28 October 1997
Source: http://www.hr.doe.gov/telcomsec/CRYPTO.html

DOE
CRYPTO EQUIPMENT GUIDE

The DOE Crypto Equipment Guide is published as an information source and guideline for DOE and DOE contractors in selecting or using crypto equipment. This guide contains general information about NSA approved cryptographic devices that are currently available through the Commercial COMSEC Equipment Program (CCEP) or by direct purchase from NSA. Contractors for DOE must have a properly executed Controlled Cryptographic Item agreement with NSA. This guide is not intended to be a complete source of information but rather a summary. The information herein is only in sufficient detail to familiarize the reader with the basic capabilities of the equipment. Please note that the purchase and use of any product identified as "embeddable" requires prior DOE headquarters approval. A Memorandum of Agreement (MOA) with NSA must be properly executed in cases where a DOE or DOE contractor/ supplier proposes to use embedded products for classified operations.


NETWORK
EMBEDDED
OPTICAL
DATALINK
STU
OTHER
MISSI


Technical information and points of contact are available from Sharon L. Shank of the Architecture, Standards and Engineering Group, Office of Information Management, at Sharon.Shank@hq.doe.gov or by telephone at (301) 903-3047.

Network Encryption Equipment

CANEWARE
NETWORK ENCRYPTION SYSTEM
WANG TRUSTED LAN INTERFACE UNIT
FASTLANE ATM ENCRYPTOR

CANEWARE

CANEWARE is a host-to-host network encryption system designed to provide multi-level security on a packet switched network. It is compatible with Secure Data Network System (SDNS) standards and is transparent to network operations. The CANEWARE system consists of a CANEWARE Front End (CFE) unit, a CANEWARE Control Processor (CCP) unit, and an Auxiliary Vector Management System (AVMS). The AVMS augments the SDNS Electronic Key Management System (EKMS) Mandator Access Control (MAC) information by distributing additional security attributes. The EKMS information and additional security attributes from the AVMS along with Discretionary Access Controls (DAC) from the CCP are used by the CFEs to enforce access controls to the network. The CFE also provides data encryption on communication links. A CFE is required at each network point. The CCP is used to provide DAC information to the CFEs. DAC information is used by the CFE to limit access to each host based on need-to-know information provided by the host to the CCP. A single CCP can control up to 5000 CFEs, which is the maximum number for a single domain. Up to 1000 domains can be supported by the CANEWARE system.

CANEWARE is capable of encrypting and decrypting at through put rates from 1200 bps to 750 kbps full duplex and supports I/O rates up to the T1 rate (1.544 Mbps). It supports standard protocols such as GOSIP X.25, DDN X.25 and CCITT 1984 X.25. The standard KSD-64A is used for loading configuration information and initial keying material. It also serves as a crypto ignition key for the CFE. A multi-level security host encryption system functions on X.25, IEEE 802.3, and Ethernet packets switched networks.

The CANEWARE system is approved for use at all classification levels.. The development program is complete. They are currently establishing production requirements. The approximate cost is $19,500.

BACK TO TOP

NETWORK ENCRYPTION SYSTEM

The Motorola Network Encryption System (NES) provides encryption security to local area networks (LANs) and Wide Area Networks (WANs). The NES is designed for system high data encryption and can accomodate multiple security communities through network partitioning into separate domains. It provides data confidentiality, data integrity, peer identification and authentication, and mandatory/discretionary access control services. The NES is configured at start up by a configuration disk created by the product server. A product server can be any IBM compatible personal computer. Each product server is capable of serving a maximum of 2000 NES platforms. The configuration disk created by the product server contains application software, discretionary access control (DAC) tables, static routing tables and other configuration information. This information is used to control access to the network protected by a NES platform. The NES can provide secure connections between 802.3/Ethernet and other 802.2/Ethernet networks with a speed up to 1.3 Mbps (half duplex, 1400 byte packets) or 320 packets per second (64 byte packets).

Key distribution can be provided from the Electornic Key Management System (EKMS) or the NES may be physically keyed using a KSD-64A. Up to 250 Traffic Encryption Keys (TEKs) can be supported at one time by the NES. A security battery allows key retention when primary power to the NES is interrupted.

DOE users should contact HR-433 if NES is being considered for any application. The authorized vendor for NES is Motorola Government Electronics Gr., 8201 E. McDowell Road., Scottsdale, AZ 85252-1417. Additional information may be obtained by accessing their web site, http://www.mot.com/GSS/SSTG/ged/iso/nes.html".

