Algorithm
Set
AEP Net ED20M implements the hashing, signing and key management algorithm sets
laid down by the UK National Technical Authority - SHA-1, DSA, Enhanced Diffie-Hellman,
ISAKMP and the UK Government "Enhanced Grade" confidentiality algorithm.
But other algorithms can can be factory loaded or in some circumstances, loaded
at the customer site.
Furthermore, the cryptographic and application libraries can be upgraded
throughout the life of the equipment offering the customer both flexibility
of deployment and future proofing against changes in standards and the
introduction of new algorithms.
Key Management
AEP Net ED20M product variant employs a 2-tier PKI with the UK National
Authority as the root and the AEP Net Management Center as the sub-CA.
The only keys that need to be ordered from the UKKPA are for these management
components. AEP's Net Keyper is used for key storage and signing.
AEP Net products generate all other keys including encryptor public/private
key pairs and certificates, traffic keys and packet authentication keys.
This means that there is no key material handling outside the encryptor
management center, and then only at Sub-CA key update intervals (typically
3 years).
For more information, download the AEP
Net ED20M datasheet (PDF, 841KB).
|
