Chapter 14. Cryptographic Software
Prev		Next

Chapter 14. Cryptographic Software

Ammonit implemented certain standard cryptographic software to protect sensitive measurement data. None of the algorithms are developed by Ammonit. All cryptographic software used on Meteo-40 is free software. Its source code is available for everybody to study and check for security problems.

Currently the following is encrypted:

Access to Meteo-40 via web interface over HTTPS with high-grade encryption (AES-256, 256 bit keys)
All data sent and received via the Meteo-40 web interface, e.g., data download
Data upload via SCP (RSA 2048 bit) to AmmonitOR or your own server
Emails and attached CSV files sent by Meteo-40 (optional)

	Note
	There is no encryption, when data is uploaded via FTP to a server. Moreover, the data stored on Meteo-40 is not encrypted. But only computer specialists with inside knowledge could be able to access the data.

Table 14.1. Cryptographic Software

Software or Protocol	Description	Supported Algorithms
HTTPS	All access to the user interface of the data logger is done via HTTPS, a combination of HTTP with SSL/ TLS, as implemented in OpenSSL.	AES, Blowfish, Camellia, SEED, CAST-128, DES, IDEA, RC2, RC4, RC5, Triple DES, GOST 28147-89, MD5, MD2, SHA-1, SHA-2, RIPEMD-160, MDC-2, GOST R 34.11-94, RSA, DSA, Diffie–Hellman key exchange, Elliptic curve, GOST R 34.10-2001
SSH	The connection to the Ammonit tunnel server (or any tunnel server of your choice) is performed with an SSH reverse tunnel.	3DES, Blowfish, CAST128, Arcfour, AES, RSA
GnuPG	GnuPG is used to digitally sign and encrypt measurement data.	CAST5, Camellia, Triple DES, AES, Blowfish, Twofish, ElGamal, RSA RIPEMD-160, MD5, SHA-1, SHA-2, Tiger, DSA, RSA

Prev		Next
Chapter 13. Electrical Connection Plans	Home	Chapter 15. Maintenance and Care