BACK TO TOP

WANG TRUSTED LAN INTERFACE UNIT (TIU-1)

The WANG Trusted LAN Interface Unit (TIU-1), which serves as an Ethernet (IEEE 802.3), is a data security device that encrypts LAN data traffic. The TIU-1 secures internetted and individual LANs because it implements Internet Protocols (Ips). Internet Protocols will allow communications over wide area networks (WANs) through Gateways. The TIU-1 can be used for single level system high LAN encryption. The TIU-1 allows encryption of more than one host through a single TIU-1. Encryption is accomplished at a data rate in excess of 200 packets per second full-duplex, (1500 byte packets). Keying is accompished using a KOI-18 or a DS-102 signal converter.

This unit is used for LAN encryption (Ethernet, IEEE 802.3). It is approved for use at all classification levels. The authorized vendor is Wang Laboratories, Inc. The cost of a TIU with AUI interface is $19,995, fiber interface is $12,995, key management software is $1,500 and hardware is $7,995.

BACK TO TOP

FASTLANE ATM ENCRYPTOR
KG-75

FASTLANE is a high speed ATM encryptor for local and wide area network multimedia applications (i.e., voice, video, data, and imagery). FASTLANE supports permanent and switched virtual circuits, point-to-point and point-to-multi-point, simplex and duplex connections. It provides authentication and end-to-end protection of user information to the Top Secret/ Sensitive Compartmented Information. Security levels may be user selected for each communications session. The FASTLANE encryptors may be nested, allowing for the creation of cryptographically isolated networks to operate at different security levels. FASTLANE may support an individual user, a multi-user computer based group or a Local Area Network. Rekeying can be accomplished either electronically or through traditional means.

It is approved for use at all classification levels. The limited capability FASTLANE Release 1 (FR) system became available in June 1996. The full capability FASTLANE Release 2 (FR) system will be available in September 1997.

Release 1 (FR1) can no longer be ordered. NSA is currently accepting orders for Release 2 (FR2) with scheduled deliveries beginning in October 1997. DS-1 $25,000, DS-3 $26,000, OC-3 $28,000, and OC-12 Price is based on requirements.

The authorized vendor is GTE Goverment Systems Corporation, 77 "A" Street, Needham, MA 02194-2892, phone: (410) 859-4060. Additional information on FASTLANE may be obtained by accessing their web site http://www.gte.com/Cando/Govt/Docs/Software/fastlane.html".

BACK TO TOP

Embedded Encryption Equipment

FASCINATOR
KGB-69/69A
KGV-135
EMBEDDABLE MODULE
KIV-7 EMBEDDABLE MODULE
INDICTOR STANDARD EMBEDDABLE MODULE
CRYPTO ENGINE

FASCINATOR

The FASCINATOR is a line of embedded cryptographic devices that can be installed in existing Motorola digital capable radio products and other compatible radios. The proper installation of the FASCINATOR enables a radio to be used for classified voice transmissions. The design provides for secure voice communications, while maintaining a plain text capability. The manufacturer produces the FASCINATOR as a product line of eight secure voice modules capable of being direct plug-in replacements for the DES module. The FASCINATOR devices are half duplex (12 kbps serial encryption devices that operate in the synchronous mode) providing an operating range similar to plain text. Installation of this device in compatible Motorola radios will require the use of a Security Interface Box and a KOI-18 or KYK-13 for keying. Other radio configuration may have different keying requirements.

The FASCINATOR can be used for non-tactical communication nets. It is approved for use at all classification levels. the MCX-100, NX 300, Portable Repeater, SABER, SPECTRA, SYNTOR X-9000, SYNTO X-9000 E, Console Interface Unit, and SPECTRA Mobile SVMS have been endorsed. This product is available from Motorola, Inc. The price ranges from $495 for hand-held to $1200 for portable repeaters.

BACK TO TOP

KGV-69/69A
Embedded Key Generator Chip

The KGV-69/69A is an embeddable COMSEC chip developed at NSA. It is designed to be a "bare bones" encryptor for use in very high risk applications. The single-chip design contains the encryption algorithm, appropriate controls, alarm, and I/O circuitry suitable for drop-in solutions to secure data requirements. The KGV 69/69A will encrypt and decrypt serial data up to 50 Mbps.

The KGV-69/69A is approved up to Top Secret data with special configuration required. This equipment is available in limited quantities through the NSA program management office. It is intended for special applications.

BACK TO TOP

KGV-135

The KGV-135 is a high-speed, general purpose encryptor/decryptor under development at Motorola. It is the solution for tactical and space users who need wide-band data encryption embedded into high performance systems. The KGV-135 is an upgrade of the KG-135. It has increased bandwidth and COMSEC operating modes in a compact multi-chip module. The KGV-135 operates at speeds of 2 Kbps to 700 Mbps and uses standard interface logic levels and key protocols.

The KGV-135 may be used in tactical military ground, aircraft, or space. The approximate cost is $8,000. Additional information may be obtained by accessing their web site, http://www.mot.com/GSS/SSTG/ged/iso/kgv135.html.

