Military crypto modernization leads to applications like smartphones, tablet computers on the battlefield
SPECIAL REPORT, 28 Nov. 2011. Embeddable cryptographic processors are enabling a host of new defense communications applications, such as smartphones and tablet computers for tactical use on the front lines, as well as secure tactical Wi Fi, unmanned vehicle control, and real-time targeting. The relentless forward progress of microprocessors, field-programmable gate arrays (FPGAs), digital signal processors (DSPs), small-form-factor single-board computers, and other advanced embedded computing technology also is making wireless communications safer and more secure.
While previous generations of military cryptography mandated the use of secret algorithms and stand-alone encryption hardware, today's encryption technology increasingly is using commercial off-the-shelf (COTS) crypto algorithms and processing hardware as perhaps the most effective way of fighting off the effects of technology obsolescence, enabling network-centric military operations, coping with a flood of data dissemination and data sharing, making imagery and video a central component of military intelligence and situational awareness, fielding new technology quickly, keeping the costs of developing and maintaining cryptographic technology to a minimum, inserting the latest cryptographic capability into legacy secure systems, and ensuring interoperability among U.S. and allied secure communications and computer systems.
The heart of U.S. military cryptography has been, and remains today, the National Security Agency (NSA) at Fort Meade, Md. Any military communications or computing system using security encryption is subject to approval by the NSA to certify that encryption is effective and implemented correctly. Until recent years, moreover, the NSA actually developed military encryption algorithms, and maintained each algorithm as a closely held secret. These classified crypto algorithms were designated "Type 1" security.
-- Top secrets: securing sensitive data
-- Air Force making progress on standard cryptographic modules for information security
-- US Air Force chooses Raytheon to modernize cryptographic units.
While the NSA still creates and administers classified Type 1 -- or what today is called "Suite A" -- crypto, what is new today is how the NSA amasses the nation's arsenal of cryptographic technology. NSA over the past several years has begun accepting unclassified crypto algorithms created in private industry, as long as NSA experts can verify the effectiveness of these algorithms and certify them for deployed military systems. Industry-developed non-classified crypto algorithms most often are known as "Suite B" cryptography.
The NSA and U.S. Department of Defense (DOD) began the continuing Cryptographic Modernization Program in 2005 to solve problems in older crypto approaches, which included obsolescence, expensive maintenance, insufficient bandwidth, and difficult systems integration and systems upgrades.
Before the crypto modernization program began, "there hadn't been many changes in how we developed and fielded crypto solutions," explains Aaron Brosnan, director of tactical systems at military radio designer Thales Communications Inc. in Clarksburg, Md. "It was an obsolescence issue. We had crypto box solutions that were going obsolete and couldn't be supported anymore."
In addition, current needs for small electronic devices for applications such as unmanned vehicles or handheld devices is incompatible with legacy crypto technology, points out Don Turrentine, information assurance and core product manager at Rockwell Collins in Cedar Rapids, Iowa. "Back at the beginning of crypto modernization, the normal size of a cryptography subsystem might have been a 3-by-5-inch circuit board. There are now cryptographic subsystems on a chip about the size of your thumb nail."
Compounding the problem today, Brosnan says, are more complex military communications, and the need for radio and crypto interoperability to communicate sensitive information with allied forces. "Nowadays everything is networked, and we need to use commercial solutions," Brosnan says. "You can't use point-to-point communications anymore, and we need to communicate with coalition forces."
The case for crypto modernization
Data throughput in legacy crypto devices has failed to keep pace with modern military communications technology. "The previous generation of cryptographic equipment had throughput of less than 20 megabits per second, and that would cover all the devices," says Rockwell Collins's Turrentine. "Today industry can provide to the DOD cryptographic throughput in the tens of gigabits, which allows quick encryption and decryption of streaming video. The military can analyze this information and get usable intelligence back to the warfighter in a matter of minutes. That same process previously would take hours, if not days."
In the recent past, most U.S. military cryptography involved hard-coded devices that were difficult and costly to upgrade, points out Troy Brunk, senior director of airborne communications products at Rockwell Collins. "Now crypto is in the way of software-defined technology, loadable crypto, and loadable updates to crypto."
Brunk says military networking, computer technology, and information flow has exploded in recent years, which drives home the realization that "we can't afford to be in a stove-pipe mode. We have to be able to respond to the technology quicker, hence the software-definable and -loadable algorithms."
Staying with a system in which the NSA creates and maintains all crypto algorithms is simply too expensive for the government, says David Kleidermacher, chief technology officer at real-time software specialist Green Hills Software in Santa Barbara, Calif. "NSA says it's too expensive to rely on these proprietary standards, and needs to take advantage of the commercial market, as well as promote open standards that get closer to what they need."
Modern crypto approaches
Now that NSA officials are allowing the use of unclassified, industry-developed crypto algorithms for certain kinds of military communications, the typical crypto approach today involves three components: Suite A crypto, which uses classified NSA-administered algorithms for the most secret and sensitive communications; Suite B crypto, which uses unclassified crypto algorithms developed in industry; and the so-called "layered COTS" approach that layers different security products from different commercial vendors in a "good-enough" approach where appropriate. All approaches are subject to NSA certification and approval.
Suite A offers the highest level of security, and also is referred to as "Type-1" crypto. "Suite A is a classified algorithm -- even the algorithm is classified," says Thales's Brosnan. "You have to lock it up at night, and be careful how you treat it." Suite A crypto is used for government communications up to top secret and beyond.
