Concerns Over Data Security Stimulate Countermeasures

CN Data Communications Editor Concern over computer security has been heightened by last summer's publicity over the movie "War Games," and reports of youngsters gaining unauthorized access to government and commercial computers, including an unclassified system at the nuclear weapons laboratory in Los Alamos, New Mexico. Stung by illegal penetration of government computer systems, the Department of Defense has divided its Arpanet packet-switching network into two segments, one for military users and the other for access by civilians. The military network, known as Milnet, will be used to interconnect classified computer sites; the other, R&Dnet, will serve unclassified sites only. Individuals dialing into either network over public telephone lines will have to give a password before being granted access to files.

DOD says the network segmentation was needed because of the increasing sophistication of "hackers" who utilize data networks to penetrate computer security. According to Deputy Under Secretary of Defense Donald Latham, the issue of computer security is of growing concern. "There will be more of these hackers," Lathan states, "and we're going to have to deal with their increasing sophistication."

Further evidence of government concern over the security breaches came when FBI agents confiscated equipment belonging to 15 alleged computer hackers in 13 cities. In addition, the National Security Agency has been authorize to double the staff of 100 in its Defense Department Computer Security Institute over the next two years. Meanwhile, Congress is considering legislation that would mandate fines up to $100,000 and/ or jail terms up to 10 years for anyone using a computer without the consent of its owner.

In recent testimony before a House of Representatives subcommttee, a senior administration official noted that computer hackers could undermine the confidence of the public in the government's ability to protect data essential to the operation of agency programs. Joseph Wright, deputy director of the Office of Management and Budget, told the subcommittee that individuals may fear that others will be able to examine their tax records, for instance. "Corporations may fear that competitors will be able to uncover important informatiion about their operations or manufacturing processes," Wright noted. This, in turn, might affect the quality of informatiion furnished to the government by citizens, thereby eroding the integrity of government data bases.

Congress also heard testimony recently from Peter Waal, vice president of marketing and plans for the Network Services Group of GTE Telenet, whose public data network was used for many of the unauthorized computer accesses.

Commenting on the illegal "break ins," Waal said he believe the "trespass problem is of equal or perhaps even greater national importance than that of the use of computers in fraudulent transactions." Wall noted that only about 200,00 of the 3.5 million personal computers in use currently have the communications capability to access remote computers via data networks. "Market projections indicate there will be over seven million personal computers in use within three years," he says. "Of these, nearly two million will have the ability to communicate with remote computers. At this rate of growth, there will be ten times the number of potential hackers in three years than there are today."

While legislation may be the ultimate remedy, many industry analysts believe equipment and techniques need to foil all but the most sophisticated hackers already exist and they just haven't been used. For instance, there are several devices which intercept an incoming call before it gets to the computer, requesting the caller to give a password. The devices then disconnect the call, look up the telephone number of the user with that password and call back. This prevents intruders from using someone else's password unless they use his telephone too. In addition, the devices do not answer the incoming call with a high-pitch tone, as a computer does, so a potential intruder dialing nunbers at random does not know he has reached a computer. Digital Pathways of Palo Alto, California and LeeMah Telecom of San Francisco supply such dial-back systems, while International Mobile Machines of Philadelphia makes an interceptor box that sounds an alarm if someone enters an incorrect password.

Passwords and user identification numbers are only one element in safeguarding important data. Adrian Norman, a computer specialist with Arthur d. Little, compares the secure computer to the well-built medieval castle. In his new book, Computer Insecurity, Norman states that, just as a castle had concentric rings of denfense consisting of moats, ramparts, gates and crenelated walls, so a computer must have concentric rings of security built int hardware, communications, software, applications programs, physical environment and personne.

In the communications environment, both government and commercial organizations are becoming increasingly aware of their vulnerability to wiretaps. For one thing, wiretapping is getting easier and cheaper while the "rewards" become more tempting. Also, since the wiretaps can be operated remotely, today's eavesdroppers are less likely to get caught.

Short of keeping the entire communications link secure physically, the only way to thwart eavesdroppers is through data encryption. In some cases, encryption may also be the most cost-effective technique for protecting stored data against unauthorized access.