BACK TO TOP

WINDSTER STANDARD EMBEDDABLE MODULE

WINDSTER consists of a PC board containing several custom LSIs and discrete devices. This module incorporates the SAVILLE I and PADSTONE algorithms to provide security for classified traffic. It also contains the CORDOBA algorithm which provides security for sensitive unclassified traffic. The CORDOBA provides interoperability with many inventory SAVILLE-based equipment. WINDSTER is a 500 Kbps full/half duplex embeddable COMSEC module used to secure digital voice or data traffic. It provides cryptographic interoperable traffic operation with KY-57/58, E-DRZ, KYV-2, KYV-5, KG-84, RAILMAN, INDICTOR, and STU-III. It also provides re-key operations interoperable with the KY-57/58, KYV-5, INDICTOR, and RAILMAN equipment.

This embeddable module may be used with various voice/data equipment such as mobile or desk top telephones, modems, or man-pack radios. It is approved for use at all classification levels. The authorized vendor is Harris, RF Communications. The approximate cost is $2700 each for quantities of 1 to 249 and $1600 each for quantities over 250.

BACK TO TOP

EMBEDDABLE KG-84 COMSEC MODULE
KIV-7

The KIV-7 is a compact, embeddable, COMSEC device that encrypts classified and sensitive national security data transmissions. The KIV-7 secures data communication links among users of personal computers (PCs), workstations, and facsimile equipment. Utilizing the NSA WINDSTER key generator, the KIV-7 is interoperable with the KG-84, KG-84A and KG-84C equipment in both the secure data and Over-The-Air-Rekey (OTAR) modes. It is similar to a universal half-height disk drive in design. This allows it to be embedded in desk top PCs, or it can be installed in a specially designed multi-unit rack. Standard EIA-530 and RS-232 data interfaces simplify system integration. An integrated remote control interface permits the management of up to 31 remote units from a single KIV-7 via an independent secure link. The KIV-7 is available in a high speed version called the KIV-7HS. The KIV-7HS incorporates the WINDSTER T1 module. Data transmission for the KIV-7 lists rates up to 228 Kbps. The KIV-7HS lists rates up to 1.544 Mbps. The KIV-7 accepts electronic key from the Data Transfer Device, KYK-13 or KOI-18. It has a battery for loading key without primary power and retaining key when primary power is interrupted.

The KIV-7 may be used on point-to-point, netted and broadcast data link applications. It is approved for use at all classification levels. The authorized vendor is Allied Signal Aerospace Company. The cost for a KIV-7 is $3,542.35, KIV-7HS is $3960 (Qty. 1-3000), KIV-7HS is $3632 (Qty. 3001-7000) and KIV-7HS Upgrade is $1433.

BACK TO TOP

INDICTOR STANDARD EMBEDDABLE MODULE

INDICTOR is a half duplex embeddable COMSEC device used to secure digital voice or data traffic. It consists of a single custom CMOS LLSI chip. The INDICTOR module incorporates the SAVILLE I and PADSTONE algorithms. It also contains the CORDOBA algorithm which provides security for sensitive but unclassified traffic. INDICTOR is cryptographically interoperable with the KY-57/58, KYV-2, KYV-5, KG-84, WINDSTER, and STU-III. It is presently being embedded into the SUNBURST II and PRC-112 radios, and several other tactical equipment. INDICTOR also provides "receive-only" re-key operations interoperable with KY-57/58, KYV-5, WINDSTER, and RAILMAN equipment. It operates at speeds up to 1 Mbps.

This embeddable module may be used with voice/data equipment, such as mobile telephones, modems, and/or hand-held radios. It is approved for use at all classification levels. The authorized vendor is Motorola, Government Equipment Corporation. Allow 8 to 10 weeks for delivery. The cost is $250 each (Qty. 1-100) (full compliance with Mil-Spec 80-83) and $180 each any quantities over 100.

BACK TO TOP

CRYPTO ENGINE

The Crypto Engine is a self-contained, redundant cryptpgraphic module designed to be integrated into devices as an alternative to box and board-level cryptographic devices. This module consists of two chips, an algorithm data path chip, and a control processor chip, combined in a common carrier. The chip designed provides an encryption/decryption rate using a 12 Mhz clock of 20 Mbs half duplex.

The Crypto Engine may be used with digital link encryption, telecommunications, microwave, fiber optics, voice and video transmission, LAN and embedded computer applications. It is approved for use at all classification levels. The authorized vendor is Tractor Aerospace, Inc. The cost is not available at this time.

