Information
security is becoming a high priority for businesses around
the world.
With the dramatic increase in electronic communications and electronic
commerce, there has been a corresponding increase in the malicious compromise
of that information. In this chapter, we’ll discuss
communications
security (COMSEC), that is; methods that keep important
communications
secure. We’ll also talk about transmission security
(TRANSEC)
— schemes that make it difficult for someone to intercept
or interfere
with your communications.
COMSEC
COMSEC uses scrambling or cryptographic techniques to make information unintelligible to people who do not have a need to know or who should not know. We’ll differentiate here between cryptographic or ciphering techniques applied to digital signals and scrambling techniques applied to analog signals.
Cryptography
is the process of encrypting (translating) information into
an apparently
random message at the transmitter and then deciphering the random message
by decryption at the receiver.
Historically,
sensitive information has been protected through the use
of codes.
The sender would manually encode the messages before
transmission
and the recipient would manually decode the messages upon receipt. Today’s
electronic technologies allow the coding/ decoding
process to
occur automatically.
The process
involves using a mathematical algorithm, coupled with a key,
to translate
information from the clear to the encrypted state. If sensitive information
is transmitted without the protection of cryptography and the information
is intercepted, it would require little effort or resources to understand
the transmittal. The US Government has established standards for the degree
of protection required for different levels of classified and sensitive
information.
In voice communications
systems that do not require extremely high security, you can protect against
casual eavesdropping by scrambling.
Scrambling,
as an analog COMSEC technique, involves separating the voice signal into
a number of audio sub- bands, shifting each sub- band to a different audio
frequency range, and combining the resulting sub-bands
into a composite
audio output that modulates the transmitter. A random
pattern controls
the frequency shifting. The technique of scrambling the
pattern is
similar to sending a message with a decoder ring, like the ones
sometimes
found in children’s cereal boxes. You can, for example,
designate
that the letter c be ciphered as g, a as n, and t as w, so that
when you
receive the message gnw, you decode it as cat. Descrambling
occurs at
the receiver by reversing the process. In today’s digital age,
analog scrambling
has given way to digital encryption.
Digital Encryption
To digitally
encrypt a transmission, analog voice information must be first
digitized
by a VOCODER (as mentioned in Chapter 5), which converts the
signal into
a binary data stream.
The binary
data stream is then applied to what is called a “cryptographic
engine.”
This is a processor which creates an extremely long, non-
repeating
binary number stream based on a complex mathematical algorithm and a traffic
encryption key (TEK). The TEK is a binary number that is used to control
the algorithm.
Binary addition
is then used on a bit by bit basis to merge the cryptographic stream with
the data stream. A binary stream created in this
fashion is
inherently unpredictable, and bears little resemblance to the
original
data stream. It is now called encrypted data or cipher text.
Decryption
can only be accomplished by knowing the algorithm and
the TEK,
and then by reversing the encryption process. The data encryption strength
is a function of the complexity of the mathematical algorithm coupled with
the TEK (sometimes just called the key). Protection of the key is vital.
Even if an
unwanted organization gains access to the encrypted informa-
tion and
has the algorithm, it is still impossible to decrypt the information without
the key. The US Government has developed rigorous key management procedures
to protect, distribute, store, and dispose of keys.
In the past,
keys were manually loaded into a cryptographic device by using
a paper tape,
magnetic medium, or plug- in transfer device. Creation and
secure delivery
of keys to each user were significant problems in both
logistics
and record keeping.
One type of
key management system also used in the commercial sector
is public
key cryptography. Under this standard, each user generates two
keys. One
is the public key, “Y,” and the other is the private key, “X.”
The Y value
derives from the X value. The strength of such a system lies in the difficulty
of deriving X from Y; what is encrypted with the Y key can only be decrypted
with the X key. By openly disseminating the user’s public Y key, and retaining
sole access to the private X key, anyone can send a
secure message
to you by encrypting it with your public Y key. You are the only one, though,
who can decrypt the message, since only you have the private X key.
In a network
using this public key system, two- way secure communications
are possible
among all network users. This is called an asymmetrical key
system. The
alternative is a symmetric key system, in which the same key
encrypts
and decrypts data. Because both the originator and all recipients
must have
the same keys, this system offers the highest levels of security.
Harris has
led the way in developing state- of- the- art electronic means to secure
and distribute key material for these symmetric key- based
communications
systems.
A recent development
applicable to radio networks employs Over- The- Air-
Rekeying
(OTAR). This technique nearly eliminates the need for manual
loading of
keys and provides a secure key management.
OTAR is based
upon a benign key distribution system. It includes a key
encryption
key (KEK) used to encrypt the TEK and any other operational
COMSEC or
TRANSEC keys. This process is referred to as “wrapping” to
differentiate
it from traffic encryption. The KEK is the only key that must
be initially
loaded into both the sending and receiving units. Usually, an
initial set
of operational keys is loaded at the same time.
After wrapping,
subsequent distribution can use any physical or electronic
means. In
an OTAR system, the wrapped keys are inserted into a message
and sent
over a radio link to the intended station using error- free
transmission
protocols (an error would render the keys useless). The link
used for
transmission is usually secured by the TEK currently in use. Thus,
the key material
is doubly protected when sent over the air, practically
eliminating
any possibility of compromise.
TRANSEC
TRANSEC employs a number of techniques to prevent signal detection or jamming of the transmission path. These techniques include hiding the radio transmission or making it a moving target.
