User's Manual
Avaya Branch Gateway Manager 10.0 Page 66
15-601011 Issue 29r (Friday, November 02, 2012)B5800 Branch Gateway
3. Encryption
Encryption ensures that all data sent by either the system or Branch Gateway Manager cannot be ‘read’ by anyone else,
even another copy of Branch Gateway Manager. Encryption is the application of a complex mathematical process at the
originating end, and a reverse process at the receiving end. The process at each end uses the same ‘key’ to encrypt and
decrypt the data:
Any data sent may be optionally encrypted using a number of well known and cryptographically secure algorithms:
Algorithm
Effective key size (bits)
Use
DES-40
40
Not recommended.
DES-56
56
‘Minimal’ security.
3DES
112
‘Strong’ security.
RC4-128
128
‘Strong’ security.
AES-128
128
‘Very strong’ security.
AES-256
256
‘Very strong’ security.
In general the larger the key size, the more secure the encryption. However smaller key sizes usually incur less
processing. The system supports encryption using the Transport Layer Security (TLS) v1.0 protocol. In addition, many
cryptographic components of the TLS module have been FIPS 140-2 certified, indicating the accuracy of implementation.