Multi-Mode Digital Data Encryptor supporting Multiple Data Protocols and Electrical Interfaces
Available Interface Variants Include:
» RS-232C / V.24
» CEPT E1 / G.703 (2,048kbps)
» US (ANSI) T1 (1,544kbps)
Applications
Available versions of the DLE-7050 support a wide variety of interfaces, data rates, and communications protocols.
CEPT E1 (G.703) and ANSI T1 (T1.403) units operate as 'frame sensitive' data encryptors, encrypting only the payload data leaving frame signaling information unencrypted. This supports installations where network devices or other higher order multiplexer devices need to see unencrypted framing information.
When configured for operation with RS-232 equipment, the DLE-7050 performs as a synchronous, 'bulk' data encryptor. Operation on asynchronous RS-232 data connections is also supported where the start and stop bits are left plaintext, but the payload data is encrypted in bulk data encryption fashion. Half duplex versions of the asynchronous RS-232 DLE-7050 are also available.
The DLE-7050's rugged design allows it to be inserted into many environments where commercial grade devices would not survive. Unit set-up may be performed using an attached data terminal, or via the unit's front panel controls and liquid crystal display.
Data Encryption
The DLE-7050 uses dual, independent, bi-directional encryption engines incorporating
TCC's proprietary hardware (ASIC) based DACE Mark XII encryption algorithm. This
ASIC chip delivers highly non-linear, non error propagating key generation fully supporting
all of the interface options and data rates noted above.
Two menu-selectable methods of key management are supported: (a) manually distributed traffic keys (called 'Master Keys'), or (b) manually distributed key encrypting keys ('KEKs') used to encrypt locally-generated traffic keys ('Session Keys') over the established data link between two data encryptor devices. The second method is also referred to as 'Key-Auto-Key'.
The DACE Mark XII crypto engines use three different keys when encrypting or decrypting data traffic. Two are 'long term' key variables (the Family Key and the Custom Key) while the other is a 'short term' key variable. Depending on key management mode, the short term data encrypting key (DEK) is either a 'Master Key', or a unit self-generated 'Session Key'. Together they provide a total of 308-bits of key diversity.
» Master Key (or Session Key) = 180-bits
» Family Key = 64-bits
» Custom Key = 64-bits
In addition to the three keys above, a randon initialization vector (IV) is generated. After it is encrypted for transport, it is referred to as a Message Key. A new Message Key is generated each time an encryptor and its associated decryptor state machines synchronize.
» Message Key = 33-bits
Technical Specifications
ENCRYPTION / CRYPTOGRAPHYDace Mk XII Proprietary Key Stream Generator
» Two Secondary (Longer-Term) Keys » Key Management Keys (2 each / 180-bits each) » 'Message Key' (33-bits)
SYCHRONIZATION METHODS(1) Exchange of Master Key's Index
(2) Exchange of Encrypted Session Key
SECURITY FEATURES» Front Panel Key Erase
|
ELECTRICAL INTERFACES
|
Quality
TCC is dedicated to quality products and services. TCC is ISO 9001 certified. ISO 9001,
granted to TCC by TUV, is the most stringent standard available for total quality systems in
design/development, production, installation and servicing.
Copyright © Technical Communications Corporation 2001
Cipher X is a trademark of Technical Communications Corporation.
Other brand and product names may be trademarks or registered trademarks of their
respective owners.
All specifications are subject to change without notice.
