User's Manual

ENCRYPTION

OVERVIEW OF ENCRYPTION

272 ENVOY™ TRANSCEIVER REFERENCE MANUAL

Overview of encryption

NOTE: You must have the CES or AES hardware option fitted and the option

enabled in the transceiver to use these methods of encryption.

In order to communicate securely between two stations, both stations must use the

same channel frequency and secure key or code. The CES and AES encryptors may

be programmed with multiple secure keys, any one of which may be selected. For

secure communications within your organisation you must set up secure keys that are

common to all transceivers in your organisation. CIVS uses standard codes that

provide a basic level of voice encryption. You can select a different code for the

encryption, but you cannot change the codes to make them unique to your

organisation.

NOTE: Codan’s KMS may be used to generate secure keys and to fill the CES

and AES encryptors.

You can pre-set:

• the available encryptors

• the tasks that an operator may perform at user level

• the status of encryption at power up and when scanning is switched off

• the secure key prefixes

• whether or not encryption can be switched off

The encryptors have some common features and some encryptor-specific features.

Table 13: Features available with CIVS, CES and AES encryption

Feature CIVS Voice CES-128

Voice

AES-256

Digital Voice

AES-256

Digital Data

Secure mode N/A Global/Corpor

ate

N/A N/A

Base key N/A Yes N/A N/A

PIN for secure session N/A Optional N/A N/A

Standby mode (including clear

Tx)

N/A Yes N/A N/A

Setting secure status at power up

and scan off

Yes Yes Yes Yes

Selecting secure key/code Yes Yes Yes Yes

Editing secure key N/A Yes Yes Yes