BACK TO TOP

Optical Encryption Equipment

KG-189
HIGH SPEED STRATEGIC TRUNK ENCRYPTOR

The KG-189 is the next generation of trunk encryptors designed to be compatible with Synchronous Optical Network (SONET) standard interfaces. It provides optical transport at both the RED and BLACK interfaces to communications systems. The KG-189 program currently consists of models supporting two standard SONET data rates. The OC-3 model operates at 155 Mb/s and the OC-12 model operates at 622 Mb/s. The development of a model supporting the SONET OC-48 data rate of 2.5 Gigab/s has been terminated. The KG-189 is designed as a single chassis with interchangeable cards allowing the KG-189 to upgrade from OC-3 to OC-12 with minimal cost and no impact on installation. The KG-189 supports BENIGN fill capability, traditional key and remote loading of FIREFLY vectors. It is approved for use at all classification levels.

Inital pre-qualification deliveries were scheduled for January, 1997. Production of the KG-189 is scheduled to begin in March, 1997. The product was developed by Motorola GSTG and Nortel. Production of the KG-189 is provided by Motorola Sectel. The cost for the OC-3 model is $37,654, and the OC-12 model is $62,664.

Data Link Encryption Equipment

KG-94/94A and KG-194/194A
KIV-19
KG95
KG-135
KGR-68
KG-84A

KG-94/94A and KG-194/194A

The KG-94 and 194 are a family of full duplex key generators that provide encryption of digital traffic. The KG-94 and KG-194 are tactical versions of the KG-94A and KG-194A. The KG-94 is an upgraded version of the KG-94 design. All verions are cryptographically compatible with each other, as well as with the KG-81 and KG-95 within their respective data rates in the traditional key mode. When used in conjunction with the Interface Adapter Unit, they can be a direct replacement for the KG-27. The KG-194 and 194A are interoperable only with other KG-194(A) in the FIREFLY mode. The KG-94 and KG-194 family functions with MIL-STD 118/114, RS-422 and RS-449 standard synchronous interfaces. Encryption and decryption takes place at speeds of 9.6 Kbps to 13 Mbps. The KG-194 and 194A generators are compatible with FIREFLY remote re-keying and can also be keyed with the KSD-64A. Traditional keying is accomplished with the KOI-18, KYK-13, KYK-15, KOK-12, and the Data Transfer Device (AN/CYZ-10) for any of the KG-94s and 194s.

The KG-94 and 194 families may be used with fix plant and tactical trunk encryption devices. They are approved for use at all classification levels. The authorized vendor for this product is Group Technologies Corporation, located in Florida. The cost for the KG-94 is $2001, KG-94A is $1991, KG-94 conversion kit to 194 is $1169.95 and KG-94A conversion kit to 194A is also $1169.95.

BACK TO TOP

KIV-19

The KIV-19 is a new CCEP effort underway to develop a trunk encryption device that is functionally equivalent to a KG-194. The new equipment will be miniaturized and utilizes different physical connectors than the KG-194. The KIV-19 operates in traditional mode over full duplex, half duplex, or simplex broadcast channels. In FIREFLY mode, it operates only over full duplex channels. The KIV-19 supports data transfer rates from 9.6 Kbps to 13 Mbps.

The KIV-19 operates in tactical satellite terminals and conditions where weight is a consideration. It is planned for use at all classification levels. If a market materializes and the IDIQ contract is similar to the one used on the KIV-7, program is planned. The vendor is yet to be determined.

BACK TO TOP

KG-95

The KG-95 is a family of full-duplex, fixed plant, bulk encryption/decryption key generators. There are three KG-95 equipment configurations. The KG-95-1 is a general purpose version of the KG-95, capable of operating at any data rate between 10 and 50 Mbps. It is compatible with the KG-81, KG-94/94A, 194/194A over their common data rates and when using traditional key. The KG-95-2 operates only at the fixed DS-3 data rate of 44.736 Mbps. It is fully compliant with ANSI T1.102-1987 for DS-3 transmission and reception. The KG-95R is two KG-95-2s in a dual frame. The frame provides for hot spare capability.

The KG-95 configurations have a MIL-STD 118/114 interface. All three equipment configurations are capable of operating form traditional, punched paper key or Remote Rekey Keying (RRK) material. Traditional key may be loaded via a KOI-18, KYK-13, KYK-15, or Data Transfer Device. Remote Rekey Keying (RRK) material is loaded via a KSD-64 or the Data Transfer Device and offers the user a one-year crypto period. When using RRK material, the operator must instruct the KG-95 to perform a change key operation once every twenty-four hour period. The daily operations required under traditional key and RRK material need to be initiated at one end of the link through the equipment's front panel or rear panel remote command lines. During traditional keying traffic, down time for a change key command is approximately 500 milliseconds. The down time during RRK is 30 seconds. The KG-95-1 operates at 10-50 Mbps. The KG-95R operates at the DS-3 rate of 44.376 Mbs.