Encryption involves transforming clear,l readable text (known as plaintext) into "ciphertext," which can withstand attempts by unauthorized individuals to recover the original information. Two elements are involved: an algorithm, or set of basic procedures for manipulating the plaintext; and a key, selected from a large set of possible keys, that is known only by the sender and receiver. Together, the algorithm and key are analogous to an electronic combination lock, where the algorithm is the lock mechanism and the key is the combination that locks and unlocks it.

With a combination lock, even if the mechanism design is known, it cannot be opened unless one has the combination. Likewise, the algorithm may be public knowledge, but the encrypted data is secure as long as the key is kept secret. For military uses, the algorithm is also kept secret.

Plaintext may be enciphered either by transposition or substitution: transposition involves rearranging plaintext symbols without changing their identity, while substitution replaces the symbols by one or more ciphertext symbols. An encryption or enciphering system that uses alternate steps of transposition and substitution to scramble messages is known as a product cipher. Such ciphers are harder to break than either transposition or substitution ciphers alone (see "Unscramblilng the ABC's of Cryptography," Communications News, February 1980, page 48).

Virtually all ciphers can be broken since with time and effort, the key can be dededucted. Even so, they are still valuabvle since they delay penetration of the system. Ciphers are judged by a parameter known as the "work factor," which is based on the time and effort requred to break them; the higher the work factor, the more secure the cipher. It is possible to design an unbreakable cipher, but the key must be randomly selected and used only once. Also, they must be as long as the plaintext.

During World War I, American cryptologists developed such a key for their teletypewriters. Today, the majority of commercial security systems use a product cipher known as the Data Encryption Standard (DES). Adopted as a data security standard by the United States government in 1977, the DES enciphers a 64-bit block of plaintext into a 64-bit block of ciphertext under the control of a 56-bit key. As a standard, DES applies only to Federal agencies not involved in national security. However, it is also becoming a de facto standard in the private sector.

The DES standard helps users by giving them a yardstick for evaluating data encryption equipment. Also, the standard permits mass-production economies for semiconductor firms who can thus implement the DES algorithm in LSI chip form at a reasonable price. Nonethelss, critics of DES claim that it is inadequate and will only be useful for the next few years at most, since by then advances in large-scale integration and computer science will make it possible to break DES encryption easily. Critics also question the circumstances surrounding adoption of the standard, which involved some alleged behind-the-scenes maneuvering by IBM, which developed the algorithm, and the National Security Agency, which approved it.

Professor Martin Hellman of Stanford University claims that the DES encryption could be broken quickly by using many chips in paralled to test all possible key combinations. He is also concerned about the possibility of "trapdoors" in the DES algorithm which would allow IB or NSA to break the standard in a matter of minutes using a computer.

Professor Hellman is a proponent of the so-called "public key" security system, where either the encryption or decryption key is known but the other is kept secret. He draws an analogy between a public key system and a strongbox with two combinations, one to lock the box and the second to unlock it. For instance,l if the locking combination is public knowledge, anyone could lock up information in it, but only the person for whom the information is intended could unlock the box to retrieve the messages. Such a system would be useful for protecting messages in a public electronic mail system.

Similarly, public key systems could be used to protect against forging of messages by authenticating a digital signature. In this case, the encryption key would be kept secret and the decryption key made public so that anyone could validate the signature.

Another critic of the DES algorithm is Arnold McCalmont, founder and president of Technical Communications Corporation, Concord, Massachussets, which has been a leading producer of communications security systems for over two decades. Like Professor Hellman,

McCalmonth is concerned about the possible trap doors in the DES algorithm. However, he also believes the use of a 56-bit key makes the algorithm vulnerable. His firm has developed a proprietary cryptographic system based aroound the use of a key with greater than 4,096 bits. TCC offers its security equipment with the DES algorithm for customers who prefer that approach. However, McCalmont points oout that TCC has over 3,00 customers in 123 couontries and that the vast majority choose the firm's proprietary design.

Despite the criticisms, the DES algorithm is finding widespread acceptance. Also, it has been attacked for a number of years by experts in the field and they have not been able to show how to break it. Several manufacturers have implemented the DES algorithm in LSI chips, and software implementations are also available. Among the suppliers of cryptographic equipment and systems using DES are IBM, Racal-Milgo and Datotek, in addition to TCC.

There are three ways to incorporate encryption into a communications sytem: link-by-link, node-by-node and end-to-end. Link-by-link encryption is the simplest technique and has the advantage of being transparent to the existing system. It requires no terminal or host software modifications and has no apparent effect on the data stream. The encryption devices are simply interposed between the modem and data terminal or host at each end. However, all traffic has to pass through the CPU of any node in the uncoded state, and so is vulnerable to unauthorized access.

