Encryption Key Auto Exchange Settings And Encryption Key Manual Settings - Ricoh AFICIO MP C305SP Manual

5. Enhanced Network Security
• For successful authentication, the sender and receiver must specify the same authentication
algorithm and authentication key. If you use the encryption key auto exchange method, the
authentication algorithm and authentication key are specified automatically.
AH protocol
The AH protocol provides secure transmission through authentication of packets only, including
headers.
• For successful authentication, the sender and receiver must specify the same authentication
algorithm and authentication key. If you use the encryption key auto exchange method, the
authentication algorithm and authentication key are specified automatically.
AH protocol + ESP protocol
When combined, the ESP and AH protocols provide secure transmission through both encryption
and authentication. These protocols provide header authentication.
• For successful encryption, both the sender and receiver must specify the same encryption
algorithm and encryption key. If you use the encryption key auto exchange method, the
encryption algorithm and encryption key are specified automatically.
• For successful authentication, the sender and receiver must specify the same authentication
algorithm and authentication key. If you use the encryption key auto exchange method, the
authentication algorithm and authentication key are specified automatically.
• Some operating systems use the term "Compliance" in place of "Authentication".

Encryption Key Auto Exchange Settings and Encryption Key Manual Settings

This machine provides two key setting methods: manual and auto exchange. Using either of these
methods, agreements such as the IPsec algorithm and key must be specified for both sender and
receiver. Such agreements form what is known as an SA (Security Association). IPsec communication is
possible only if the receiver's and sender's SA settings are identical.
If you use the auto exchange method to specify the encryption key, the SA settings are auto configured
on both parties' machines. However, before setting the IPsec SA, the ISAKMP SA (Phase 1) settings are
auto configured. After this, the IPsec SA (Phase 2) settings, which allow actual IPsec transmission, are
auto configured.
Also, for further security, the SA can be periodically auto updated by applying a validity period (time
limit) for its settings. This machine only supports IKEv1 for encryption key auto exchange.
If you specify the encryption key manually, the SA settings must be shared and specified identically by
both parties. To preserve the security of your SA settings, we recommend that they are not exchanged
over a network.
Note that for both the manual and auto method of encryption key specification, multiple settings can be
configured in the SA.
146