User Guide
DDOC0108-000-A2
CNS4 CSfC
6 - 15
Operation
Revision 1.0
This command assumes that the external mode was selected in the cm_create_account
command.
The following explanation pertains to both the plain text key and encrypted key transfers. In the
plain text transfer, the user sends the DEK and PSK over the serial or Ethernet user interface. The
encryption process takes place over the backplane between the ILE and its FSM-C modules. In
the encrypted transfer, the user is involved in the encryption of the transfer from their equipment
over the serial or Ethernet interface to the ILE.
When encrypted transfers are required, the transfer package that carries the DEK itself must be
encrypted. Therefore, an encryption key for the transfer package is needed. This encryption key is
referred to as the Key Encryption Key (KEK). This is not a permanent key; it is regenerated each
time a KEK is called for by the cm_key command.
After a zeroization, or on a new ILE, a common encryption key is needed to encrypt and decrypt
the first KEK to the user's equipment from the ILE. This common key is called the PreShared Key
(PSK); it is always available on the ILE. The PSK is used to encrypt all initial transfers to establish
unique encryption keys for subsequent encrypted transfers of keys and their MACs (Message
Authentication Code).
When the ILE receives a KEK command, the KEK is generated and packaged for transfer. This
package is encrypted using the previous KEK (referred to as an old or retired KEK; the PSK is
used if it is the first KEK cmd. for the unit) and sent to the user's equipment. The corresponding
MAC is generated in the same manner and sent to the user's equipment. The user's equipment
has the old KEK and the PSK and uses the appropriate key to decrypt the KEK package and the
MAC, which is used to verify that the KEK is correct. The KEK is only used once per DEK transfer
session and then retired. Once this process is completed, a KEK is available to encrypt the DEK
and send it to the ILE. Refer to paragraph 5.16
or a step-by-step
example.
6.4.3
Software Encryption
NOTE
The passphrase can be any ASCII printable character
NOTE
Changing the SWE passphrase renders the data in SWE container useless.
6.4.3.1
Software Encryption Container
The swcrypt command allows the user to view and alter the CNS disk encryption options. Software
Encryption (SWE) uses containers to hold the data. Creation of a container requires the use of a
passphrase. The passphrase must include the conditions listed below:
•
Minimum characters: 15.
•
Minimum numbers: 1.
•
Minimum lowercase characters: 1.
•
Minimum uppercase characters: 1.
•
Minimum special characters: 1.
•
Maximum consecutive repeating characters: 2.
•
Maximum consecutive repeating characters of the same class: 4.
•
Minimum number of different characters: 8.
•
Minimum days for passphrase change: 1.
•
Maximum days for password change: 60.
•
Dictionary words are not valid or accepted.
•
The last seven passphrases cannot be reused.
NOTE
Keyfiles should not be used in high threat environments.
After the passphrase has been decided upon, it can be:
•
typed in when prompted.
•
saved a keyfile.
