Fixed Key Encryption; Encryption Settings - IDTECH SecureHead User Manual

4. Fixed Key Encryption

Fixed key encryption is available in ID TECH Mode or Other mode. In ID TECH Mode, the MSR data
sent out can be configured as either ID TECH Decoded Format or ID TECH RAW Format. In Other
mode, the MSR data sent out is always be in RAW format. The encryption algorithm will always be
TDES.

4.1. Encryption Settings

An Authentication Process is required before a security related command is executed to ensure the
device key used is correct. For example, Authentication is needed whenever the encryption is
enabled, disabled, or the device key is changed. Until the device is restarted, this process will not be
needed again.
Get Encrypt Challenge
1. Navigate to the Encryption menu and select Get Encrypt Challenge.
2. Get Encrypt Challenge Command 02 54 00 05 02 52 74 03 27 03 50 is sent to the
reader.
3. The reader responds with 8-byte encrypted data, 06 02 < Encrypted Data > 03 LRC.
Send Authentication Data
The host must verify the device key used to pass the Authentication Process.
1. Input key. A window will display.
2. Input key for Authentication where prompted.
3. Enter the current encryption key to decrypt the 8-byte data
4. Select "Use Default key". (In case when the reader is using default key.)
The default key used in demo software decryption is 16 byte zero
"00000000000000000000000000000000".
SecureHead™ Demo Program
Page | 11