Dual AES and Triple DES Key and Device Management
KEYNET Release 2 delivers 256-bit AES message encryption as well as (optionally) supporting a TDES capability for networks in transition between older TDES and newer, AES-based Cipher X 7100 units. The KEYNET 2 system incorporates two separate Security Vaults, one supporting the AES-256-based units and the other supporting the TDES-based units.
KEYNET 2 is comprised of a custom Windows application that runs on a host personal computer (PC), and is attached to one or more Security Vaults. Each Security Vault securely generates and retains all of the keying materials in an anti-tamper protected enclosure. It also encrypts and decrypts all of the SNMP messages that are either sent to or received from each Cipher X data encryption device on the data network.
All key management messages are secured using three-tier key management. All other sensitive messages are likewise encrypted between the KEYNET 2 server and the fielded Cipher X 7100 devices using secure SNMP messaging.
Technical Specifications
Management of Cipher X secure communication systems
Advanced Encryption Standard Block Cipher / 256-bit keys
Triple DES (TDES) Block Cipher / 112-bit keys
AES and TDES dual configuration supports networks
FIPS 197 (AES-256)
FIPS 46-3 / ANSI X9.52 (TDES)
NIST SP 800-38A (AES & TDES)
FIPS 140-1 Level 3
FIPS 171 (Key Management)
ISO 8732
Security Vault (one or both used)
- AES Security Vault
- TDES Security Vault
Desktop Personal Computer
- KEYNET Application
- Windows XP (opt. Vista or Windows 7)
SmartModule-2K Key Fill Devices
- 256-bit SKEKs (Security Vault KEKs)
- 256-bit MKEKs Loaded into Cipher X 7100
Operational Temperature
Humidity
- 5% to 90% (Non-condensing)
90 day software warranty
1 year Security Vault warranty
Extended support and maintenance contracts available