Encrypted Files On The Ip Phone - Mitel 6867i Administrator's Manual

Mitel 6800 Series SIP Phone Release 4.2.0 Administrator Guide

ENCRYPTED FILES ON THE IP PHONE

An encryption feature for the IP phone allows Service Providers the capability of storing
encrypted files on their server to protect against unauthorized access and tampering of sensitive
information (i.e. user accounts, login passwords, registration information). Service Providers
also have the capability of locking a phone to use a specific server-provided configuration only.
CONFIGURATION FILE ENCRYPTION METHOD
Only a System Administrator can encrypt the configurations files for an IP Phone. System
Administrators use a password distribution scheme to manually pre-configure or automatically
configure the phones to use the encrypted configuration with a unique key.
From a Microsoft Windows command line, the System Administrator uses an Mitel-supplied
configuration file encryption tool called "anacrypt.exe" to encrypt the <mac>.tuz file.
Note: Mitel also supplies encryption tools to support Linux platforms (anacrypt.linux) if
required.
This tool processes the plain text <mac>.cfg, <model>.cfg, and startup.cfg files and creates
triple-DES encrypted versions called <mac>.tuz, <model>.tuz, and startup.tuz.
Note: In releases previous to 4.0.0 SP1, the "startup.tuz" file was named "aastra.tuz".
Apart from the file names, the "startup.tuz" file acts as an identical replacement for the
"aastra.tuz" file. Releases including and above 4.0.0 SP1 support both the "startup.tuz"
and "aastra.tuz" files, but if the "startup.tuz" file is available, the phone will disregard the
"aastra.tuz" file (if available). The "aastra.tuz" file will be used if the "startup.tuz" file is
unavailable and will continue to be supported going forward to ensure backwards
compatibility with existing customer deployments.
Encryption is performed using a secret password that is chosen by the administrator.
The encryption tool is also used to create an additional encrypted tag file called security.tuz,
which controls the decryption process on the IP phones. If security.tuz is present on the
TFTP/FTP/HTTP server, the IP phones download it and use it locally to decrypt the configuration
information from the startup.tuz and <mac>.tuz files. Because only the encrypted versions of
the configuration files need to be stored on the server, no plain-text configuration or passwords
are sent across the network, thereby ensuring security of the configuration data.
To make changes to the configuration files, the System Administrator must save the original files.
Note: If the use of encrypted configuration files is enabled (via security.tuz or
pre-provisioned on the IP phone) the startup.cfg, <model>.cfg, and <mac>.cfg files are
ignored, and only the encrypted equivalent files startup.tuz, <model>.tuz, and <mac>.tuz
are read.
The security feature described above prevents unauthorized parties from reading or writing
the contents of the <MAC>.tuz file. It also provides the following:
• Prevents users from using the <MAC>.tuz file that does not match the user's phone MAC
address.
7-3