Low Probability
of Detection (LPD) systems hide the radio transmission
by transmitting
it using very low power, or by spreading the signal over
a broad bandwidth
so that the natural noise in the environment masks
the signal.
The most commonly
used TRANSEC technique is frequency hopping. In this system, the transmitter
frequency changes in accordance with a complex algorithm so rapidly that
it is difficult for an unauthorized person to
listen in
or to jam the signal. The receiver is synchronized so that it hops from
frequency to frequency in unison with the transmitter. A TRANSEC
key system
modifies the hopping algorithm so that only transmitters and receivers
that use the same key can communicate.
Frequency
hopping scatters the intelligence over several hundred discrete
frequencies.
A radio operator listening to one of these frequencies may
hear a short
“pop” of static. A broadband receiver could perhaps capture
all of these
little bursts; however, the task of picking these bursts out of the other
natural and man- made bits of noise would be daunting, requiring a team
of experts several hours just to reassemble a short conversation.
Jamming one channel would have minimal impact on the hopping communicator. To effectively jam a frequency- hopping radio, most or all of the frequencies that the hopping communicator uses would have to be jammed, thus preventing the use of those frequencies as well. Harris Corporation’s AN/ PRC- 117, AN/ PRC- 138, FALCON and FALCON II transceivers are highly rated for their frequency- hopping capabilities.
National Security Agency (NSA) Certification
The inclusion
of COMSEC and TRANSEC capabilities into radio equipment
requires
stringent design practices to ensure that not even a trace amount
of the unencrypted
signal gets inadvertently transmitted along with the
encrypted
signal.
For example,
an analog voice signal applied to the input of a radio has a
tendency
to cause slight fluctuations in the radio power supply that can
actually
amplitude modulate the output power amplifier of the radio. If
this happens,
a sensitive receiver can detect the unencrypted audio signal.
Having a
copy of both an original and encrypted message not only gives
the enemy
the specific unencrypted message, but places in jeopardy any
signals transmitted
with that same TEK and algorithm.
Similarly,
the cryptographic stream created by the COMSEC engine can
“leak” to
the output through the power supply or because of inadequate
internal
shielding. If the enemy has a copy of the cryptographic stream, it
can be used
to decode the encrypted data.
To avoid these
and other similar problems, an impenetrable interface must
be designed
into the radio and the COMSEC and TRANSEC modules that
keep the
unencrypted signals totally separated from the circuits that create the
radio frequency signal. Those circuits that are associated with unencrypted
input signal are called “Red.” Those associated with the encrypted signal
are called “Black.” Red/ Black interface is the barrier between them.
In order for
a manufacturer to furnish COMSEC and TRANSEC modules and radios for high-
grade US Government use, a thorough testing program
must be designed
and then approved by the National Security Agency.
The radios
are then meticulously tested by NSA experts to ensure that
not a trace
of unencrypted signals escape into the radio frequency signal
stream. Only
after passing many such tests can a company be certified
to produce
this high- grade type of cryptographic equipment.
Harris Corporation,
RF Communications Division, is a supplier of NSA-
certified
products and is a preferred supplier of information security for
the US Government
and the US Department of Defense. It is a leader in
the development
and production of US Government and exportable security products. The company
also provides a comprehensive line of secure products for the non- US Government
market. Harris radios have a wide variety of modern COMSEC and TRANSEC
engine options. These engines are also available as modules for incorporation
in OEM hardware.
Presidio
Presidio is
a high- speed full or half- duplex embeddable US government
COMSEC module,
used to secure digital voice or data traffic over radio,
wireline
or other telecommunications media. Presidio is capable of data
encryption/
decryption at speeds up to E1 (2.048 Mbps) data rate. Presidio
offers COMSEC
equipment manufacturers a wide range of interoperability
and key management
features as well as reduced size, weight and number
of devices
required, making Type 1 certification an easier process.
CITADEL ™
The CITADEL
cryptographic engine provides high- grade protection for US
domestic
and international customers over all modern communications media. It is
available with configurable key lengths and multiple algorithm options,
making CITADEL an ideal export encryption solution for a broad range
of communication products. The CITADEL supports both COMSEC and TRANSEC
functions allowing the device to be adapted to virtually any
communication
environment.
Sierra ™
The Sierra
module addresses the need for an encryption technology that
combines
the advantages of the government’s high- grade security with
the cost
efficiency of a reprogrammable, commercially produced encryption
module. It
provides a common security solution to users that can take on
multiple
encryption personalities depending on the mission that has
been programmed.
SUMMARY
COMSEC uses
cryptography or scrambling to make information
unintelligible
to people who do not have a need to know or who
should not
know.
The security
level of a COMSEC system depends on the mathematical
complexity
of the algorithms and the number of variables in the key.
Protection of the key is vital to securing the transmitted information.
Public key cryptography is widely used in the commercial sector.
Over- The- Air- Rekeying (OTAR) eliminates the need for manual loading of keys and provides a more secure method of key management.
TRANSEC protects the transmitted signal itself, to prevent signal detection or jamming of the transmission path.
Low Probability of Detection (LPD) systems use spread- spectrum and other techniques to “hide” the signal beneath the natural noise level.
Frequency- hopping radio systems jump rapidly in unison, from one frequency to another in apparently random patterns, using a common timing reference.
Presidio,
CITADEL, and Sierra are modern COMSEC and TRANSEC
engines.