Encryption Evolution

Written by Peter Buxbaum

MIT 2009 Volume: 13 Issue: 11 (December)

The U.S. Joint Forces Command (JFCOM) is currently in the process of testing and evaluating a new encryption technology designed to lower costs and maintain security by allowing various Department of Defense networks operating at different security levels to merge onto a single network infrastructure while keeping data exclusive to authorized user groups.

The project will test the Unisys Stealth Solution for Network, a secure information sharing system that seeks to obscure the existence of classified sources of data from hackers, while also employing both new and traditional encryption methodologies.

The initiative is just one of a number of ongoing efforts by military and industry to develop encryption techniques that are ever more secure and efficient. Especially with the growing popularity of wireless systems, encryption technologies—with their promise of solving the age-old dilemma between the need to share information and the need to safeguard it from others—are a vital aspect of operations.

“Encryption is needed to protect information to ensure the confidentiality of data,” said Juan Asenjo, senior global product marketing manager at Thales Information Systems Security. “In today’s environment, increasing amounts of data are being used, and are being stored and processed on a highly distributed basis. This increases the threat of exposure of data and requires more protection for the data.”

Encryption is frequently faulted for slowing down data operations and requiring a high level of overhead, but both of those drawbacks are avoidable, said Asenjo. “Properly applied, encryption can be very effective, and can enable more cost-effective data transport. These days data is more exposed, but if you take care of encryption, you’re OK.” At the cryptographic level, the Stealth solution embeds encryption technology from Security First Corp. that is compliant with Federal Information Processing Standards (FIPS) 140-2, a standard promulgated by the National Institute of Standards and Technology (NIST) that DoD requires to be implemented on all systems carrying sensitive, unclassified data.

BIT SPLITTING

Stealth also uses a methodology known as “bit splitting,” in which packets of data are divided into multiple units as they move through the network, and are then reassembled for delivery to authorized users. The technology also facilitates the creation of virtualized and isolated communities-of-interest, which protects each community’s data while allowing the controlled sharing of information between communities. Users are required to possess a specific community “key” in order to decrypt data.

“The JFCOM testing will show whether data of different classes can move on the same wire and be properly received,” said David Gardiner, director of security technology solutions at Unisys. “The testing will also determine whether such a system can be deployed in the field, in an environment such as Iraq or Afghanistan, to use local networks to facilitate communications between U.S. forces and others, such as local armed forces or police, while keeping data secure.”

Gardiner expects both JFCOM tests to be completed by the end of 2010.

Unisys settled on the Stealth nomenclature because of the impact the product has on an installed device. “Stealth makes it appear to disappear,” said Gardiner. “When hackers probe a network looking for interesting devices, a component on which Stealth resides would not respond, with the exception of some mandatory device responses enabling it to participate on an IP network.”

Bit splitting provides a number of benefits when it comes to the protection of data, according to Gardiner. “First, each of the community-of-interest channels encrypts data at 256-bit Advanced Encryption Standard [AES], which is not uncommon,” he said. “Then the software scatters the data across some new number of packets.

“The result is that even if a hacker stole one of the packets and could decrypt it, which is almost impossible, the data would still be useless. The data no longer exists in any of the packets as a representable item. The need to possess the community-ofinterest key makes it exponentially more difficult. It’s like having two layers of encryption,” Gardiner explained.

The use of communities-of-interest enables sharing of the same physical or virtual information network without fear of another group accessing their data or workstations and servers. By assigning a digital work group key to each community-ofinterest, Stealth can ensure that users cannot access data outside of their assigned communities.

“The community-of-interest key defines a community of users and the business functions that belong to that particular group,” Gardiner explained. “A user without the proper community key can’t participate.”

CLASSIFIED/UNCLASSIFIED CHANNELS

The original DoD requirement that led to the development of Stealth was to find the simplest way for warfighters to be able to connect to any network available to them to get to their home base, while knowing that the data is protected, Gardiner said.

Some special operators in forward positions carry three satellite dishes with them in order to maintain connectivity. “That is a difficult proposition for troops on the ground,” he continued. “They want to carry one dish to get to any available network.”

Unisys was recently awarded a contract by Special Operations Command to test Stealth capabilities for both stored data and communications that will seek to demonstrate that both classified and unclassified data can be accessed securely across the same channel. Stealth allows users to save money by collapsing separate networks onto a single infrastructure, Gardiner asserted.

Stealth employs patented technology from Security First to encrypt data, “bit splits” that data into multiple packets as it moves through the network, and then reassembles the information packets for delivery to authorized users. These packets are proved secure through the use of certified encryption compliant with FIPS 140-2.

FIPS 140-2 provides the building blocks for testing, validation and certification of cryptographic modules applicable to sensitive but unclassified data. It defines cryptographic modules as “the set of hardware, software, and/or firmware that implements approved security functions,” including cryptographic algorithms and keys, and describes 11 required security measures to be implemented through four increasingly stringent security levels.

Agencies must decide what level of security is necessary for any given system and implement appropriate measures for that system. FIPS 140-2 Level 2 requires that tamper-evident coatings or seals be placed on a cryptographic module so that the coating or seal must be broken to attain physical access to the cryptographic keys.

