Home
Products
Services
Sales
Support

Advanced, XL Family
Conventions
Regulatory
Compliance
Exposure
Operation
Location Code
Delivery Modes
Relay Mode
Forwarding
Radio Modes
Jump Tables
Encryption
Configuration Utility
Planning
Navigation
Navigation Bar
Utility Panels
Serial
Information
Firmware
Encryption
Configuration
Advanced Configuration
Reset
Country
Pool
Site Survey
Promiscuous Survey
Testing
Optimization
Addressed Protocols
Paired Units
Asynchronous Environments
Protocol
Sequence Numbers
Commands
Memory Map
Registers
Signal Strengths
Mechanicals
Pin Definitions
Specifications
OSS Foundations

Encryption

CDR XL family radios use Blowfish encryption and may be configured with keys of 8 to 448 bits.

CDR XL family radios encrypt packets in a cipher-block chaining (CBC) mode, using a randomly chosen initialization vector (IV). A hardware entropy source is used to select the next IV used, so unlike pseudo-random (PR) IVs, IV selection will not repeat periodically.

CDR XL family radios use a keyed-hash message authentication code (HMAC) to digitally "sign" each packet. The hashing function used is SHA-1, and the full 20 byte HMAC is appended to each encrypted packet. No HMAC truncation is performed and all 20 HMAC bytes are tested by the receiver to validate the packet's authenticity.

By default, the CDR XL family radios will discard all unencrypted packets received when encryption is enabled, but it is possible to disable this feature. All encrypted packets which can not be validated (i.e. sent with an incorrect HMAC or encrypted with a different key) are discarded, regardless of radio configuration.



Home | Products | Services | Sales | Purchase | Support | Licensing | About | Contact