Comtech EF Data SLM-5650A User Manual

SLM-5650A Satellite Modem

Revision 8

TRANSEC Module HTTPS Interface

MN-SLM5650A

10–7

Active Key

Item

Description

Key Signature

(read-only)

This is a signature, or fingerprint, of the Transmission Encryption Keys (TEKs)

generated by the Seed Key and Passphrase. The user can compare signatures on

different modems to ensure that each has the same Seed Key and Passphrase.

NOTE: The TEKs are updated only when a Passphrase is submitted.

Current TEK

(read-only)

The user may generate 26 TEKs from the Seed Key and Passphrase (described

below). The active TEK (1 through 26) is displayed here. When it is desired to change

the encryption key being used to encrypt traffic, click [Next TEK] to select the next

key in the set of 26 TEKs.

Note the following:

•

The [Next TEK] button is disabled when the module is in secondary mode, and

the current TEK mirrors the TEK the connected primary modem uses.

•

The TEK only increments and never decrements; the user cannot re-use a

previous key. The only way to reset the TEK to 1 is by clicking [Activate Future

Key] (described below).

Seed Key

(write-only)

Enter a 32-character Seed Key in this text box to generate TEKs when the TRANSEC

Module is given a Passphrase (described below).

Confirm Seed Key

(write-only)

Re-enter the newly created Seed Key in this text box to ensure its accuracy.

Once the Seed Key is entered and confirmed, click [Update Seed Key] to finalize this

change.

Enter Passphrase

(write-only)

Accepts a 10- to 32-character Passphrase that is combined with the previously

entered Seed Key to generate TEKs.

Once the Passphrase is entered, click [Update Passphrase] to finalize this change.

Future Key

Item

Description

[Activate Future Key]

The user can program a second seed key and passphrase to generate a second set

of TEKs. These keys will lie dormant until the user activates them by clicking

[Activate Future Key]. At that time, the following happens:

1. The active TEKs are replaced by the ones generated with the Future Seed

Key and Future Passphrase.

2. The Current TEK gets reset to 1.

3. Secondary modems connected to this one will also activate their Future Keys.

NOTE: The [Activate Future Key] button is active only when the following conditions

are met:

1. The modem is in Primary mode (see Encryption Mode, explained below).

2. The Current TEK is greater than 1.

Future Seed Key

(write-only)

Enter a 32-character Future Seed Key in this text box to generate a TEK when the

TRANSEC Module is given a Future Passphrase (described below).

Confirm Future Seed Key

(write-only)

Re-enter the newly created Future Seed Key in this text box to ensure its accuracy.

Once the Future Seed Key is entered and confirmed, click [Update Seed Key] to

finalize this change.