UCF STIG Viewer Logo

The mobile operating system must encrypt all data in transit using AES encryption when communicating with DoD information resources (128-bit key length is the minimum requirement; 256-bit desired).


Finding ID Version Rule ID IA Controls Severity
V-32704 WIR-MOS-iOS-65-06 SV-43050r1_rule DCNR-1 Medium
If data traffic is sent unencrypted, an adversary may be able to read it to obtain sensitive information. AES encryption with 128-bit (or longer) keys mitigates the risk of unauthorized eavesdropping. This requirement applies to both VPN connections and DoD messaging connections (email and authorized instant messaging applications).
Apple iOS 5 Security Technical Implementation Guide (STIG) 2012-07-20


Check Text ( C-41067r1_chk )
Review the operating system documentation and configuration (and possibly application configuration) to determine if the system uses AES encryption with at least 128-bit keys. If it does not use AES encryption with the required key length, this is a finding.
Fix Text (F-36602r1_fix)
Configure the VPN client, email client, and other applications that communicate with DoD information resources to use AES encryption with 128-bit (or longer) keys.