Technical White Paper Discussing
Encryption Definitions and Methods
Used in Data Communications Systems
Introduction:
This paper provides some definitions as well as an introduction to typical topologies used in the integration of data encryption equipment into communications systems. Definitions are provided as an aid to the reader.
A brief historical glimpse into data transmission systems is also presented. This historical perspective addresses the acknowledged need for encryption in data networks passing sensitive data, as well as the advantages of offering security options in commercial leased data networks’ list of available features.
While this paper is not intended to delve deeply into the internal workings of any particular data security product, (i.e., product-specific encryption algorithms) it does differentiate between some popular applications as they apply to data communications topologies. It also concludes by addressing a few commonly asked questions and introduces certain security solutions offered by Technical Communications Corporation.
As a lead-in to the subject of data encryption, a short introduction into the history of binary-based data systems is offered.
Part 1. Data Transmission Systems (A Historical Outlook):
Since the early days of radio and telegraph, the world has undergone a remarkable transformation in the way it views data. The ability to encode information in some storable manner, (other than pen-to-paper) has opened the world to virtual real-time shared databases, that in turn link thoughts, initiatives, concepts, product inventories, news ‘bytes’, stock reports, etc. Sending shared data, and the systems that support the flow of this data, have become an integral part of modern life.
There are many modes of data flow, however they can be generally grouped into two categories: shared and private. At the risk of reciprocation, it should be said that even private communications channels (or circuits) sometimes use shared communications media.
Private (Data) Communications Channels.
- As an example, a private communications channel (dedicated radio channel) is typically defined as a center frequency and a specified bandwidth allocation. The user of this frequency may 'own' the frequency, but the radio frequency spectrum is a globally shared media. The fact that the frequency is granted to a particular group of authorized users, is no guarantee that other non-authorized users may break in and attempt to use the channel or to covertly monitor the channel. Additionally, the privately owned channel in one geo-political region my share the private radio channel with other groups of users located elsewhere on the planet.
- Another example of a dedicated channel is a non-switched telephone circuit. These are generally used by agencies that require immediate access to the channel, and cannot risk the chance of a delay in connection caused by switching through shared communications lines. In some cases, the users, (e.g., a military organization) may indeed own the circuit, but it is more likely that even these dedicated telephone channels are often leased from a 'provider'. In either case, dedicated lines are often susceptible to unauthorized monitoring during some portion of their routings.
Shared Data Communications Channels are much more common in use for reasons of economy and circuit switching flexibility. Few people can afford their own long-haul data communications channels, and unless dedicated channels have an independent back-up channel capability, they may have appreciably less than 100% availability. Shared communications paths very often provide many pluses in terms of circuit re-routing and reliability. Shared communications obviously also have vulnerabilities, as unauthorized persons or agencies can covertly (or overtly) intercept and even modify the data contents along the communications route.
- The classic example of a shared data communications channel are public telephone systems where public and private data (via a modem) is sent via ‘dial-up’ phone circuits. The Ethernet is another shared communications media that uses the switched public phone systems of countries around the world. Phone circuits are almost universally sent out with no protection from monitoring or interception. A phone channel is generally grouped with other channels in a ‘multiplexing’ arrangement, to conserve communications channel assets. The degree of privacy is only as good as the non-authorized user’s ability to tap the channel(s) and extract the data.
- Another example of shared data channels is a computer's wide area network, (WAN) that leases channels from a data carrier. These channels may be switched or configured as non-switched (or ‘permanent’) circuits. In WAN communications, the cost of the channel is generally determined by not only the amount of data (number of Bytes), but also by the user’s priority (immediacy) for those Bytes. A user can generally save on a circuit if the data is delayed, thus allowing a higher priority user’s data to transverse the shared channel ahead of the lower priority user’s data. As WANs become more popular, the commercially available systems that allow a user (authorized or unauthorized) to monitor or otherwise intercept these communications, become much more affordable and available.
Part 2. Definitions:
Data Channel Errors/Delays - Most users of data channels are not as concerned with data bit stream or data packet delays as they are with data errors. A data channel may not tolerate bit errors and may make use of extensive amounts of forward error correction (FEC), or use signaling (Ax/Nachos) to initiate data re-transmissions in order to prevent or correct errors at the destination data terminal. Digitized voice channels (typically more effected by throughput delays than occasional bit errors) perform in may respects like digital data channels, in that the channel processing performed on the digital voice traffic is identical to that of data traffic. In many multi-channel systems, voice and data signals are intermixed in a multiplexer and are treated identically within the communications pipeline.
Full Duplex - simultaneous, bi-directional traffic between two (or more) users.
Intrusive vs. Non-intrusive Cryptographic Methods - Most systems are made up of various sub systems or components that treat or process channel information. In most cryptographic equipment, the introduction of an encipher, (and a later decipher process) is designed to provide a non-intrusive presence, particularly when the cryptographic equipment is placed in a bypass, or 'Plain' mode of operation. This methodology dictates that the end users of an encrypted data system do not detect the presence of the cryptographic sub-components within the system architecture. The possible exception to this are some additional throughput delaya introduced by signal processing, and occasionally by user management (mode selections and indicators).
Examples of intrusive presence is where additional connections (patches) are required, or complex channel establishment procedures (special lines or trunks) are needed. Also, other undesirable features, i.e., degraded quality (increased bit errors), reduced data throughput (less ‘bits’ or ‘packets’ per second), or other measurable channel qualitative or quantitative degradations are included.
ISO (International Standards Organization) 7-Layer Communications Model - A separate TCC White paper is planned that will discuss this 7-layer model and will address at which layers TCC encryption products are typically placed. In general terms, this layered model presents a way to segregate the data handling responsibilities when processing data through both physical and virtual channels. The processing that occurs at any given level; 1 through 7, needs only be concerned with the layers immediately above or below it. This layered protocol approach limits the scope of complexity for any in-line application (such as a data encryptor) that must differentiate between individual packets by their source and destination addresses (defining ‘virtual’ circuits). From a cryptographic standpoint, the address information must obviously be left in the ‘clear’ while the data 'payload' may or may not selectively need encrypting, depending on the set-up for the given virtual circuit’s packets (e.g. set to: Plain, Secure, or Blocked).
The encryptor would therefore not need to know the structure of every data protocol in the system as it would be designed to operate at a particular ISO, or other protocol layer. The layered structure simplifies interfacing by clearly defining the structure of the packet at that layer, and by limiting the unnecessary packet details of higher layers that are irrelevant to the encrypting process at the lower layer. An example of a non-electronic, multi-layer network is described below:
An analogy of a ‘packet’ system based on a layered protocol is a country’s Postal Service, that routes letters, i.e., 'packets', between addresses (source and destination). Let us say that you are the sender of a ‘packet’ (your letter).
You place the destination address on the front of the letter and your return address (source address) in the upper left corner on the front of the letter. You are not necessarily concerned with the actual routing the letter takes as long as it arrives safely and in a timely manner.
The postman who picks up your letter needs to know where to pick up your letter (what house or postal drop box) that corresponds to your address, and to what postal substation the letter needs to be sent. But he or she is also not concerned with the routing beyond that point.
Another postal employee at the postal substation is tasked with routing the letter to the intended city (on the "destination address" portion of the letter). He (or she) is not concerned with where the sender’s (your) house is located, or where the home or office of the intended recipient is (except for the general geographical area, or the city and state on the envelope).
The letter may be combined in a pouch with many other letters heading to the recipient’s city, and the pouch needs to be sent to an airport that services that city identified on its label, but the substation employee need not have knowledge of what actual flight is to be used.
At the airport, a postal agent collects pouches from many different postal substations in your city’s geographic area, and sends your letter’s pouch to a selected Airline baggage office. The agent at the airline baggage office is interested in the pouches’ destination city or cities, but is not concerned with the content of the pouches themselves.
The example continues in reverse at the destination city, until the postal employee at the end of the process places the letter (your packet) in the box of the end address.
It stands to reason that the entire process can be (and is) fairly intricate with the "packet" serviced by many different "layers" in the process, but it is also apparent that the individual "layer’s functions" can be defined in such a way as to ensure that the "packet" arrives at its destination reliably due to the "layered" architecture used by the postal system. The "hand-off" of your original packet by each "layer" of the postal system results in a reliable service using the "shared" postal delivery system.
Local Area Network (LAN) - A shared physical medium (various cable types, fiber optic strands, broadband radio signals, etc.) providing the distribution data that is configured in data packets. A typical LAN is often serviced by a LAN Host terminal that offers additional network management services (e.g. E-Mail, networked printers, etc.), mass data storage (File Server), and communications interconnects (e.g. bridges, routers, etc.) to other LANs or wide area networks (WAN) interconnections. The two most common LAN topologies are "Ethernet" and "Token Ring".
Packet Communications - The concept of packetizing data was a direct result of the need to share physical communications links between multiple users. The complexities of packet preparation, addressing, collision detection, re-sending (when errors or collisions occur), etc. was a necessary trade-off when the decision was made to accommodate multiple operators (users) on a given media. From a technological perspective, it was a logical outgrowth from the Time Division Multiplex (TDM) based systems where "time slots" were allocated to users, but time slots were not very flexible in terms of surges or lulls in data transmission demands. The introduction of the data packet allowed sharing a communications path as was available in a TDM system while accepting the surges and lulls in data demands. Management of the Packet system is performed by monitoring the packet activity on the media (LAN or WAN) and assessing charges as appropriate for the measured number and/or size of the data transported, as well as any additional charges for prioritized handling, data protection (encryption), etc. A number of packet protocols exists, that generally differ in how they handle payload size, packet collisions, transmission speed, packet hand-off, and differing physical transmission media.
Protocol Sensitive Encryption Device - A device that performs data processing actions or decisions based on information in the communications data stream. Some protocol sensitive systems encrypt all of the data "payload" but filter out certain bits, such as group or channel framing bits, within the data stream that are passed through ‘in the clear’. Other Protocol Sensitive systems are more sophisticated in that they process each data ‘packet.’ Due to embedded information such as virtual circuit addressing, they are processed as either;
‘passed in the clear’ (Plain),
‘do not allow to pass (Blocked), or
‘intercept and encrypt/decrypt’ (Cipher/Decipher)
using a virtual circuit-specific data encryption key (DEK) for that packet.
Protocol Transparent Encryption Device - A device that processes all information in like manner, regardless of the embedded protocol information in the data stream. A "bulk" encryptor is a classical example of a protocol transparent device, since it is not concerned with any of the data information (payload data, framing bits, start/stop bits, embedded addressing bits, etc.) that it is processing. Every bit in a "bulk" encryptor is encrypted. Asynchronous data stream encryptors, e.g., RS-232 encryption devices that use start and stop bits, are also considered bulk encryptors, even though they do not encrypt the start and stop bits.
Throughput Delay - A measure of time delay (in absolute time or data bits) that a system introduces to a communications path between the signal’s point of origin and its point of final presentation. The total throughput delay of a system is the sum of all of the system’s sub-components’ time delays ranging from digitization techniques, signal buffers, signal processing, interleaving techniques (error spreading matrices) and signal filters, as well as all propagation delays from the communications path(s). The term "System Throughput Delay" is often used to quantify the total Throughput Delay less the Propagation Delay in order to provide a path-independent performance measure of the system.
Wide Area Network - Generally ‘packet’ oriented data channels between a user (or group of users) and a remote user (or group of users). WANs generally use shared communications media such as dial-up phone circuits (e.g. Switched Virtual Circuits or SVCs) or leased lines (e.g. Permanent Virtual Circuits or PVCs).
Part 3. Commonly Asked Technical Questions:
1. How does data encryption work? Won’t it damage the data itself?
Without delving into the differences between "public" versus "secret" key encryption (TCC sell products using both approaches), a classical secret key encryption approach relies on identical processes performed at the encryptor (sending end) and the decryptor (receiving end) of a link. A typical "crypto engine" uses inputs from stored "keys", non-linear elements, and random seeds that are often called Initialization Vectors (IVs). Refer to the PK2M encryption/decryption block diagram on the following page.
On the transmit end of the channel, the binary representation of the plain text data is Modulo-2 added with the crypto engine’s key stream output. Two successive Modulo-2 operations with the same in-sync output key stream have the effect of turning the plain text into cipher text (the first Modulo-2 addition), and then, at the receiving end, converting it back to plain text (second Modulo-2 addition). The two crypto engines MUST be in bit synchronization for the process to work successfully.
The initial crypto sync performs a minimum of two functions. First, it provides the bit sync that allows the key stream generators to remain in synchronization while the data passes through each; and second, it presents to the crypto engines (at both ends) a random seed (the Initialization Vector) that forces the crypto algorithm to different key stream generation starting points. The longer the IV, the more combinations of starting points, and thus the greater the potential security fault from "crypto depth" analysis. The IV may itself be encrypted, providing still greater security. The Crypto Sync can also relay other information needed for successful synchronization. Many of TCC’s products also sent a ‘vector’ that lets the sending end tell the receiving end which of many available crypto keys was selected out of those available in the Key Storage area of memory.
Each key stream generator is represented by a linear shift register with some degree of non-linear elements to produce a non-linear key stream.
If the two ends have the same Keys and the Initialization Vector is correctly recovered by the receiving unit, the two engines should achieve bit sync and crypto sync. Thus in-sync, the original sent data should be received and recovered with no errors or modifications.
Should the two units become out-of-synchronization, even by a single bit, the output will be totally corrupted. When this happens, the two units must be resynchronized.
