user is active. As an option, radios users can
ignore received voice calls while data encryption is in progress.

			   Wireless Data Encryption Supported	              
•	Global Positioning System (GPS) receivers
•	Text Messaging Services (TMS)
•	Programming Over Project 25 (POP25)    
•	Automatic Registration Services (ARS)
•	Terminal Data

   Available Products 

The EID feature is supported on all ASTRO® 25 XTL/XTS and APX subscriber radio models.

 	   Subscriber Options and Software Required

To take advantage of the EID feature, subscriber radios must have IV&D Data capability (Q947 / W947), and (UCM Q159) packet data options.

                             The following are required:
•	The KVL software R03.52.45 or later to load keys manually, and the KMF R03.09.20 or later to encrypt keys centrally.
•	The UCM R05.07.10 or later, and the CPS version R14.00.00 or later for XTL/XTS radios.
•	The MACE version R01.02.00 or later, and the CPS R4.00.00 for APX radios.
•	If existing radios does not have (AES-GCM), then purchase AES refresh. 



IMPORTANT NOTE: The Encrypted Integrated Data (EID) feature is NOT compatible with ASTRO® 25 systems using
                                   the Transit 25 feature and CANNOT be used to encrypt Broadcast Data or High Performance Data (HPD)  
                                   features. 

[Astro Spectra]

AES-GCM see the latest Moto UCM Security Policy

Encrypted Integrated Data described in 6871015P45-A 'ASTRO 25 Integrated Voice and Data System Release 7.8 Encrypted Integrated Data'

[radioinstl]

Everyone needs to be aware that AES-GCM is outside of the P25 standard. The standard define what type of AES is to be used for data and it is not AES-GCM.

This is really no different that ADP. This means any Motorola system that uses EID will not work with P25 encrypted data capable radios , only Motorola radios for the data part of the system.