These systems are approved for use at all classification levels. The manufacturer is Motorola Secure Telecommunications, Scottsdale, Arizona. The cost will depend on the size of the production run. Unit cost of previous production run was $7950 for a KG-95-2 and $16000 for KG-95R. Additional information may be obtained by accessing their web site, http://www.mot.com/GSS/SSTG/ged/iso/kg95.html.

BACK TO TOP

KG-135
TACTICAL HIGH SPEED KEY GENERATOR

The KG-135 is a tactical, high-speed, half duplex, self-synchronizing serial data link key generator. It is designed for use in an uninhabited airborne environment at altitudes up to 100,000 feet and satisfies Tactical Rad-Hard specifications. The KG-135 is a "Load and Go" unit, which means it can start encrypting or decrypting, assuming a good checkword/key (CW/Key), when power is applied. The KG-135 has an external computer bus connection, key management interface, power supply, and appropriate TEMPEST filtering. It operates at speeds of 10 Mbps to 450 Mbps.

The KG-135 accepts standard paper tape key via KOI-18 or KYK-13. A maximum of six keys and associated checkwords may be loaded and stored directly into the Key Management portion of the KG-135 for retrieval. The KG-135 allows for key loading without using the Command Status port. Only one key may be used in this scenario. The external computer bus interface allows for status monitoring and transfer of stored CW/key into the KG-135 cryptologics. Key Management hardware automatically restarts the unit, reloads the last key in use, and resynchronizes on the re-application of power.

The KG-135 serves as an encryptor/decryptor for wide-band serial communications. It is approved for use at all classification levels. The authorized vendor is Motorola, Inc. The cost is estimated in the range of $100,000 to $200,000.

BACK TO TOP

KGR-68
ELECTRONIC KEY GENERATOR RECEIVER

The KGR-68 is a ground-based fixed-plant decryptor for weapons system testing and telemetry decryption. The KGR-68 can decrypt data at rates up to 10 Mbps. It accepts standard paper tape key via a KOI-18 or KYK-13. The KGR-68 will retain key for at least 30 seconds during power interruptions.

The KGR-68 is used as telemetry decryption in weapons testing. It is approved for use at all classification levels. The approximate cost is $6,000.

BACK TO TOP

KG-84A
GENERAL PURPOSE ENCRYPTION EQUIPMENT

The KG-84A is a general purpose encryption device that has four selectable traffic key slots, improved remote rekeying, and mandatory EIA-RS-449 control signed. It proceses data at digital rates from 50 to 9,600 baud (non-synchronous), up to 32,000 Kb/sec using its internal clock. It can operate at data rates up to 64,000 Kb/sec using an external clock for synchronization. It is capable of operating in full duplex, half duplex, or simplex modes.

The KG-84A may be used in tactical, strategic, ship/air, and fixed plant environments. It is approved for use at all classification levels. The KG-84A/C Benign Fill Upgrade Production program has been started and will produce modification kits for the KG-84A and KG-84C. These modification kits will allow for Benign Fill capability. The approximate cost for this product is $5,000. An upgraded version ranges from $980-1,113.

BACK TO TOP

STU Encryption Equipment

MOTOROLA STU-III SECTEL
MOTOROLA STU-III SECTEL CELLULAR
AT&T STU-III 1100/1150
AT&T STU-III 1900/1910
AT&T SECURE CELLULAR
SECURE TERMINAL EQUIPMENT

MOTOROLA STU-III SECTEL

Motorola STU-III Secure Telephones (SECTEL) are secure voice/data telephone terminals. The STU-III/A is a version of the STU-III family designed for use within the NATO community. It contains all the basic STU-III functions and capabilities, while adding the STU-III modes of operation. The STU-III SECTEL models are black in color and incorporate the capability to store 17 net keying variables compared to the storage of one net keying variable with the Limit Rate Initial Production model. The STU-III models have two and four wire adapters built into the terminal.

The STU-III SECTELs operate at 2400, 4800, and 9600 bps full duplex secure voice. Secure digital data transmission is possible at 75, 110, 300, 600, and 1200 bps in the asynchronous mode. In the synchronous mode, digital data can be securely transmitted at 2400, 4800 and 9600 bps.

The STU-III is capable of being keyed in three different ways. For STU-III interoperability, the first uses the FIREFLY II key concept where all keys are in electronic form and initial keying can be done locally or by access to the Key Management Central Facility. No per call access is required. For STU-III interoperability, the second and third way uses the Bellfield Key Distribution Center (KDC) concept with per call access or commonly held NET key.

The Motorola STU-III SECTEL serves as two-wire and four-wire switched telephone systems used in CONUS and Overseas. They are approved for use at all classification levels. The authorized vendor is Motorola, Inc. The cost for a STU-III Sectel is $3,795.

BACK TO TOP

AT&T STU-III 1100/1150

The AT&T STU-III Secure Voice/Data Terminal model 1100 single line terminal, and model 1150 multi-line terminal provide secure voice and data comunications between two sites. Secure communications can be established with any U.S. Government approved STU-III device. In the "clear" voice mode, the 1100/1150 series operate like any convention telephone.

In the secure data mode, the 1100/1150 can communicate with other STU-III devices at 2400 bps, 4800 bps, and 9600 bps in both synchronous and asynchronous data cells. It supports full duplex communications at all of these rates, and half duplex synchronous communications at the 2400 bps rate. Crypto ignition keys are used to activate the STU-III for secure communications.

The AT&T STU-III 1100/1150 are used to secure data and voice communication. This product is approved for the use at all classification levels. The authorized vendor is AT&T Secure Communications Products. The cost is $1,300.

BACK TO TOP

AT&T STU-III 1900/1910

The AT&T STU-III Secure Data Terminal models 1900 and 1910 provide secure digital data communication between two sites. Secure data transfers can be established with any U.S. Government approved STU-III device. The 1900 model can communicate with other STU-III devices at 2400 bps, 4800 bps, and 9600 bps in both synchronous and asynchronous full duplex communications. In addition to the data rate of the model 1900, the model 1910 operates at a maximum of 14400 bps. Asynchronous operation is not available at 2400 bps half duplex. Crypto- ignition keys are used to activate the STU-III for secure communications.

The AT&T STU-III 1900/1910 series are approved for use at all classification levels. The STU-III is a replacement of the STU-III 1900. The authorized vendor is AT&T Secure Communications Products. The cost for the 1900 series is $1,300 and the 1910 series is $2,000.

BACK TO TOP

SECURE TERMINAL EQUIPMENT

Secure Terminal Equipmet (STE) is the next generation STU-III being designed to provide services far beyond the present STU-III devices. The STE offers backward compatibility with STU-III, while taking advantage of digital communications protocols like ISDN and future ATM. The initial release of STE will be an ISDN terminal. STE is designed to take advantage of the key and privilege management infrastructure developed under the Multi-level Information Systems Security Initiative (MISSI) Fortezza Plus Cards. The cryptographics for STE will be located on a removable Personal Computer Memory Card International Associate (PCMCIA) card. This card will be procured seperately.

Secure Terminal Equipment serves as a secure voice and data communication. It has been planned for use at all classification levels. The vendor is Lockheed Martin and Motorola Government Systems.

BACK TO TOP

Other Encryption Equipment

CONDOR
AT&T SECURE CONFERENCE SYSTEM
SSP3110 DATA STORAGE ENCRYPTOR
DATA TRANSFER DEVICE

CONDOR

The Condor is an effort to produce a security solution for commercial digital wireless systems. This includes cellular, mobile satellite, and personal communications systems. It is being designed to utilize the Fortezza Plus cryptographic card.

The CONDOR provides secure communications for commercial wireless services (CDMA cellular and Mobile Satellite). This product is currently under development. The CDMA (dual mode cellular) will be completed in March, 1998, Globalstar in August, 1998 and Iridium in August, 1998. The authorized vendor and cost is undetermined at this time.

BACK TO TOP

AT&T SECURE CONFERENCE SYSTEM

The AT&T Secure Conference System consists of a circuit board installed in a personal computer, a STU-III terminal, and a switch box connected at the host site. This configuration functions as a concentrator during a secure conference call. The circuit board can be installed in a 386 or 486 personal computer. The system requires a minimum of 640 K of RAM and MS-DOS 3.0 or higher to operate. A telephone conference can be provided for up to four secure terminals per circuit board. Multiple circuit boards may be installed in one computer to raise the number of secure terminals to a maximum of 12 units. The AT&T Secure Conference System can function with any STU-III devices at 2400 bps and 4800 bps in half duplex communication mode. Crypto-ignition keys are used at the STU-III terminal as usual. The computer with the circuit board installed will verify each participants clearance prior to initiating the conference.

This system is approved for use at all classification levels. The authorized vendor is AT&T Secure Communications Products. Contact the vendor for the cost.

BACK TO TOP

SSP3110 DATA STORAGE ENCRYPTOR

The SSP3110 encrypts sensitive data received from a host over the Small Computer Systems Interface (SCSI) and wrties it to a storage medium such as a floppy diskette, magnetic tape, or an optical disk. Stored data that is encrypted using this device may be treated as "unclassified". The maximum processing speed using the SSP3110 is 150 Kbps depending on the application.

Electronic keying is accomplished using KEKs on punched paper tape and TEKs on Smart Keys. TEKs are derived from NSA-supplied floppy diskettes and written to Smart Keys using a Key Management Loader. In pairs, TEKs are used for Two- Stations transport aplications, shared TEKs are used for Multi-Station transport applications, and Special Purpose TEKs are used for data storage applications. KEK loading requires KOI-18 Tape Reader and DS-102 Signal Converter.

The SSP3110 Data Storage Encryptor is approved for use at all classification levels. Tractor Aerospace has developed the Secure Retrieval Processor (SRP), which is a less expensive, decrypt-only, embeddable board-level companion to the SSP3110. The cost for the SSP3110 is $11,995, Key Loader Key Manager Software is $2,500, and Training is $3,000. The SRP price is not available.

BACK TO TOP

DATA TRANSFER DEVICE

The Data Transfer Device (DTD) is an electronic fill device designed to replace the existing family of common electronic fill devices. The DTD can be programmed to store the secure transport of COMSEC and TRANSEC keys, Signal Operating Instructions, frequency hopping radio parameters, net control planning, and operating directions. The DTD is designed to be backward-compatible with current COMSEC fill devices. It provides enhanced security of communications and cryptographic keying material and simplifies the planning communications. The DTD is configured by software input rather than hardware modifications. An embedded crypto-ignition key allows flexibility in securely storing and transporting communications data. The DTD uses a replaceable keypad and is easily configured to work with either a standard 35-key keypad or a simplified 13-key keypad.

The Data Transfer Device is designed to replace the KYK-13, KYX-15 and KOI-18. This device is approved for storing, transporting and transferring cryptographic keys up to the Top Secret level. The authorized vendor is Group Technologies Corporation. The cost for this device is between $510-$560.

BACK TO TOP

MISSI Encryption Equipment

MULTI-LEVEL INFORMATION SYSTEMS
SECURITY INITIATIVE (MISSI)

The Multi-level Information Systems Security Initiative (MISSI) is an NSA effort to make available products that could be used to construct systems that would satisfy user Mutli-level Security (MLS) requirements. MISSI includes the development of products in four categories: the Crypto Peripheral, Network Security Management, Secure Network Server, and Workstation Security Applique. These products will comprise the set of security components needed to construct Automated Information System (AIS) that satisfy MLS requirements. MISSI establishes the structure for the placement of the components to achieve MLS at the workstation, LAN, or WAN levels as needed. This structure is designed to (1) protect data from unauthorized disclosure and modification; (2) identify and authenticate system users; (3) control access to data and system resources, and; (4) support source authentication and non-repudiation of messages. MISSI will be introduced in a four-phase release approach. Each release will provide four operational capabilities exceeding those of the previous release along with the required security services.

BACK TO TOP

The following paragraphs describe the features and characteristics of MISSI products as they pertain to system performance, capabilities and characteristics.

Operation

MISSI components will support mandatory access controls to provide hierarchical (Unclassified, Confidential, Secret, Top Secret) and non-hierarchical ("compartmented") classifications. Discretionary access controls provide additional "need-to-know" granularity. All data stored and processed by MISSI components will be labeled with a designation of its criticality and sensitivity through the use of the Common Internet Protocol Security Option (CIPSO) labels and internal labels in a Trusted Computing Base (TCB).

The user operation requirements of MISSI hardware components will be compatible with those required to operate the AISs they secure. At the workstation level, a user's identity will be authenticated up to the Top Secret level with a local name, a personal password, and a physical token inserted into a reader associated with the workstation's MISSI component. The use of trusted software and trusted operating systems will provide protection from unauthorized interference or tampering. MISSI components will use CIPSO labels for mandatory access controls and a database/directory scheme for discretionary access controls. These access controls and those of the trusted operation system will permit users to specify and control sharing of files and programs and provide controls to limit the propagation of access rights.

BACK TO TOP

Networks

Initial MISSI components will operate on DDN X.25, CCITT 1984 X.25, IEEE 802.3, and Ethernet networks. Later releases are planned to evolve with communications network protocols such as ATM. MISSI systems are intended to be protocol independent below the lowest layer where security is applied. A Secure Network Server (SNS) providing a guard/gateway function will provide CIPSO labeling to route datagrams to the proper networks and prevent those labels from being inadvertently or deliberately altered. MISSI components communicating on Ethernet (TCP/IP based) networks will support Address Resolution Protocol functions to provide logical addressing. MISSI components will also support GOSIP X.25 protocols.

BACK TO TOP

Keying

MISSI components will rely on the Electronic Key Management System (EKMS) for keying and rekeying activities. Components will support FIREFLY technology.

