"...open a secure channel."
      - Any Captain, Any Starship

Technical Information

The following is a breif explination of the cryptological algorithms, modes and key sizes used in the Secure Channel family of products.

Cipher Algorithms Used

The Secure Channel family uses the Advanced Encryption Standard (AES) with a 256 bit key. This is one of the strongest symetric key algorithms available. It has been approved by the National Security Agency for use in safeguarding U.S. Government data.

Keying Algorithm

As user supplied passwords generally have low entropy and are very vulnerable to pre computed rainbow tables, a more advanced intermediary keying algorithm was implimented. The user supplied password string is appended to a 64 bit random salt and is passed as an input to the Password-Based Key Derivation Function #2 as described in RSA Labratories Public Key Cryptography Standards (PKCS) #5 and in the Internet Engineering Task Force (IETF) RFC 2898. The hash algoritm used is SHA256 and the key is iterated 10,000 times prior to being passed to the cipher algorithm. The result of this operation is 256 bits of session dependent key material.

Key Sizes

The PBKDF2/RFC2898 keying algorithm returns 256 bits of iteravely hashed key data. The AES algoritm is used keyed with all 256 bits of key data in it's 256 bit mode. (AES256)

Cipher Modes of Operation

The AES algorithm is operated in the Cipher Block Chaining (CBC) mode with a random one block Initilazation Vector (IV) and PKCS #7 block padding. IV and cipher block sizes are both 256 bits.

*Apple, the Apple logo, iPhone, iPod touch, Mac OS, and iTunes are trademarks of Apple Inc., registered in the U.S. and other countries. iPad is a trademark of Apple Inc. App Store is a service mark of Apple Inc.

Notice of Export Control Laws

Certain of our products, including software, documentation, services, and related technical data, available on this website and other services are subject to export controls administered by the United States; including, but not limited to, the U.S. Department of Commerce Export Administration Regulations. Diversion contrary to U.S. or other applicable law of any of these products or services is prohibited. Export, re-export or import of products and services may require action on your behalf prior to purchase and it is your responsibility to comply with all applicable international, national, state, regional and local laws, and regulations, including any import and use restrictions. These products and services are currently prohibited for export or re-export to Cuba, Iran, North Korea, Sudan, Syria, or to any country then subject to U.S. trade sanctions (e.g., Afghanistan and Iraq). These products and services are prohibited for export or re-export to any person or entity named on the U.S. Department of Commerce Denied Persons, Entities and Unverified Lists, the U.S. Department of State's Debarred List, or the U.S. Department of Treasury's lists of Specially Designated Nationals, Specially Designated Narcotics Traffickers, or Specially Designated Terrorists.These products and services are prohibited from use with chemical or biological weapons, sensitive nuclear end-users, or missiles, drones or space launch vehicles capable of delivering such weapons. By downloading or using any product from this site, or purchasing through any other any service, you are acknowledging that you have read and understood this notice and agree to comply with all applicable export control laws. You are also representing that you are not under the control of, located in, or a resident or national of any prohibited country, and are not a prohibited person or entity. This notice is not intended to be a comprehensive summary of the export laws that govern the products and services. It is your responsibility to consult with a legal advisor to ensure compliance with applicable laws. For more information on export laws, please consult: U.S. Department of Commerce, Bureau of Industry and Security (BIS), website at: http://www.bis.doc.gov or the Denied Parties Lists at: http://www.bis.doc.gov/complianceandenforcement/liststocheck.htm