Code CR2500 Code FIPS Manual do Utilizador Página 3
- Página / 8
- Índice
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
C005590_01_CR2500_CR3500_User Manual_Appendix H 2
An Authencaon is iniated on the reader. If the Authencaon completes successfully on the reader, and the reader
is aached to a modem, the Authencaon informaon is transferred to the modem aer being encrypted with the KEK.
If the Authencaon is completed successfully on the modem it returns an acknowledgement to the reader.
Inializaon – This is the service that can update the passwords for the roles plus update the KEK on the modules.
Only the CO role has access to the Inializaon service. Acvaon of this service is accomplished through reading a
Data Matrix bar code that contains the Inializaon command plus the new passwords for both roles and a new KEK.
An Inializaon is iniated on the reader. If the Inializaon completes successfully on the reader, and the reader is
aached to a modem, the Inializaon informaon is transferred to the modem aer being encrypted with the old
KEK. If the Inializaon is completed successfully on the modem, it returns an acknowledgement to the reader. All
subsequent non-data communicaons between the reader and the modem are encrypted with the new KEK.
Transming Encrypted Data – This is the service that transmits data from the reader to the modem using the FIPS
approved AES-256 encrypon scheme. Only the Reader role has access to this service. Acvaon of this service is
accomplished through compleng authencaon in the Reader role and reading a bar code containing data. If the
transmission is successful the reader will indicate by ashing an LED light amber.
Zeroizaon – This is the service that removes any customized passwords and KEK from the modules. Either role can
access this service at any me. Aer Zeroizaon the modules will not return to FIPS mode unl the Inializaon service
has been invoked. Acvaon of this service is accomplished through reading a Data Matrix bar code that contains the
Zeroizaon command. A Zeroizaon is iniated on the reader. If the Zeroizaon completes successfully on the reader,
and the reader is aached to a modem, the Zeroizaon informaon is transferred to the modem. If the Zeroizaon is
completed successfully on the modem it returns and acknowledgement to the reader.
Crical Security Parameters (CSPs)
The modules ulize four CSPs. They consist of the CO role password, the Reader role password, the KEK and the Trac
Encrypon Key (TEK). The passwords and KEK are updated through the Inializaon process and the TEK is internally
generated by the reader module.
Passwords and keys are made up of hexidecimal characters represenng ASCII characters. Hexidecimal values are
represented in text by a subscript ‘hex’ as in 1D
hex
. In programming, the passwords and KEK are represented by a leading
‘%’ - %1D.
CO role password – this 64 bit password is used to authencate the CO role. The modules are shipped with a default
CO password of the word ‘password’ that can only be used to inialize the modules with new CO and Reader role
passwords and a new KEK. The modules will not transfer encrypted data using the default password. A 64 bit password
is constructed out of eight ASCII characters that can be represented by the hexadecimal digits 20
hex
through FF
hex
.
Construcng a password to use in the Inializaon process is covered below.
Reader role password – this 64 bit password is used to authencate the Reader role. A 64 bit password is constructed
out of eight ASCII characters that can be represented by the hexadecimal digits 20
hex
through FF
hex
. Construcng a
password to use in the Inializaon process is covered below.
Key Encrypon Key (KEK) – this 265 bit key is used by an AES algorithm to encrypt transmissions of passwords and keys
between the reader and modem modules. A 256 bit password is constructed out of 32 ASCII characters that can be
represented by the hexadecimal digits 20
hex
through FF
hex
. Construcng a password to use in the Inializaon process is
covered below.
Trac Encrypon Key (TEK) – this 256 bit key is used by an AES algorithm to encrypt transmissions of data from the
reader to the modem. The modem ulizes the same TEK to decrypt the data. The TEK is generated by the reader and is
Manuais e produtos relacionados com Equipamento Code CR2500 Code FIPS
Equipamento Code CR2500 Manual do Utilizador
(62 páginas)
(62 páginas)
Equipamento Code CR4100 Manual do Utilizador
(9 páginas)
(9 páginas)
Equipamento Code CR3500 Manual do Utilizador
(64 páginas)
(64 páginas)
Equipamento Code CodeXML Router Manual do Utilizador
(21 páginas)
(21 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.103 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais