Army’s Standardized Encryption Chip Protects Data
Almost every communications device issued by the U.S. Army has some level of encryption capability to help prevent sensitive military information from falling into the wrong hands.
Encryption capabilities are traditionally developed during the communications devices’ development, which leads to numerous cryptographic engine cores. These cryptographic engine cores securely process key product information for sender authentication and confidentiality, integrity and non-repudiation of messages.
The U.S. Army Materiel Command’s Communications-Electronics Research, Development and Engineering Center, or CERDEC, is leading the Army’s technology program to decrease the number and variety of cryptographic engine cores by developing a universal encryptor, which will be a common chip that will provide cryptographic services to a wide variety of devices.
Standardizing and creating a National Security Administration-certified universal encryptor will increase capabilities for the Army while decreasing costs and timelines; it will also provide more companies a better chance for competing to create next-generation communication systems, says Donald Coulter, project lead.
The Army can use the REprogrammable Single Chip Universal Encryptor, or RESCUE, in communications devices such as radios, satellites and computers as well as unmanned air and ground systems that use or transmit encrypted information. The Army can also modernize existing systems or develop new systems with RESCUE to easily upgrade their cryptographic capabilities.
The Defense Department chose CERDEC to lead the RESCUE effort because the Army not only has the largest number of devices that need cryptographic service, but CERDEC’s Space and Terrestrial Communications Directorate, or S&TCD, has the inherent cryptographic research and development expertise to develop such capabilities, says Rocio Bauer, chief of the Tactical Network Protection Branch in the CERDEC S&TCD Cyber Security/Information Assurance Division.
Other military and government organizations have similar objectives to create a common cryptographic core chip, but none process as broad of capabilities in this particular form as RESCUE, says Coulter.
“What we want to be able to do is have that solid crypto core that provides the standard cryptographic functions and services that most of our devices need, to include support for Cryptographic Modernization, Key Management Infrastructure-awareness and Product Delivery Enclave-enabled capabilities. That way we can concentrate on the truly innovative and particularly unique pieces of those end technologies,” Coulter says.
CERDEC awarded the development contract to Team Engility on Aug. 21, 2015. The production contracts for RESCUE will require the vendor to build to a specification, and the intent is for the Army to make it available to communications or computing platforms that require or support storing, processing, transmitting or receiving encrypted information.
“The contract award for the RESCUE development effort is public, and we will have all the rights with the explicit understanding that whoever wants to do a production contract or who wants to develop a new capability based on this technology – we have everything we need to either utilize it again in its current form, be able to tailor or modify it to reproduce these things,” Bauer says.
As the Army’s eventual standard for cryptographic hardware, RESCUE is being implemented as a Field Programmable Gate Array, or FPGA, meaning that developers can tailor the information on the chip to fill specific encryption needs and be reconfigured and reprogrammed more easily if needed.
“If there’s a new algorithm capability that comes along or a new algorithm, we can actually update the image on there and add that capability so we don’t necessarily have to create a brand new chip and bring every device back and put a whole new chip in. We can update the image on the chip,” Coulter says.
Using RESCUE also allows the Army to have more non-technical acquisition flexibility.
“One of the key, non-technical pieces of this is that we will have government rights to everything we are developing,” Coulter says. “In the past, we have been in the position where we have had the solution, but we don’t have the rights to modify it, repair it. If we needed to do any of that stuff, we had to go back to the original vendor and get them to do it at whatever rate [cost] they choose.”
The cost and development to provide Soldiers with secure devices that lack a common encryptor may be an unnecessary expense if standardization occurs.
“Every time we generate a new device, we are paying for the same crypto capability, and we are redeveloping and customizing it every single time,” Coulter says.
RESCUE also allows the Army to increase its list of potential vendors.
“Now, we are limited to specific vendors who can do crypto and do communications,” Coulter says. “RESCUE allows us to say ‘the crypto is here’…This is going to free us up to really push those boundaries and edges of research and development of capabilities going forward.
“There are small business that can have really innovative techniques and ideas for communications, but they don’t have the institutional knowledge or bandwidth and resources to go through and develop a crypto core and go through that whole certification process,” he says.
Army communications systems that transmit and receive classified information must have an NSA certification to ensure they meet NSA’s standards for securing and encrypting classified information; however, the process takes more time if NSA must review an entire product or system.
CERDEC expects RESCUE to condense the NSA certification process for new communications devices because it will provide the Army with the flexibility to use an NSA-certified chip as the basis of its cryptographic functions.
When a product uses the NSA-certified RESCUE, it will not necessitate an NSA review of the entire system as they can now focus on ensuring the device meets their standards and that RESCUE’s certification boundaries did not change when incorporated into the product or system, Coulter says.
“We expect a product review to take around six months, which is down from the standard time that can last up to about 24 months, more or less, to get a certification for a device,” Coulter says.
CERDEC is scheduled to have RESCUE NSA-certified and ready for widespread use in requirements documents by September 2017, though stakeholders who will need RESCUE do not have to wait until then to reach out to CERDEC.
“If someone wants to leverage RESCUE, they can talk to us now to ensure we have the right requirements and that our timeline for development aligns with their needs,” Coulter says. “If there are specific requirements, they can be here while we are designing things, and they can start planning their tailoring and acquisition activities around our timeline of what we are doing and the material we can provide to them.” I95