User guide

ManualsBrandsMotorola ManualsOther5440SM - Canopy 5.4 GHz Subscriber Module

431

432

433

434

435

436

437

438

439

440

Canopy System User Guide Encrypting Radio Transmissions

pmp-0229 (Mar 2013)

429

AES Encryption

Cambium also offers fixed wireless broadband IP network products that provide AES encryption.

AES uses the Rijndael algorithm and 128-bit keys to establish a higher level of security than DES.

Because of this higher level of security, the government of the U.S.A. controls the export of

communications products that use AES (among which the AES feature activation key is one) to

ensure that these products are available in only certain regions and by special permit.

The distributor or reseller can advise service providers about current regional availability. AES

products are certified as compliant with the Federal Information Processing Standards (FIPS) in

the U.S.A. The National Institute of Standards and Technology (NIST) in the U.S.A. has specified

AES for significantly greater security than that which DES provides. NIST selected the AES

algorithm for providing the best combination of security, performance, efficiency, implementation,

and flexibility. NIST collaborates with industry to develop and apply technology, measurements,

and standards.

AES-DES Operability Comparisons

This section describes the similarities and differences between DES and AES products, and the

extent to which they may interoperate.

The DES AP and the DES BHM modules are factory-programmed to enable or disable DES

encryption. Similarly, the AES AP and the AES BHM modules are factory-programmed to enable

or disable AES encryption. In either case, the authentication key entered in the Configuration page

establishes the encryption key. For this reason, the authentication key must be the same on each

end of the link.

Feature Availability

AES products run the same software as DES products. Thus feature availability and functionality

are and will continue to be the same, regardless of whether AES encryption is enabled. All

interface screens are identical. However, when encryption is enabled on the Configuration screen

• the AES product provides AES encryption.

• the DES product provides DES encryption.

AES and DES products use different FPGA (field-programmable gate array) loads. However, the

AES FPGA will be upgraded as needed to provide new features or services similar to those

available for DES products.

Canopy DES products cannot be upgraded to AES. To have the option of AES encryption, the

operator must purchase AES products.

Interoperability

AES and DES products do not interoperate when enabled for encryption. For example, An AES

AP with encryption enabled cannot communicate with DES SMs. Similarly, an AES Backhaul

timing master module with encryption enabled cannot communicate with a DES Backhaul timing

slave module.