Classified traffic must meet the more stringent standards of the High Assurance Internet Protocol Encryptor (HAIPE), promulgated by the National Security Agency. Under a national policy governing the use of HAIPE products, released in February 2007, NSA has established partnerships with and sponsored development of HAIPE compatible devices with private industry. NSA is also responsible for certifying the security and interoperability of new HAIPE devices and of software upgrades to previously certified devices.

HAIPE encryption differs from FIPS 140-2 measures in that “the HAIPE protocol fully wraps the source and destination information together with the data information packet,” explained Richard Rzepkowski, vice president of communication security products in the RF Communications Division of Harris Corp. “Someone eavesdropping on the network would not be able to know the originator or receiver of the packets that had been intercepted.”

In addition, the algorithms used to route packets across IP networks are more complex under the HAIPE regime than with FIPS, said Todd Moore, director of product line management for communications security products at the Harris division.

Another distinction distinguishes devices that meet NSA standards. Suite A encryption includes algorithms and keys developed directly and owned by NSA, and is included on devices available only to individuals who have been cleared by that agency.

By contrast, Suite B encryption is available to the private sector to be embedded in a wider array of devices, to be used not only by U.S. forces and agencies, but also by others, such as coalition partners and domestic first responders. Suite B devices are used for communications up to the secret level.

SUITE B RADIO

Harris Corp. recently announced that it had received certification from NSA for the first tactical radio to use only Suite B encryption technology. Harris and NSA collaborated on the new technology, which was designed to simplify communications interoperability within multinational coalitions. These radios will be commercially available to coalition partners with limited restrictions.

The Harris RF-310M-HH multiband, multimission, softwaredefined Suite B radio is certified to transmit voice and data up to the secret level. The radio, covering the 30 MHz to 512 MHz frequency range, is interoperable with other software-defined radios such as the AN/PRC-152(C) handheld and AN/PRC-117G manpack radios provided by Harris under the Joint Tactical Radio System (JTRS) program. There are more than 80,000 AN/PRC-152(C) radios deployed around the world.

“This is the first time when Suite B is the only technology included in the radio,” said Rzepkowski. “Previously radio products built for sale to the U.S. government included both Suite A and Suite B.” Besides making advanced radios available to coalition partners, who are not authorized to acquire Suite A products, the Suite B-only configuration also cuts down on the stringent security measures required by NSA for Suite A products.

“We see this—and NSA sees this—as a breakthrough capability,” said Hal McDougall, vice president and acting general manager, international business, RF Communications. “In places like Afghanistan, we will be able to get radios in the hands of our international allies and allow communications with our forces.”

The new radio was developed with internal Harris research and development funds and not as part of a government-sponsored program. “But we knew this project was of high interest to NSA,” said Rzepkowski. “NSA wants the Suite B standard to be used much more broadly.”

Encryption is not immune to the same vulnerabilities that afflict perimeter defenses. The capabilities of potential attackers improve even as defenses are being strengthened. Computers continually get more and more powerful over time, and that means putting higher levels of computing prowess into the hands of hackers, as well we others, to the point where even complex cryptographic keys could be vulnerable.

“Encryption is really nothing more than a mathematical computation for the scrambling of data in a way that renders it unreadable to anyone who doesn’t have the key to decipher the data,” said Asenjo. “But with the advent of distributed computing and greater computing power becoming available to anyone, the level of difficulty required to break an encryption has become more of an issue. New capabilities and new methods are needed to make the process stronger and more robust.” QUANTUM FUTURE

The primary architectural model for communication in a network across different equipment and applications, the Open Systems Interconnection (OSI) model, posits seven data transfer layers. Most encryption activities take place at the third layer, known as the network layer. Thales, however, has developed encryption software that acts at the second, or data link, level. Layer Three determines how data is transferred between network devices and routes packets according to network device addresses. Layer Two defines communication links, frames packets, and detects and corrects packet transmission errors. “Layer Three encryption can be effective in a lot of ways,” said Asenjo. “But it can also introduce latencies, especially when it is deployed for replication and recovery on the growing volumes of data housed in data centers. It can become taxing on the operation.”

Encryption at Layer Two is less complicated than at Layer Three, according to Asenjo. “It doesn’t matter whether it is deployed in a local area network or across the big pipes on information superhighways because it is protocol independent,” he said. “You don’t have to deal with how packets and frames are assembled for encryption and decryption as you do with Layer Three.”

Layer Two encryption works well in the point-to-point connections typical of data center recovery operations, said Asenjo, and is also more effective than Layer Three encryption in the growing phenomenon of cloud computing environments, in which multiple users share the same infrastructure over a network. Layer Two encryption has been on the market for a number of years and has been deployed in U.S. military and intelligence environments.

The new methodology of quantum cryptography, meanwhile, uses the principles of quantum physics to immunize data scrambling from the onslaught of increased computational capabilities. Traditional encryption involves passing material through a mathematical algorithm to generate the encrypted text. Quantum cryptography takes that to a new level.

“Quantum cryptography key material is derived through probabilistic material derived from quantum mechanics,” said Asenjo. “It is very abstract and highly secure. The key material is unique to any two parties and extremely difficult to replicate. The overall encryption process becomes that much more robust.”

Quantum cryptography has thus far enjoyed a limited level of deployment and has not yet made it to the mass market. But Asenjo predicted that this new encryption methodology will be picking up steam over the next five years. ♦

Back to Top