User's Manual
ENCRYPTION
OVERVIEW OF ENCRYPTION
ENVOY™ TRANSCEIVER REFERENCE MANUAL 273
Secure key
A secure key is a sequence of characters that is used by a CES-128 encryption
algorithm to encrypt voice, or an AES-256 encryption algorithm to encrypt voice or
data. The secure key is contained in an index. The index provides a means of
identifying the key, for example Corp-01 or TEK0001. Typically, each station is
programmed with the same key set so that when a particular index is selected at any
station, the key stored within is the same. Stations need to use the same key to provide
end-to-end secure communication.
The format of a secure key depends upon the encryptor with which it is used.
NOTE: Codan’s KMS may be used to generate secure keys and to fill the CES
and AES encryptors.
Secure keys may also be entered via the user interface of the control point, if
permitted. You can also replace a secure key with a new string of characters. You
cannot read existing secure keys.
CAUTION: If you edit a key, you must make the same change to the same key in
all other transceivers that want to communicate securely with this
station.
Erasing secure key N/A Yes (individual
or all)
Yes (all) Yes (all)
Setting/Locking digital voice
data rate
N/A N/A Yes N/A
Setting/Locking digital voice
mute
N/A N/A Yes N/A
Setting digital mute status at
power up
N/A N/A Yes N/A
Table 13: Features available with CIVS, CES and AES encryption (cont.)
Feature CIVS Voice CES-128
Voice
AES-256
Digital Voice
AES-256
Digital Data
Table 14: Properties of a secure key in CES-128 and AES-256 encryption
Properties CES-128 Voice
Encryption
AES-256 Digital
Voice/Data Encryption
Length of key Index 1: 8 digits
Index 2 to 98: 16 digits
64 characters
Characters Numeric Hexadecimal