Hi,
I'd like to use custom encryption method for Aastra phones, does anyone have any experience or advice on how to do this? I know how the standard encryption method works, using security.tuz and anacrypt, but the problem with this is that it uses a common private key programmed into all Aastra devices. If this key is known then the whole scheme is vulnerable.
In the manual it describes a "Vendor Configuration File Encryption". It says that it's possible to encrypt config files using a phone-specific encryption key using the setting "config encryption key" in a config file. I can't get this to work, though. The phone always attempts to download security.tuz first, and if this is present is downloads aastra.tuz and mac.tuz (encrypted in the standard way). If security.tuz isn't present, it downloads the plain-text configuration files.
Does anyone know how to get the phones to do anything different?
Thanks,
Member Since:
2011-06-29