Tritech Technology AB 200300 Manuale Utente
Reference Manual
Aperio Technology
91 (91)
Appendix B, Security Statement
The security of Aperio is according to the following:
o
Authentication: 3-pass mutual authentication (challenge-response
protocol) based on AES128. Standard Aperio authentication scheme.
protocol) based on AES128. Standard Aperio authentication scheme.
o
Confidentiality in communication: The communication is encrypted
by a unique session key.
o
Confidentiality of information in the lock: Secret information such as
encryption keys is never visible outside the protected flash of the
microcontroller.
encryption keys is never visible outside the protected flash of the
microcontroller.
o
Unique encryption key seed for each installation.
o
Encrypted database in Programming Application is password
protected. The computer must also be physically protected.
protected. The computer must also be physically protected.
o
AES and RNG tested according to (National Institute of Standards
and Technology) NIST test vectors.
and Technology) NIST test vectors.
http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS
.pdf
http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf