Wireless Cryptography
Written by Peter A. Buxbaum
AS MILITARY COMMUNICATIONS GO INCREASINGLY
WIRELESS IN AN EXPEDITIONARY AND MOBILE
OPERATIONAL MODE, THEY MUST ALSO BE ASSURED OF
SECURITY THROUGH ENHANCED ENCRYPTION.
Until that point, many wireless communications systems, including some operated by military organizations, had protected wireless communications only with the WPA.
The demonstrated hackability of WPAprotected networks underscored the need for a higher level of security, represented by a robust encryption regime, for wireless networks, especially those carrying sensitive and classified traffic. The Department of Defense now mandates that all unclassified wireless transmissions be encrypted with devices certified by the National Institute of Standards and Technology (NIST) as compliant with Federal Information Processing Standards (FIPS) 140-2 Level 2 and utilizing the Advanced Encryption Standard (AES) encryption algorithm.
NIST’s FIPS Publication 140-2 provides the building blocks for testing, validation and certification of cryptographic modules applicable to sensitive, non-classified data. FIPS 140-2 sets the technical requirements for “cryptographic modules,” defined as “the set of hardware, software and/or firmware that implements approved security functions,” including cryptographic algorithms and keys, and describes 11 required security measures to be implemented through four increasingly stringent security levels.
Agencies must decide what level of security is necessary for any given system, and implement appropriate measures for that system. FIPS 140-2 Level 2 requires that tamper-evident coatings or seals be placed on a cryptographic module so that the coating or seal must be broken to attain physical access to the cryptographic keys.
Classified traffic must meet the more stringent standards of the High Assurance Internet Protocol Encryptor (HAIPE), promulgated by the National Security Agency. Under the “national policy governing the use of High Assurance Internet Protocol Encryptor products,” released in February 2007 by the Committee on National Security Systems, NSA has established partnerships with and sponsored development of HAIPEcompatible devices with private industry. NSA is also responsible for certifying the security and interoperability of new HAIPE devices and of software upgrades to previously certified devices.
COMPLEX CHALLENGES
The need for secure wireless transport of audio, video and data across wide area networks has become increasingly important for the U.S. military. Missions increasingly call for mobility and an expeditionary capability, and a network-centric command and control structure requires the exploitation of information and intelligence wherever a unit may be found.
But the challenge is a complex one, with a variety of hardware components comprising a network carrying a diversity of traffic at different levels of sensitivity, and ranging geographically from central command posts to forward field units. “Wireless communication allows more mobility and more freedom to set up and tear down communications equipment and to move to another remote site,” said Todd Moore, director of product management for communications security products at Harris. “Once you have the network established, you are able to leverage data. Before, you had to lay wires to get network connectivity.”
“You have to make sure that you are linked to the place that has the information you needed and can share it,” added Richard Rzepkowski, Harris vice president for communications security products. “If you need information on the repair status of critical military components, for example, you want to be able to securely query that information from a data repository. You can get that information to where you need it by taking full advantage of wireless network availability.”
But the key is access to a secure network. Military traffic classified at secret or above must be encrypted using NSA’s HAIPE.
HAIPE encryption differs from ordinary, garden-variety security measures. “The HAIPE protocol fully wraps the source and destination information together with the data information packet,” explained Rzepkowski, “so that if you were eavesdropping on the network, you would not be able to know the originator or receiver of the packets you had intercepted.”
In addition, the algorithms used to route packets across IP networks are more complex under the HAIPE regime than with FIPS, added Moore. There is another distinction in devices that meet NSA standards. Suite A encryption includes algorithms and keys developed directly and owned by NSA, and is included on devices available only to individuals who have been cleared by that intelligence agency, explained Rolando Rosas, director of business development at Snap Defense Systems. Suite A devices may be used for top secret communications.
By contrast, Suite B encryption is available to the private sector to be embedded in a wider array of devices to be used, not only by U.S. forces and agencies, but by others, such as coalition partners and domestic first responders. NSA guidelines can allow Suite B devices to be used for communications up to top secret.
Snap Defense Systems develops and markets dual-use devices that look like ordinary cell phones, but are equipped with both FIPS 140-2 and Suite B encryption protocols. The reason for developing such a device for military purposes is to eliminate the need to carry multiple devices, Rosas explained.
“Suite A products are the only products that can be used for certain classified communications,” Rosas said. “In order to even have it on your person, you must be cleared through NSA and have a communications security account with them. That’s going to rule out a lot of people right there, especially those who are not U.S. persons. “This would make it cumbersome and difficult to collaborate with coalition forces,” Rosas added. “Our equipment bridges the gap. It can be exported and owned by incountry people who are cooperating with our forces.”
Snap Defense Systems’ devices facilitate secure point-to-point voice, data and text messaging as well as secure point-to-multipoint voice and conferencing communications through a dedicated server known as a gateway.
“A pure point-to-point device doesn’t go through any specific routing,” Rosas explained. “It goes through whatever network connections are out there.” Mediation of communications through the gateway also adds a level of security by additionally encrypting the origin and destination of the traffic.
Snap Defense Systems devices can also work on public networks as well. The company will be introducing a new product this year that can operate on 3G wireless networks.
MODULAR ARCHITECTURE
One set of products marketed by Harris, SecNet 54, enables a wide variety of devices, including laptop to desktop computers, to participate in wireless networks and to send secure top secret and secret traffic over the network. SecNet 54 is a family of IP communications encryption products designed to keep data, voice and video communications secure.
The product comprises a modular architecture with two components: a cryptographic module that provides all security-critical functions, and an external module that handles the transport of encrypted data over specific protocols. SecNet 54 was designed for use by DoD, the intelligence community, Department of Homeland Security and other federal security agencies.
“SecNet 54 does packet level encryption,” explained Rzepkowski. “The beauty of that is that you can route data packets through intermediary points without having to decrypt them. The payload is fully encrypted and doesn’t get unencrypted until it arrives at the end destination. This represents a significant departure from how encryption worked in the past, when packets had to be encrypted and decrypted at each link. It also facilitates how things operate today under the principles of networkcentric warfare.”
Encryption modules may also be found embedded in other kinds of network devices, such as those meant to enhance the availability of bandwidth between network stations. Gigabit and Ethernet point-to-point wireless links provide additional bandwidth to existing networks and can also be used by military organizations to facilitate temporary and mobile broadband networking in the field.
“These products offer massive bandwidth and a high degree of data security,” said Idan Bar-Sade, senior vice president of engineering and product management at BridgeWave.
BridgeWave wireless links, in the form of 60 GHz and 80 GHz transceivers, offer levels of wireless data security that can exceed that of wired networking counterparts, according to Bar-Sade. “Bridge- Wave links offer physical layer security that exceeds fiber optic cabling,” he said “and on top of that, both state-of-the-art secure network management and the strongest data encryption technology available.”
BridgeWave’s products have the AES protocol embedded into their capabilities, which Bar-Sade noted, provides superior encryption performance to a configuration in which encryption is added on. “One problem with add-on encryption boxes is the additional cost,” he said. “Another is that it makes network configuration, installation and management more complex. The worst thing is the performance. As soon as you turn on the encryption, you see a significant increase in latency and processing time. The boxes needed to encrypt and decrypt the data significantly affect data throughput.”
BridgeWave’s embedded encryption allows networks to operate at full Gigabit Ethernet line speed and adds only two microseconds of packet latency. Bridge- Wave has built-in 256-bit AES encryption available in its 60 GHz and 80 GHz transceivers. “Our products are compliant with FIPS 197, which is effectively a subset of FIPS 140-2 specifications,” said Bar-Sade. “256- bit AES allows for more than 1,077 unique encryption keys.”
BridgeWave 60 GHz and 80 GHz transceivers offer another layer of security as well. They feature very narrow beams, on the order of one degree, that strongly focus the radio frequency energy on a path directly toward the intended destination. A comparably sized 5 GHz antenna has a beamwidth of more than 10 times as wide, transmitting and receiving signals well beyond the location of the intended receiver, while creating the possibility of receiving interference from other radio links.
The higher radio frequencies, on the other hand, effectively isolate a given radio link from other nearby radio links operating in the same frequency bands, and make it almost impossible to intercept the signal and very difficult to jam it without physically blocking the intended radio frequency path.