Individual bit errors caused by channel noise or interference can cause errors in the recovered Plain Text data stream, but will not require a resynchronization. An alternate synchronization method called Cipher FeedBack (CFB) actually uses recovered cipher text as the source for the random seed, thus replacing the IV. The result of using the cipher text stream as the random seed is that both ends of the link receive the cipher data and therefore the system is self-synchronizing. The "down side" is that individual bit errors caused by channel noise will cause multiple data errors until the feed-back loop in the shift register flushes out the corrupted bit. In low bit-error links, with perhaps infrequent burst type errors, (which would cause a Long Cycle Mode (LCM) unit to request a resync), the CFB mode of synchronization performs much better than the requested IV (LCM) approach, since the outages from channel hits, (i.e., received bit errors) from burst type interruptions recover much quicker (cause less channel outage time) than the Long Cycle mode as it requires bi-directional communications:
| Detect Out-Of-Sync | ||||
| Request Sync | >> | | PATH | | >> | Receive Out-Of-Sync-Notification |
| Prepare Sync Message | ||||
| Receive Sync Message | << | | PATH | | << | Send Sync |
| Re-Synchronize |
and therefore a longer outage is seen before the long cycle mode crypto sync is restored.
TCC bulk encryption products usually offer both CFB and LCM synchronization modes, thus allowing selection of the most efficient mode for the particular application.
2. What Methods of Encryption are used for protecting Data Circuits.
a. Bulk Encryption (Synchronous and Asynchronous). Classical "bulk" encryption implies a synchronous bit stream with every bit being processed as data for encryption. (See Protocol Transparent entry in the Definitions section above). The attributes of the system that dictate what product to use include throughput data rate(s), channel types, physical and electrical characteristics (cabling pin-outs, logic voltages/currents, handling of bi-polar violations, etc.), and key management considerations. TCC produces a number of synchronous and asynchronous bulk data encryption products that can be used in bulk data applications at various data rates up to 8.448Mbps.
b. Protocol Sensitive Encryption. This ‘smart encryptor’ architecture is gaining in popularity with the increasing number of packet switched networks, wide area networks, and local area networks. The attributes of this type of system are again dependent on data throughput rates, link and network layer topology, (i.e., Token Ring, Ethernet, TCP/IP, Frame Relay, ISDN, etc.) and key management considerations. TCC has a number of mature ( X.25) and new (Frame Relay, ISDN, IP/IPX, Hi-Speed X.25) products that service a broad range of protocol sensitive applications.
As an example of a Frame Relay data packet encryption approach (as used in the TCC CipherX 7100 Frame Relay Encryptor), the "payload" portion of the packet is encrypted using the Data Link Connection Identifier (DLCI) information in the Frame Relay Header to determine what Data Encryption Key (DEK) to use for the operation.
The figure below illustrates the Frame Relay Packet and the Data
Information Field; the only portion of the packet that is encrypted:
Flag and Header information is not encrypted. The Data Information Field (DIF) is extended to accommodate the 16 Byte Crypto Header. Since the DIF has changed appreciably, the polynomial-based Frame Check Sum (FCS) must be recalculated.
3. Why Do I Need Encryption?
Any discussion on the need for data encryption requires the user to answer a few initial questions:
a. Is there a real or perceived threat? Is there an existing technology supporting data traffic collection from some source who has the technical and financial means to collect and extract information from a communications system?
b. Is the information on the system of some value to persons other than the sender and the intended receiver(s)? (For example; any personal, financial, commercial or military intelligence, or otherwise sensitive information that should be protected from interception by an authorized party or agency.)
The costs for the addition of encryption technology, both in terms of initial investment as well as recurring support should be weighed against the cost of compromising the data if it is not protected by encryption. TCC provides equipment that is both cost effective to purchase and is very economical to maintain. The encryptors’ support system options include Off-Line management systems, called Crypto Management Systems, as well as various On-Line Key and Network Management Systems, called KETNET. These support systems allow the network to be maintained in an efficient manner with automatic re-keying and audit trail monitoring.
4. "My circuit is already digitized; why do I need data encryption?"
Any serious attack on a digital data system is achievable with relatively inexpensive and readily available communications components. One aspect of the standardization of data protocols and interfaces is that the purchase and use of data monitoring equipment is literally off-the-shelf. Digitization alone is not enough to protect your transmissions from unauthorized interception and monitoring.
The questions and their resultant discussions above are designed to be introductory in nature. The actual intricacies of data encryption and the complexities of the numerous data channel topologies are much too diverse to present in a single white paper. The decisions and ultimately the engineering tasks that a systems integrator must perform when choosing an encryption solution are vary involved. It will generally take first hand discussions with the encryption device manufacturer to select and implement the best solution for a given system.
TCC has been working with customers and system integrators on cryptographic solutions for over thirty five years and is considered a leader in the Cryptographic Equipment Design and Manufacturing business. Let our staff discuss your needs and determine whether one of our existing products is right for your system. We are also famous for our modify-to-order capabilities to accommodate special customer requirements.
Copyright© Technical Communications Corporation 1996
Cipher X and KEYNET are trademarks of Technical Communications Corporation
Windows is a trademark of Microsoft Corporation