Node-by-node encyption overcomes this problem by integrating the encryption algorithm into software modules or peripheral devices attached to the CPU at the node. Each link is protected by a different key so that messages that traverse several nodes must be translated from one key to another. Although encrypted messages appear in the clear in the security module at each intemediary node, they can be recovered only at their final destination.

End-to-end encryption protects messages continuously with the same key until they arrive at their final destination. For this application, the cryptographic algorithm is integrated into the host CPU, front-end processor or peripheral device attached to a channel at the end nodes. End-to-end encryption is generally requred for complex switching networks involving a large number of senders and receivers.

Even with end-to-end encryption, however, routing information must be made available to each intermediary node through which a message passes. Thus, while the message is enciphered, the message header remains in clear form. As a result, the end-to-end approach is susceptible to traffic analysis--a technique that seeks to derive valuable information from the volume and direction of message traffic. However, this is generally of concern only in military applications.

In all three configurations, the protection achieved through encryption ultimately depends on the secrecy of the cryptographic key. If the cipher keys cannot be adequately protected, the use of cryptography does little to enhance security. Consequently, the effectiveness of DES, or any other cryptographic algorithm, is highly dependent on the techniques used for the selection, handling and protection of the keys used in the ciphering process.

IBM offers encryption devices for securing point-to-point links, as well as a subsytem based around central control of encryption procedures and key management. The IBM Cryptographic Subsystem operates under the control of Systems Network Architecture (SNA) to encrypt and decrypt information automatically without intervention by the terminal user or application. The subsystem operates with a program product which provides support for encryption, decryption, key generation and key management.

Alternatively, users can employ the IBM 3848 Cryptographic Unit, which provides high-speed , channel-attached encryption and decryption of data and protective storage for the host master key. It operates with a program product which provides key generation and key management through the IBM 3848, as well as error recovery and recording. Intended for the encryption and decryption of stored data files as well as transmitted data, the unit can be attached to the host via a block multiplexer or selector channel and can support a maximum data rate of 1.5 Mbps.

While the 3848 employs the DES algorithm, users can define keys as two 56-bit values to provide greater security than the 56-bit DES key. It also uses a block-chaining mode of operation, where an encrypted block of the message stream is routed back to, and merged with, the next incoming block of unencrypted data. This combined block is then encrypted and passed down the communications line. Chaining further reduces the

presence of telltale repetitive patterns in the encrypted information even more resistant to analysis. Also, if an error is encountered during encrypting or decrypting, the error is contained and does not affect more than two adjacent blocks of data.

For key management, the subsystem generates a cryptographic master key for each system resource, including terminals, applications and files. The host master key can be stored in the 3848, where it is inaccessible to host programming. A copy of each key remains within the system, encrypted under a variant of the host master key.

For communicatiions encryption, a second copy of each terminal's master key is installed by the security officer in each

SNA terminal equipped with the encrypt/decrypt capability. When a user at a terminal transmits a request for access to an application in the host computer, the host verifies that the user is authorized for such access. The Cryptographic Subsystem generates, in radom fashion, a session key. This will be used only for this particular exchange of data. The host reencrypts the session key under the terminal master key and sends it to the terminal. Using its master key, the terminal decrypts the session key and places it in a key register for use in encrypting messages that are sent and decrypting those that are received. At the end of the session, this temporary key is destroyed. In similar way, encryption can be used to help provide protection for data stored on fixed or removable media. Unlike terminal master keys, file master keys are stored only at a host system.

For poin-to-point transmissions. IBM offers the table-top 3845 for office environments, and the rack-mounted 3846 for physically secure data processing facilities. The devices may be used interchangeably in pairs, one at each end of a communications line, between the modem and the terminal or computer. Users can enter or change stored keys with a small hand-held keypad unit. Once the key is entered, it remains stored in hardware, protected by an auxiliary battery against loss due to power interruption. The keypad is also used to customize the encryption devices to the specific communications environment by setting line speed, transmission code, communications protocol and other data link characteristics. A locked switch prevents an authorized person from changing a stored key; the act of unlocking the switch automatically erases the existing stored key.