Bar-Sade sees the applicability of Bridge- Wave products to military scenarios when it comes to the rapid or temporary deployment of networks that require encryption. “Using fiber is not a good option for rapid deployments,” he said. “Tanks run over fibers. Our solution is simple and out of the box. One person can install it with no configuration to increase traffic between two data centers. A single product for wireless communications takes care of the encryption portion and provides a higher level of integration and higher reliability. It also reduces training for two separate products and improves deployment time and the manageability of the entire solution.”
Bar-Sade also sees it being used for rapid connections between data centers and the front lines. “When there is a significant amount of traffic flow to and from the battlefield, you can use it to increase capacity between those locations,” he said. Other military applications include increasing communications capacity between two or more buildings on a fixed base or even within a building.”
MESH NETWORKING
The military’s aspiration for ubiquitous wireless communications, especially in the field, has led to the increasing complexity of network configurations. Industry has been developing, and the military has been testing and deploying, devices that employ mesh networking, which enables devices to configure and reconfigure themselves into ad hoc mobile networks on the fly and as situations change.
These meshing, auto-configuring and self-adaptable devices offer great flexibility to operate in diverse environments by providing secure and steady connectivity with remotely located resources. The network automatically adapts to changes in radio interference, network traffic, mobile nodes and other environmental factors so that the application is not affected.
Wireless mesh networks are multihop systems in which wireless devices assist each other in transmitting packets through the network in adverse conditions such as military operations. A node can send and receive messages, as well as function as a router, and can relay messages on behalf of its neighbors.
Rajant Corp. makes a product called the BreadCrumb, a rugged wireless transmitter- receiver that forms a mesh network using Rajant’s proprietary software when used in conjunction with other BreadCrumbs. A BreadCrumb portable wireless mesh network node contains two radios and supports IEEE 802.11 standards that enable data, voice and video communications.
A resilient mesh network is the key to the company’s offerings, according to executives, who note that they are capable of highly mobile operations. Rajant decided some time ago that it would not make do with bare-bones WPA security. So the company went with 256-bit AES encryption, which executives see as 10 times more robust than TKIP, which is most widely used for WPA.
When the Tokyo hackers demonstrated the vulnerability of WPA, Rajant and others who deployed AES standards were ready. Devices equipped with AES have been demonstrated to be secure against the type of attack demonstrated in Tokyo. Now Rajant includes AES in radios even if they are not required to demonstrate that level of security.
The only downside to FIPS 140-2, according to Rajant, is the excessive time it takes for products to be certified by NIST. The solution, the company suggests, is to develop a fast track certification process for FIPS 140-2 products, one that would take three months.
BUILDING COMMUNICATION
Another major player in the field is Thales, which recently announced the delivery of its own secure high-bandwidth outdoor wireless solution in alliance with E-Band Communications. The product facilitates transmission of Sensitive But Unclassified (SBU) information and is encrypted with the mandated FIPS 140-2 certified hardware and the AES encryption algorithm.
The intent of the solution is to establish point-to-point wireless connectivity between buildings in a campus- like setting, said Juan Asenjo, global product marketing manager at Thales Information Systems Security. But the same advantages also apply to movable types of communications infrastructures. Communications between buildings can be transmitted wirelessly and then routed, if necessary, over other existing networks.
“One of the advantages of wireless communications in general and of this type of point-to-point communications in particular is that the infrastructure can be taken down and put up easily,” said Asenjo. “With wireless technology you can have base camp set up communications with a nearby site. If the camp moves, you can easily re-establish the same connectivity without having to move all of the infrastructure of copper or fiber lines. From a tactical perspective it is very advantageous, but it is also more vulnerable so it needs to be secured.”
E-Band builds and deploys point-topoint line-of-sight connections by placing receiver and transmitter towers on the tops of buildings. But, as Asenjo explained, “There is no security inherent in these.”
As a result, the E-Band products are coupled with Thales Datacryptor network encryption solutions that meet FIPS 140-2 requirements. The solution has been tested, Asenjo said, and the two products demonstrated easy integration and interoperability. ♦