Key/Number | Description |
Session Key | The session key is calculated separately by the |
| SM and the BAM, using the Authentication |
| Key, the ESN, and the random number. This |
| key is sent to the AP by the BAM – like the |
| other keys, it never goes over the air. The |
| network operator or the subscriber never sees |
| this key. This key is either 56 bits (DES) or |
| 128 bits (AES) in length. |
Random Number | A random number is generated by the BAM |
| and used during each attempt by an SM to |
| register and authenticate. The subscriber or |
| network operator never sees this number. This |
| is a 128 bit number. |
Of the three numbers presented in Table 2, only the Authentication Key is settable by the network operator and it must be set both in the BAM and in the SM. Further information about Canopy’s authentication process is detailed in Bandwidth and Authentication (BAM) User Guide.
ENCRYPTION
The Canopy system also has provisions for the
Data Encryption Standard (DES)
DES is an encryption standard that uses an encryption technique developed in the mid 1970s by IBM and then adopted by the Federal government as a federal standard in 1977 for protecting sensitive, but not classified data. DES was designed so that even if someone knows some of the plain text data and the corresponding ciphertext, there is no way to determine the key without trying all possible keys. The strength of DES encryption based security rests on the size of the key and the proper protection of the key.1 The following paragraphs discuss details of DES from the document entitled, Federal Information Processing Standards (FIPS) PUB
The Data Encryption Standard (DES) specifies two Federal Information Processing Standards (FIPS) approved cryptographic algorithms as required by FIPS
1Security Complete, Adapted from Active Defense, by Chris Brenton with Cameron Hunt.
5
