Security of personal confidential information Portable encryptors The CryptoGrapher, a personal palmtop-based encryptor The CryptoGrapher portable encryptor has been designed for protection of information stored on flash-disks of any type. Protection against unauthorized access is based on encryption of all information using cryptographic algorithms, the resistance of which has been certified in the South Africa Republic. The CryptoGrapher uses and algorithm with a key length of 104 bits.
Use the keyboard to enter the plaintext, which can be later edited. After the text has been encrypted, it may be read off the display and sent via a communication channel. Decryption occurs in a similar way. The encipherer uses a cryptographic algorithm with a guaranteed cryptographic strength, the number of keys combinations equals to 10100 . In order to prevent unauthorized users from using the encipherer, an individual password must be entered before the user can start working with the device.
(battery life at least 120 hours), or 220V AC via a supplied adapter Power consumption: 0.02 W "Ancrypt-II" – a palmtop-based encryption device The "Ancrypt-II" preliminary encryption encipherer is a small-sized palmtopbased encryption device designed for encryption and decryption of up to 64 Kbytes of the alphanumeric information at a time. "Ancrypt-II" has been designed for protection of PIN codes of credit cards, numbers and details of bank accounts, phone numbers and other confidential information.
Keyboard Display Main functions Encryption modes Size of plaintext Plaintext input Encrypted text output Input of long-term key One-time key Rate of data exchange via RS-232 Amount of data that can be encrypted using the same long-term key Long-term key One-time key Encryption algorithm Dimensions Weight Operating environment 33 Cyrillic characters; 26 roman characters; 10 digits; 14 control keys; 16 punctuation mark keys; 4-line LCD.
R NG T EST Conve rter Ke y Fig. 1. Flowchart of key generation The work of the key generating center consists of the statistical control stage and the key generation stage. Statistical control stage Once the program has been launched, the physical random number generator is tested. The statistical checking uses at least 10000 bits of information by special criteria described below. If the sequence does not satisfy these criteria, a signal is sent to restart the random number generator board.
Upon the key generation stage is complete, the key sensor switches into the waiting mode until the next key generation command. If the program has not been restarted, the statistical control stage is skipped when the next key is generated. Once 100 decimal digits of the key have been obtained, the algorithm picks 10 checking digits. The resulting key can be printed out or saved onto a diskette. Criteria and requirements for gamma quality checking Criterion 2 for digits There is a sequence x1, x2, ...
Method of encryption – mosaic array: timing transpositions and frequency inversion; High quality of reconstructed speech.
SCR-M1.2 Scrambler Automatic caller ID, redialing, incoming and outgoing numbers memory, clock, alarm clock; The level of cryptographic protection may be enhanced by entering of an additional individual 7-digit code; Built-in memory where up to 9 7-digit individual keys and up to 99 20-digit phone numbers may be stored; Power consumption - 7 W maximum; Dimensions - 180х270х45 mm; Weight - 1.6 kg maximum. SCR-M1.2MINI SCRAMBLER This unit is built on the basis of the SCR-M1.
It is plugged in between the city phone line and the mini-ATX, providing secure communications for all telephone sets and fax machines connected to the mini-ATX; It has proved to be very useful for the construction of secure communication networks with office PBX of any type; Remotely controlled from the user's phone or fax machine; Voice support, sound indication of operating modes; Power consumption - 7 W maximum; Power supply – 220V 50 Hz; Dimensions - 180х270х45 mm; Weight - 1.6 kg maximum.
The following equipment in the package: "Grot" scramblers (installed at the subscribers'); "Grot-C" station scramblers; MAK-16 station module for installation of 16 "Grot-C" scramblers with power supplies. "Grot" and "Grot-C" scramblers, working together, provide cryptographic protection for the section of communication lines between the subscriber and an automatic telephone exchange (ATX).
The "Grot- C" scrambler must be installed in a room of an automatic telephone exchange. It is remotely controlled from the "Grot" scrambler, works only in a pair with the "Grotto" subscriber scrambler, and has a master key, identical to the key of the subscriber scrambler. The additional individual key is not used. Other technical characteristics of the "Grot-C" scrambler are similar to the parameters of the "Grot" scrambler.
The AncVoice Coder - 2400 specialized digital telephone set has been designed for operation in public telephone networks, either directly connected to the ATX, or connected via a private ATX – using the two-wire connection method. Power for the unit is supplied from 220V±10% AC via an adapter.
sec mode 4 - V22bis recommendation (takes 7-10 seconds); in this case, the modems establish a connection faster than under V34, but if there is a lot of distortion in the communication channel, the modems may lose synchronization (and secure connection will be broken); this mode is convenient for transmission of short messages over poorquality communication channels.
S CD Cod E ec m odem PTN S CD Cod ec m E odem Fig.1. The flowchart of AncVoiceCoder-2400 operation, where SCD is the speech conversion unit used for parametric compression of speech; codec – codes/decodes speech signals; E – encryptor; PTN – public telephone network.
telephone networks, provided that the other end is equipped with a similar board or with AncVoice Coder – 2400. HotLine – a center for generation of single-use gammas for protection of phone conversations The most important objective is to provide crypto-stability, that is to make it impossible to reconstruct the plain text and the key using encrypted text, even if the scheme of encryption is known. It is not always possible to prove crypto-stability of a particular scheme of encryption.
The center is built on the basis of specialized TEMPEST-compliant computers, and that provides protection against E-field radiation, through which the information may be intercepted. The center has been successfully used to provide a secure exchange of information between the presidents of two countries (via a so-called "hot line"). Fig.1.
"Berkut" provides encryption and decryption of telephone conversation over simplex radio communication channels. And that guarantees protection of transmitted information against unauthorized listening. The device is hooked up between the headset of the user and the radio. "Berkut" has been designed for installation on planes, helicopters, vehicles, and for stationary operation in the structure of the ground control.
Microphone VHF/UHF band radio Phones BERKUT A diagram of connection of the Berkut. Control Unit Berkut VHF/UHF Encryptor Control unit band radio Input device or PC Fig. . Diagram of control of the "Berkut" and connection of input devices. A self-contained key generating and inputting unit allows the user to input the key information individually. A package of original key generating software for personal computers may be used.
Technical characteristics: Communication establishment time - 0.5 sec maximum; Service band - 300-3400 Hz; Speech intelligibility for the 300-3400 Hz band – at least Class 2 per GOST 16600-72 standards; Communication establishment probability – 0.
The unit has been constructed as based on the principles of non-parametric signal conversion. At the input of the encryptor, the analogue signal (voice) is converted into digital with the employ of an 8-bit analog-to-digital converter. Cosine and sine digital filters are used to determine the vector of the phase of the transmitted voice signal at a specific point of the message.
The "Berkut-K" – a hardware product for protection of voice signals transmitted over UHF/VHF radio channels "Berkut-K" portable encryptor provides encryption and decryption of telephone conversations over VHF/UHF radio communication channels in the simplex mode, operating in a pair with similar hardware products. And that guarantees protection of transmitted information against unauthorized listening. The device is hooked up between the headset of the user and the radio.
Number of keys – up to 6; Power supply – onboard circuit, 12V, 27V (21-31)V; Radio set – VHF/UHF band; Operating mode - simplex; Weight - 2 kg ; Volume – less than 2 cub. dm; Power consumption – 1W maximum. Operating principles The unit has been constructed as based on the principles of non-parametric signal conversion. At the input of the encryptor, the analogue signal (voice) is converted into digital with the employ of an 8-bit analog-to-digital converter.
Envelope measuring Unit Modulo adder Digital Analog converter UHF/VHF band radio microphone amplifier analogdigital converter cosine filter sine filter DID DID interface init Crypto-card unit Key memory Fig.2. A flowchart of transmission channel.
Sine filter cosine filter digital analog converter pilot's headset microphone amplifier analogdigital converter envelope measuring unit Modulo two adder DID unit DID interface Key memory Crypto-card unit Fig.3.A flowchart of the reception channel.
"Berkut-D" – a delta modulation-based hardware product for protection of voice signals transmitted via UHF/VHF radio channels "Berkut-D" encryptor has been designed to work with VHF/UHF radios that can modulate the carrier frequency using pulse signals and have a standard frequency spacing of 25 kHz between channels.
The unit is built on the principles of pseudo-random time and frequency permutations of signal spectrum and uses the "Tiger" algorithm with a key length of 104 bits.
Coder l.f. amplifier l.f. filters difference circuit Integrator Comparator Pulse shaper Clock frequency generator Pulse Synchronizer shaper Integrator l.f. filter Dеcoder l.f. amplifier Fig.1. A flowchart of a standard delta-modulation module.
Coder l.f. amplifier l.f. filter Difference circuit Integrator Impulse data Sequence analyser Impulse data Sequence analyser Comparator Impulse shaper Clock frequency generator Impulse shaper Synchronizer Integrator l.a. filter Decoder l.a. amplifier Рис.1. A flowchart of adaptive delta-modulation module.
"Berkut-F" – a hardware product for protection of telephone and fax data "Berkut-F" has been designed for encryption of phone and fax data in the duplex mode. It is connected via the RS-232C interface. Connection to public telephone lines shall be performed in compliance with MKKT34 recommendations. The unit can be operated on leased lines. The key system of the encryptor consists of a network key, entered from the ROM, and a session key, generated for every conversation.
An automatic overload and wrong polarity protection is provided. The unit connects to the radio via a digital plug-in and a micro-telephone handset. If the power supply is damaged, the unit can run on the battery of the mobile object. Technical parameters: Data processing rate - 1.2 kbps; Type of communication channels – digital, standard; Bands – VH and SW; Speech conversion device – lip-reader; Power consumption – 6W maximum; Power supply – 12V; Dimensions - 130х60х256 mm; Weight - 2.