Filter
Top Products
Secure MICR Printer User’s Guide © Source Technologies
September 2005
24 All Rights Reserved
DES and AES Decryption
Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are both
supported in the Source Technologies Secure MICR Printers. The minimum Code Level
support for AES is 8.5j. Levels 8.5i. and lower only support DES.
DES originated at IBM in 1977 and was adopted by the U.S. Department of Defense. The
controlling standards for DES are ANSI X3.92 and X3.106 and in the Federal FIPS 46-3
standard. An alternative to DES called Triple DES is not supported in our Secure MICR
printers.
AES is documented in a Federal Information Processing Standard (FIPS) standard
FIPS 197, dated 11/26/2001. Three key sizes are documented in the standard, 128-bit,
192-bit, & 256-bit. We currently only support the most commonly used 128-bit key size.
The algorithm selected for AES is Rijndael. Developed in Belgium, an English
pronunciation alternative is “Rain Doll”. In addition to U.S. Government implementations, it
is anticipated AES will be adopted by businesses, organizations, institutions, and
individuals outside of government, and outside of the United States as was the case for
DES.
We only support decryption for DES and AES. Encrypted printer data streams can be
decrypted using the key stored some time prior to the message. Keys for both DES and
AES are stored separately so that both AES and DES are supported simultaneously. The
keys messages themselves can be encrypted with either DES or AES for either DES or
AES. Only one DES and one AES key exists at any one point in time. Old keys are not
saved. To change either a DES or an AES key requires the MICR Password Command.
The Secure MICR printer does not have any capability to encrypt a return or Bi-directional
message.
Decryption Commands
Decryption requires printer processing overhead. In our testing encrypted printer data
steams near or below 100K bytes per page do not seem to affect printer speed in term of
pages per minute or first page out timings. Some testing done with print files from 500K to
1 Meg per page showed up to a 30% degradation in speed. It is therefore recommended
the encryption be reserved for the confidential portions of the data when large file sizes are
anticipated.
Set DES Decryption Key Command &%STSETDESKEY<16 Hex Characters>$
The command requires a MICR Password Command be sent prior to the Key Command.
The Key Command could itself be encrypted and then decrypted in the printer. The
command requires the key data be in a double-byte hex format. The 8 byte value must be
converted to the 16 byte format. The only values that can be contained in the 16 command