BACK TO TOP

Equipment

The reliability, availability, and maintainability of MISSI hardware and software components will meet or exceed current industry standards for commercial off-the-shelf office environment applications. Some of the MISSI critical system characteristics are:

BACK TO TOP

Product Development

The Information Security (INFOSEC) product evolution of MISSI, as defined in the four-phased release approach and the four product categories previously mentioned, is explained in more detail by the following graphics.

BACK TO TOP

Mosaic

The Mosaic program is an implementation designed to support MISSI Release 1. This program provides a Personal Computer Memory Card International Association (PCMCIA) crypto card, which provides encryption of sensitive unclassified electronic mail (E-mail) messages. Under the Mosaic program, a Commercial Off The Shelf (COTS) networked workstation configured with a PCMCIA card bus or separate reader performs the required MISSI Release 1 functions.

The Mosaic program supports X.400 or Simple Mail Transfer Protocol (SMTP) E-mail on the Defense Message System, as well as other Department of Defense (DoD) and Civil Agency applications. This system is currently designed to operate at 1.5 Mbps encryption/decryption. The PCMCIA card is under going test in the Mosaic program.

BACK TO TOP

Workstation Security Applique (APPLIQUE)

The APPLIQUE is a low cost product that provides multi-level security services for COTS networked workstations. It consists of both a software package and a hardware device referred to as the Crypto Peripheral (CP). Capabilities include security services to support writer to reader security for X.400 based E-mail and peer-to-peer applications. The security services performed by the APPLIQUE are: access control, audit, data confidentiality, data integrity, identification, and authentication as well as non-repudiation. It consists integrates with a wide variety of 386/486 based processor COTS workstations and higher. The APPLIQUE consists of several basic elements that allow the user to communicate in networked environments with multiple security levels. These elements include: a communications security package, trusted computing base, CP and a physical token.

The communications security package includes these ISO layer 3 and 7 security protocols: Network Layer Security Protocol (NLSP1), Message Security Protocol (MSP), and Key Management Protocol (KMP). The APPLIQUE will support both the GOSIP and DoD (TCP/IP) protocol suites. The TMACH Security Monitor provides multi-level security services to the workstation user. The CP with an estimated minimum throughput rate of 10 Mbs/sec., performs FIREFLY key generation, encryption, and digital signatures. The Crypto Peripheral can make use of a PCMCIA device to provide the physical token and crypto-ignition key (CIK) functionally as a means for user identification and authentication. It is required to access security mechanisms in the CP.

BACK TO TOP

Crypto Peripheral (CP)

The CP is a compact security product that provides encryption of E-mail messages for COTS networked workstations. It is contained on a PCMCIA card and interfaces directly to the workstation through a PCMCIA card bus or reader. The CP is the workstation security product designed to support the MISSI Release 2 system, and to protect classified information up to Secret. The CP supports a wide variety of COTS workstations that support X.400 mail packages. It is specifically designed to support ISO layer 7 security protocols. Writer to reader security protection is provided between both for Official Use Only sensitive community of Release 1 and the Secret community served by Release 2, as well as Top Secret communities served by Release 3 and above. The CP is designed for a 10 Mbps throughput rate.

BACK TO TOP

Secure Network Server (SNS)

The SNS is a computer system designed to allow simultaneous processing of information from the Unclassified level up to Top Secret level. It combines the highest levels of both Computer Security and COMSEC technology. The SNS will allow the connection of two or more networks at different security levels and as a MLS network file server, the SNS will allow files of different security levels to be stored and accessed simultaneously. Application software being developed for the SNS will allow it to function as a guard/downgrader. The SNS will support the CP associated with an untrusted workstation during MISSI Release 2. It insures the CP has been invoked before releasing an E-mail message to an unclassified network and regrades E-mail by human review. In MISSI Release 3, the SNS in conjunction with the Workstation Security Applique, provides full E-mail security services including regrading and MLS file storage. An EKMS compatible cryptographic function in the SNS allows all data stored on non-removable media to be protected. This allows the SNS to be treated as an unclassified Controlled Cryptographic Item (CCI) once the CIK is removed. For the software applications developer, this MLS computer will provide a POSIX compliant interface at the operating system level. Therefore, it will be possible for the SNS to run existing UNIX based application programs.

BACK TO TOP

Network Security Management (NSM)

NSM provides network security management functions for the MISSI products. These functions consist of key generator and distribution, access control permissions, secure directory, and mail list services. It is a primary link to other network management functions, such as configuration management, fault management, accounting management, and performance management. The capabilities of the security management components will be phased, along with the various MISSI components. The NSM components needed to provide the above functions are the Domain Security Manager, Local Authority Workstation (LAW), Audit Manager, Rekey Agent (RKA), Secure Directory Server, and Mail List Agent. It is anticipated that these components will be software application programs that will run on COTS workstations equipped with a Workstation Security APPLIQUE. Together they will provide the necessary services to securely manage and operate the MISSI.