beautypg.com

Source Technologies 1352 MICR 40 User Manual

Page 28

background image

Secure MICR Printer User’s Guide

©

Source Technologies

July 2003

Page 24

All rights reserved

DES and AES Decryption

Data Encryption Standard (DES) and the recently approved Advanced Encryption Standard (AES) are
both supported in the Source Technologies Secure MICR Printers. The minimum Code Level support for
AES is 8.5j. Levels 8.5i. and lower only support DES.

DES originated at IBM in 1977 and was adopted by the U.S. Department of Defense. The controlling
standards for DES are ANSI X3.92 and X3.106 and in the Federal FIPS 46-3 standard. An alternative to
DES called Triple DES is not supported in our Secure MICR printers.

AES is documented in a new Federal Information Processing Standard (FIPS) standard
FIPS 197, dated 11/26/2001. Three key sizes are documented in the standard, 128-bit, 192-bit, & 256-
bit. We currently only support the most commonly used 128-bit key size.

The algorithm selected for AES is Rijndael. Developed in Belgium, an English pronunciation alternative is
“Rain Doll”. In addition to U.S. Government implementations, it is anticipated AES will be adopted by
businesses, organizations, institutions, and individuals outside of government, and outside of the United
States as was the case for DES.

We only support decryption for DES and AES. Encrypted printer data streams can be decrypted using the
key stored some time prior to the message. Keys for both DES and AES are supported separately so that
both AES and DES are supported simultaneously. The keys messages themselves can be encrypted with
either DES or AES for either DES or AES. Only one DES and one AES key exists at any one point in
time. Old keys are not saved. To change either a DES or an AES key requires the MICR Password
Command.

The Secure MICR printer does not have any capability to encrypt a return or Bi-directional message.

Decryption Commands
Decryption requires printer processing overhead. In our testing encrypted printer data steams near or
below 100K bytes per page do not seem to affect printer speed in term of pages per minute or first page
out timings. Some testing done with print files from 500K to 1 Meg per page showed up to a 30% degra-
dation in speed. It is therefore recommended the encryption be reserved for the confidential portions of the
data when large file sizes are anticipated.

Set DES Decryption Key Command &%STSETDESKEY<16 Hex Characters>$

The command requires a MICR Password Command be sent prior to the Key Command. The Key
Command could itself be encrypted and then decrypted in the printer. The command requires the key data
be in a double-byte hex format. The 8 byte value must be converted to the 16 byte format. The only values
that can be contained in the 16 command bytes are 0 through 9, A through F. Alpha key characters can be
upper or lower case. Command characters must be upper case. An example of a valid key & command -
%STSETDESKEY5f00FF7E3DA938eb$ The key value remains in the printer until another key command
is received. Printer power cycles and printer reset commands do not affect the key value.

The dollar sign ($) is the command terminator and is required.

Section 6: MICR Features