User's Manual

ManualsBrandsSchweitzer Engineering Laboratories ManualsElectronicsSEL-3022

100

Table Of Contents

SEL-3022 Transceiver Instruction Manual Date Code 20050615

Wireless Operator Interface Security

The SEL Security Application

C.10

Cryptographic Manual—Do Not Copy

To produce a cryptographically secure signature of a message, NIST designed the

SHA-1 hash function to have the following properties:

➤ Given the SHA-1 hash function, H(m), and its output, h, it is

extremely difficult to derive a message, m, such that H(m) = h.

➤ Given a message, m, it is extremely difficult to find another message,

m', that produces the same SHA-1 hash output.

The first condition states that the output of the SHA-1 hash function used in the HMAC

authentication function does not give away any clues about the form, or classes, of

messages that would likely produce the same hash value. The second condition, known

as collision-resistance, states that there is no bias in the mapping of inputs to outputs

that would aid an attacker in finding messages that produce identical SHA-1 hash

values. Both conditions make it functionally impossible (given all realistic resources)

to alter a message in such a way as to produce the same hash value. The HMAC

specification provides a cryptographically secure way to combine the secret

authentication key and the protected message into the SHA-1 hash function input to

produce a key-dependent message fingerprint.

AES Overview

The AES encryption function uses a 128-bit-long secret key and scrambles the contents

of each frame prior to transmission to provide cryptographically strong data

confidentiality.

Encryption is the process of transforming a digital message from its original form into

a form that an unauthorized individual cannot interpret. The output of the encryption

process is a function of the message and an encryption key (see Figure C.3).

Figure C.3 Operation of the AES Encryption Function

This encryption process must be completely reversible by an authorized individual

with access to the secret decryption key. Authority to read a message is only granted by

sharing knowledge of the secret decryption key. Ideally, only individuals with

knowledge of the decryption key can reverse the encryption operation and interpret the

protected message. There are two main classes of encryption functions. Symmetric key

encryption relies on the same secret key value, K, to perform both the encryption and

decryption transformations. Asymmetric key encryption, on the other hand, uses a

different key for encryption and decryption. For example, asymmetric encryption

Encryption Key Decryption Key

Hi Bob!

*4gu>g

aIL8}2=h

AES

Encrypt

Hi Bob!

AES

Decrypt

Preliminary Copy