Raca-Milgo chose last year's TCA show in San Diego to unveil its thrd-generation data encryptor, the Datacryptor III, which secures data over point-to-point wideband circuits at data rates to 112 kbps. It operates synchronously on full-duplex, leased line facilities and is equipped with both V.35 and RS-232 interfaces wird in paralled. Either interface may be used, depending on network data requirements: V.35 for higher rates and RS-232 for lower rates. No configuring or strapping is required.

Like the firm's earlier models, the Datacryptor III uses the DES algorithm in single-bit cipher feedback mode, which provides complete protocol transparency. The device also produces encryption keys electronically by a pseudo-random number generator. Special features permit key management and diagnostics to be controlled from the front panel, and remote diagnostics to be performed unattended.

Datacryptor III provides three levels of crypto keys. The primary, or master key, is maintained at the hsot and used to encrypt the secondary, or working key. This secondary key is used at the host and all remote units to encrypt/decrypt data transmissions. The working key is automatically generated and down-line loaded to the remote units at the touch of a front-panel switch. The master key can also be down-line loaded when encrypted by the third-level public key.

Working keys are stored in CMOS memory, which is battery-protected against brownouts and blackouts. According to the firm, a resonably fresh battery should be expected to maintain this protection in excess of 1,000 hours. A low-battery warning advises when the user-replaceable batteries need changing. Any time the enclosure is disassembled, an anti-tamper switch causes the memory to be cleared. Master keys are stored in electrically erasable read only memory contained in a removable Master Key Module (MKM). This module provides for the convenient manual distribution and changing of master keys. For storage in the MKM, the master keys are encrypted under a user-selected Module Security Code, which protects the secrecy of the key should the module be lost or stolen. Two Medeco physical locks mechanically secure the MKM in place and electronically lock the key management controls. These locks also phohibit unauthorized disassembly of the device.

For dial-up applications, Racal-Milgo offers the Datacryptor II, which enciphers and deciphers data at rates to 9.6 kbps. It operates in both half- and full-duplex modes, on dial-up or leased point-to-point or multipoint lines, and in synchronous or asynchronous networks. Because the device encrypts on a bit rather than a character basis, it avoids problems with protocols. In addition, it limits the point-to-point transmission delay to only a single bit time. Since the Datacryptor II operates without regard to communications discipline or methodology, units used to encrypt the aggregate of a multiplexer, for example, could also be used on low-speed, asynchronous dial-up lines. Also, as networks change, Datacryptor II should not require costly retrofitting or network configurations, the company claims.

Reportedly, the Datacryptor II was the first commercial data encryption device to make use of a public key for key management. With the public key option, all key management is centrally controlled so no action is required of remote site personal once the Datacryptor II is initially installed. To generate and distribute a new master key, for instance, the central-site Datacryptor II requests that a remote unit generate a public encrypt "E" key and a secret decrypt "D" key. The public E key is transmitted, but the secret D key is retained at the remote Datacryptor. When the public E key is received at the central site, it is automatically verified by both Datacryptors, and the new master key is then encrypted under the E key. This new master key is received at the remote site, verified and decrypted by the sectet D key, so that within minutes the new master key is ready for use. Alternatively, new master keys can be distributed mannually using a key module which is physically transported to the remote sites.

Datacryptor II incorporates many of the security provisions of Federal Standard 1027, such as dual access control, zeroizing of keys on enclosure entry, battery protection of keys during power outages, and optioonalk manual key entry. System diagnostics included an unattended point-to-point test, which can be performed with the remote unit verifyin looping functions may be utilized at each step in the network to isolate problems. An optional units extends the test feature to unattended remote multidrop sites. Also, when the Datacryptor II is operating within a Racal-Milgro CMS network management system, many diagnostic and security functions can be monitored from the central-site console.

Technical Communications Corporation supplies encryption devices for data, telex and facsimile applications. Its DSD 80 and 72A data security devices are available with either the DES algorithm or the firm's proprietary design, which is based around a key with more than 4,096 bits. According to the Concord Massachusets firm, most of its non-government customers choose the proprietary P.K.sup.2.M crypto key memory technique. The algorithm encrypts into five letter code groups and is fully compatible with other TCC off-line data encryption equipment.

