SCP / EP 256 AES Encryption


Overview

Enabling 256 bit AES encryption will encrypt the traffic between SCP and the Access It! Universal server. Either a default 256 bit AES key, or 2 custom created 128 bit AES keys can be used. When loading AES keys into the SCP, it is recommended a laptop and crossover cable is used to prevent any possibility of the AES keys from being intercepted and compromising security. Prior to implementing this feature, the SCP must be online and communicating.
The 256 bit AES encryption only applies to the EP series panels communicating in IP Server mode only (EP-2500, EP-1502, EP-1501/+)

Implementation

Default 256 bit AES Keys

  1. Navigate to the Hardware tree (Main | Hardware)
  2. Select SCPs
  3. In the right hand pane, select the SCP that will be using the 256 bit AES encryption
  4. Right click on the SCP and select Load AES Keys
  5. Right click on the SCP and select Edit
  6. Select the Comm tab
  7. Set the Encryption Settings to 256 bit AES
  8. Click Save
    The SCP will go into a communication failure.
  9. If successful, the SCP will report the communication status Normal/Encrypted

Two Custom 128 bit AES Keys

  1. On the Access It! Universal server, open the OpenAppData Folder (Start | Programs | Access It! Universal | Client Utilities)
  2. Edit Settings.ini
  3. Add a new line named AES Master Key 1=
  4. Enter a 128 bit AES key
    AES key must be 32 characters long and only contain the characters 0-9 and A-F.
  5. Add a new line named AES Master Key 2=
  6. Enter a 128 bit AES key
    AES key must be 32 characters long and only contain the characters 0-9 and A-F.
  7. Restart the Access It! Universal Service
  8. Open Access It! Universal
  9. Navigate to the Hardware tree (Main | Hardware)
  10. Select SCPs
  11. In the right hand pane, select the SCP that will be using the 256 bit AES encryption
  12. Right click on the SCP and select Load AES Keys
  13. Right click on the SCP and select Edit
  14. Select the Comm tab
  15. Set the Encryption Settings to 256 bit AES
  16. Click Save
    The SCP will go into a communication failure.
  17. If successful, the SCP will report the communication status Normal/Encrypted

Removing 256 bit AES Encryption

  1. Navigate to the Hardware tree (Main | Hardware)
  2. Select SCPs
  3. Right click on the SCP and select Edit
  4. Select the Comm tab
  5. Set the Encryption Settings to None
  6. Click Save
    The SCP will go into a communication failure.
  7. If successful, the SCP will report the communication status Normal

  • 205
  • 16-Mar-2018
  • 6261 Views