Table of Contents
Advertisement
Operation
AES Encryption Security
A modem purchased from the factory with AES Encryption is already capable of encryption.
Modems in the field can be returned to the factory for an encryption upgrade. For modems already
installed in a customer's network, contact your service representative to arrange for an upgrade. A
modem is capable of AES Encryption when the following conditions are met:
•
Both modems must be at Firmware Version 8.3.0.0 or higher.
•
Both modems must be enabled from the factory for AES Encryption.
•
There must be a V.42 or V.42bis link.
•
Both modems must be configured for encryption via expanded AT commands entered at
the modem rear panel terminal port, the SCM craft port or via a Telnet connection.
The sequence of configuration commands is provided below.
AES Encryption Configuration Procedures
1. Access the modem AT command set from the desired management interface. If using the
SCM, ensure that Switch S1-4 on the SCM card is set to the Open position. This is the
factory default which allows the terminal to function with the SCM card.
2. Enter the following AT command: AT&F
3. Configure the modem with the Encryption Key using the following AT command. Encryption
key must be entered in both modems exactly with no errors, spaces, corrections or backspaces.
AT%X1=[Encryption Key]
where the key consists of up to 32 ASCII characters (no commas)
Note
Enter up to16 characters to yield a 128-bit encryption key; enter 24 characters to yield a 192-bit encryp-
tion key; enter 32 characters to yield a 256-bit encryption key.
4. Configure a security solution by entering one of the following AT commands:
AT%S8
sets the modem for AES Encryption only
AT%S9
sets the modem for SteadFast Security and AES Encryption
AT%S11
sets the modem for SteadFast Security, AES Encryption and RADIUS Authentication
Note
%S8
Setting the
These commands will also affect the connect message by adding
5. Select encryption key size:
AT)Mn
where n is 0, 1 or 2 (0 = 128 bits, 1 = 192 bits, 2 =256 bits)
6. Select encryption mode:
AT@Mn
where n is 0, 1 or 2 (0 = ECB, 1 = CBC, 2 = CTR)
7. Set the asynchronous protocol to V.42 Only by typing: AT\N4
If V.42bis compression is desired, type AT%C1 in addition.
8. Display the AES Encryption key by typing: AT%W
9. Check that the modem shows the presence of AES Encryption by typing ATI4.
(The Product Type field will display EC when AES Encryption is operational.)
10. Repeat this procedure in its entirety for the modem on the opposite end of the link.
060R122-000
Issue 15
%S9
%S11
,
or
commands will flash the DTR LED when the modem is in data mode.
SpectraComm Dual V.34 Modem
Installation and Operation
Security Overview
AES
to the end of the protocol string.
3-15
Advertisement
Table of Contents