The DSD 80 operates with Baudot and ASCII codes at telex rates and data speeds to 2.4 kbps. Synchronization is accomplished automatically through the generation of four to five spurious characters at the beginning of the text. During any circuit interruption, resynchronization occurs automatically within the first 25 bits of information transmitted after circuit restoration. The unit prints operator instructions on the terminal to ensure proper functioning. Since the DSD 80 can control a similarly coded terminal from a remote location, it is suitable for international telex and other situations where unattended stations must be addressed.

For synchronous applications, the DSD 72A provides data security at rates to 2 Mbps. Its feedback design limits the propagation of noise-created errors to less than 25 bits. It includes standard interfaces for RS-232, TTL or MTL-STD-188C connectors. The DSD 72A employs a 4,096-bit primary key and a 36-bit secondary key. Secondary keys are changed by thumbwheel switches located behind a front-panel hatch and internal factoral switches. The companion DSD 72A-SP is intended for military and top-level government applications. It is designed to operate under all types of environmental condition with a mean time between failure of 10,000 hours.

Last fall, the firm introduced two families of secure terminals, the DSD 100 and 90 Series, based on its proprietary encryption technique. Both are compatible with the DSD 80 devices. Designed for asynchronous, Baudot applications at rates to 200 bps, the DSD 100 offers the highest level of security available, according to the firm, and is suitable for use by the military of diplomatic corps. Buffer memory allows electronic store-and-forward operation, or five-letter code groups may be prepared off-line. The user-friendly ASR teleprinter requres no operator action beyond entering the operating key and operating mode from the keyboard.

The DSD 90 is a hand-held security device with a two-line liquid crystal display. Messages can be coded or decoded by a simple key stroke. The unit prompts the operator to first enter the key and then the plain or cipher text, as appropriate. With the push of a button, the message is then encoded or decoded and displayed. For applications involving a mix of voice, data, slow-scan TV or facsimile, the firm's CSD 909 offers maximum security with high fidelity in recovered voice. It handles data at speeds to 1.2 kpbs.

Datotek's Universal Digital Encryptor (DUDE) also offers users a choice of DES algorithm or the firm's Mark II key generator. Operating at speeds to 64 kbps, it is transparent to communications protocols and meets Federal Standard 1027 requirements for physical security features. Keys may be distributed manually or down-line loaded. Up to 32 master or private keys can be stored and selected either on a pre-arranged time schedule or by local or remote command.

The Dallas, Texas firm also supplies a family of four ciphering message processors that adapt to a variety of environmental and operating conditions. For portable applications, the battery operated XMP-500 terminal incorporates a standard keyboard with 24-charcter bidirectional display and a 1,000-character memory to aid message preparation. It also has an RS-232 port for hard-copy output. It can operate over telephone lines via optional acoustic cups or UHF/VHF radio at 300 baud via optional radio interface cable.

For medium-level traffic volume, the XMP-1500 can be configured to operate off-line, or in quasi on-line mode over radio or telephone circuits. It comes with a standard keyboard, 40-character bidirectional display and 25,000-character message memory. The XMP-2500 offers three operator-selectable transmission modes over wire line or radio circuits: synchronous operation with protocol-independent, bit-by-bit encryption; asynchronous character-by-character encryption which is protocol dependent; and isochronous protocol-independent bit-by-bit encryption, which is reportedly effective for HF radio. The unit accommodates transmission speeds to 20 kbps using Baudot or ASCII codes. The top-of-the-line XMP-550 supports multiple message processing with 72,000 characters of message memory, a 12-inch CRT with full cursor editing and a detached keyboard.

Datotek also offers a microprocessor-based digital voice cipher system, the DVC-2419, which may be dedicated to a single telephone, shared by many telephones or shared concurrently by telephone, data terminal and facsimile device. An internal multiplexer option allows a number of voice, data and facsimile terminals to dynamically share a common secure circuit at speeds to 19.2 kbps. While the audio port may be supporting telephone traffic, the digital port can be dediated to a single digital terminal or it can interface to an external multiplexer to support a number of terminals.

To make a secure call, the user simply dials the telephone number of another secure phone. When the secure number is reached, the DVC-2419 will automatically switch to the secure mode, synchronize and ring the secure phone. When the called party answers, the conversation is automatically encrypted, yet it is conducted as any normal telephone call. The digitizing module of the DVC-2419 accepts a standard telephone signal input, and then digitizes and synthesizes it to match the speaker's voice. The cryptographic module receives data at 2.4 kbps from the voice digitizer and/or the auxialiary port and enciphers it on a bit-by-bit basis.