Still, Suite A crypto still has many of the problems associated with legacy crypto: it is difficult and costly to develop, maintain, and implement. It places a severe time and cost burden on the NSA. Suite A-encrypted systems, moreover, must be handled only by personnel with appropriate security clearances. Those without clearances cannot operate Suite A equipment, which severely limits how military forces can use it in the field.
Suite B crypto uses unclassified algorithms, which are openly published and understood. "People know it, and know how it works, but what makes it secure is how you implement it," Brosnan says. Since Suite B crypto uses unclassified algorithms, personnel without security clearances can operate equipment using Suite B encryption, which opens up its use to a broad variety of warfighters -- particularly those on the front lines. Suite B crypto often is appropriate for secret or otherwise sensitive information with a short shelf life -- such as a position report on a moving enemy force.
Layered COTS, also called Commercial Solutions for Classified (CSFC), is perhaps the newest approach to crypto modernization. "Layered COTS means taking different security products from different vendors, and laying one on top of the other, and is good enough to protect secret," explains Mike Guzelian, vice president of secure voice and data products at General Dynamics C4 Systems in Scottsdale, Ariz.
"You could have a laptop that runs a CISCO VPN piece of software -- that is one layer of encryption -- next to Juniper Networks running another layer; the data is getting encrypted twice," Guzelian says. "The concept is it is less expensive and easier to use, but it really depends on the application."
While layered COTS might not be quite a secure as Suite B and Suite A crypto, this approach holds the promise of being relatively inexpensive, quick to develop and field, and easy to maintain, in applications where it is appropriate. "You take commercial equipment, and layer off-the-shelf technologies out to the network and enterprise area," says Richard Takahashi, director of information assurance products at military radio designer ITT Exelis Communications Systems in Tempe, Ariz.
"By layering different technologies you have equipment that can handle secret and below data," Takahashi says. "The objective is to take advantage of commercial technology -- particularly mobile devices -- to handle secret-and-below data. The compromise is you are using off the shelf technology rather than full-custom secure equipment."
Suite A crypto has limited use, layered COTS crypto still is in its infancy, and most of industry's attention in cryptography and crypto modernization is on Suite B, industry experts say.
The primary enabling technologies for crypto modernization are the latest generations of small, fast, and power-efficient microprocessors, FPGAs, DSPs, and hypervisor software that enables different software operating systems to run together virtually with little risk of operating systems or data corrupting one another.
Encryption algorithms can be long and complex, yet today's microprocessors, FPGAs, and DSPs have evolved in capability such that they are able to handle running crypto algorithms in real time. "We use the latest FPGA technology -- nothing fancy," says General Dynamics's Guzelian. "Commercial processors have gotten to where they are fast enough to do it."
As commercial processor technology has increased in speed and capability, so has industry's ability to capitalize on commercial processors to develop specialized crypto processors -- particularly for embedded applications in small handheld devices. "The enabling technologies are the COTS programmable crypto devices," says Thales's Brosnan. "There are a number of people who make that encryption device -- L3, Raytheon, General Dynamics, Harris, ITT, and others."
Thales is using the company's Suite B-certified COTS programmable crypto processor in the Thales Rifleman radio, which is a handheld software-defined radio for infantry soldiers that complies with the DOD's Joint Tactical Radio System (JTRS) program, Brosnan says.
"It can be a simpler implementation, because the crypto is in the software, and can take advantage of commercially available algorithms," Brosnan says. "The whole idea of Suite B is getting NSA involved to endorse commercial algorithms, and if NSA decides it is implemented properly, they will certify the device."
At Rockwell Collins, company crypto experts launched a program about six years ago to develop the company's own programmable crypto engine and embed it in products such as the Rockwell Collins AN/ARC-210 military radio for aircraft, Brunk says. Embedding crypto in the radio saves space and weight, and enables the company either to make more lightweight radios or add capability.
Perhaps the most exciting aspect of crypto modernization involves the new applications that new crypto design approaches will facilitate. Among the highest-profile new applications will be commercial cell phones and tablet computers on the battlefield.
Green Hills Software, for example, is using its hypervisor technology to enable Android smartphones to run unencrypted data and encrypted secure data side-by-side on the same device, Kleidermacher says. "We are working with the NSA and some of the [cell phone] carriers on the leading edge of satisfying these emerging government requirements," he says. "We make the phone so it can be used in secret, and perhaps even to-secret communications using standard Android stack and protocols, and come up with Suite B-compliant VPN and secure voice capability."
ITT Exelis is developing two Android hand-held products that will be considered for front-line military use -- the GhostRider cell phone and the GhostWarrior tablet computer, Takahashi says.
The enabling technology for GhostRider and GhostWarrior is a secure network processor that packages together with the battery of a commercial smartphone or tablet computer. This technology also could be used to secure Wi Fi access points, personal computers, or USB data storage devices.
ITT Exelis officials have demonstrated the GhostRider secure network processor with a commercial smartphone, and say they hope to receive NSA certification for the device sometime next year. "Our technology is platform-agnostic," Takahashi says. "We can use any commercial smartphone that is Android based by replacing the original battery with our battery, which is coupled with our network processor."
One of the features of the GhostRider cell phone is operating on unsecure commercial networks and secure military networks with the same device, Takahashi explains. "While the soldier is in garrison, he could use the phone to call home, but then bring it into the field to use for tactical communications."
This kind of embedded crypto also could be used for secure data exchange and control of unmanned vehicles, as well as sending secure targeting information from soldiers on the front lines to attack aircraft in the area, officials say.