Manualshelf

User manual

ManualsBrandsMotorola ManualsComputer equipmentWIRELESS BROADBAND ROUTER WR850GP - S 6.1.4
11121314151617181920
AP User Manual January 2004
Software Release 4.1
4 ADVANCED FEATURES
The following features are available in the Canopy system but not required for basic operation.
4.1 SECURITY FEATURES
Canopy systems employ the following forms of encryption for security of the wireless link:
BRAID–a security scheme that the cellular industry uses to authenticate wireless
devices.
DES–Data Encryption Standard, an over-the-air link option that uses secret 56-bit keys
and 8 parity bits.
AES–Advanced Encryption Standard, an extra-cost over-the-air link option that
provides extremely secure wireless connections. AES uses 128-bit secret keys as
directed by the government of the U.S.A. AES is not exportable and requires a special
AP to process the large keys.
4.1.1 BRAID
BRAID is a stream cipher that the TIA (Telecommunications Industry Association) has
standardized. Standard Canopy APs and SMs use BRAID encryption to
calculate the per-session encryption key (independently) on each end of a link.
provide the digital signature for authentication challenges.
4.1.2 DES Encryption
Standard Canopy modules provide DES encryption. DES performs a series of bit permutations,
substitutions, and recombination operations on blocks of data. DES Encryption does not affect the
performance or throughput of the system.
4.1.3 AES Encryption
Motorola also offers Canopy products that provide AES encryption. AES uses the Rijndael
algorithm and 128-bit keys to establish a higher level of security than DES. Because of this higher
level of security, the government of the U.S.A. controls the export of communications products that
use AES to ensure that these products are available in only certain regions. The Canopy distributor
or reseller can advise service providers about current regional availability.
4.1.4 AES-DES Operability Comparisons
This section describes the similarities and differences between DES and AES products, and the
extent to which they may interoperate.
Key Consistency
The DES AP and the DES Backhaul timing master module are factory-programmed to enable or
disable DES encryption. Similarly, the AES AP and the AES Backhaul timing master module are
factory-programmed to enable or disable AES encryption.
In either case, the authentication key entered in the Backhaul Configuration page establishes the
encryption key. For this reason, the authentication key must be the same on each end of the
backhaul link.
Issue 5 Page 19 of 102