Implementing a Key Management Solution for an Embedded HW Encryption Module

OData support
Dr. Kovácsházy Tamás
Department of Measurement and Information Systems

In telecommunications, cryptography is used to provide secure communications. Data is encrypted with cryptographic keys, protecting it from unauthorized interceptors. The generation, distribution, and storage of these keys is called key management. This paper is about implementing a Key Management Solution on the MINI-LINK: a microwave transport solution from Ericsson. First, general concepts on security and key management were analyzed, followed by exploring existing solutions and protocols.

Based on this, several designs were made using MACsec, IPsec or 802.1x. From these designs, IPsec in combination with SSH for key management was implemented on the ML66 MINI-LINK node. Results showed that the key management solution could successfully establish an IPsec connection between nodes. Data send between nodes was securely encrypted by IPsec, with a maximum throughput of 2.7MB/s without overloading the CPU.

In the future, based on the prototype developed it is possible to integrate the implemented solution into the final product of Ericsson.


Please sign in to download the files of this thesis.