M/A-Com Linkabit offers a family of data encryption products operating at rates to 6.5 Mbps. The units employ the DES algorithm and comply with Federal Standard 1027 requrements for data security. Its automatic key distribution scheme uses two master keys to triple-encrypt the working keys, which are automatically generated every 24 hours and transmitted to the remote encryption units. Microprocessor-based self-test functions and onboard fault indicators help to achieve high levels of reliability and maintainability, according to the San Diego firm.

The latest model, the LC76CF operates with synchronous units at data rates from 1.2 to 100 kbps. By using the DES algorithm in single-bit cipher feedback mode, the LC76CF gives users a totally transparent cryptographic device that is also self-synchronizing independent of data format of character set used. Recently, M/A-Com Linkabit joined with General DataComm Industries to test the LC76 cryptographic unit with GDC's 1258 Megamux. The tests were designed to evaluate system performance using the GDC out-of-synch card that generates an external resynchronizatioin signal to other equipment, such as the LC76, when synchronization is lost in the communications link. The 1258 Megamux operates over T1 facilities at composite data rates to 2.048 Mbps, multiplexing up to 54 combined channels of synchronous, asynchronous and isochronous data and voice in any channel mix ratio.

To guard against unauthorized computer access via dial-up lines, Digital Pathways' Defender II utilizes an automated dial-in/call-back procedure, allowing access only throough authorized telephones. In addition, Defender II provides a host of management, diagnostic and network control features. These include a complete audit trail of all transactions, least-cost telephone routing, prioritized queuing, status reporting on all modems and preventative diagnostic procedures.

Defender II employs the Palo Alto firm's proprietary bus-controlled 212A modems, up to 48 of which can be packed in a 19-inch chassis. Connection between the telephone system and computer ports requres no software modification and up to 16 dial-up facilities can be managed by one Defender II installation.

To access Defender II, users call in and enter their ID number, using either a Touch-Tone telephone or conventional keyboard. Touch-Tone entry is prompted by synthesized voice or by keyboard entry of a text message. With either option, Defender II determines if the ID number is valid. After three invalid ID number entries, the system hangs up and delivers an alarm message. Following a successful ID transaction, Defender II retrieves the user's access parameters from its battery-supported memory. These parameters include which computers may be accessed, phone number, baud rate, priority, user classification and account number. If an appropriate modem is available, Defender II tells the user to hang up and assigned a position in the waiting queue. The user may give up the queue position at any time. An additional feature of Defender II is the ability to send computer-independent messages to a predefined list of phone numbers. A typical 48-modem system costs about $800 per line. Adapters are available for other modems at $200 per line.

Western DataCom of Youngstown, Ohio also offers a security device to prevent unauthorized dial-up access to computers. Its Lineguard 3000 intercepts all incoming computer access calls and, communicating via the caller's video display terminal, executes the following 60-second sequence: the caller is asked to enter his assigned code number. Lineguard then searches its memory to verify the code. If verified, the caller is told to hang up and wait for call back. Lineguard then dials the phone number assigned to the caller's code number and connects the caller with the computer. Users with an invalid entry code are denied access to the modem and all failed entry attempts are recorded for management evaluation. Each unit scans two incoming lines and is compatible with all asynchronous dial-up modems and computer protocols in use today. The module is priced at $945.

Tri-Data of Mountain View, California has added automatic answer verification and call back to the security features of its Oz Guardian 1200-bps full-duplex modems. With answer verification, the Oz Guardian automatically screens incoming calls for a valid password before connecting the call. The optional call back feature allows the modem to automatically disconnect incoming calls after receiving the caller's password, and then to dial the number in its memory associated with the caller's password. To control access to directory and configuration information, the Oz Guardian also provides three additional levels of security: non-displayable fields to prevent network users from accessing confidential directory information; command-locking to prevent the implementation of selected commands; and password-controlled master locking to prevent unauthorized users from unlocking those commands. Deliveries of the Oz Guardian began in January with a unit price of $750.

Last December, Datatel, Incorporated of Cherry Hill, New Jersey, introduced two data security units that protect against unauthorized access to data transmitted over telephone lines. The DCP 4010 and 4015 also prevent transmission errors in asynchronous links. The units are installed at each end of the link. Typically, the DCP 4010 originating unit fits between the terminal an modem at the remote site, and the DCP 4015 answer unit at the central site between computer and modem. Each unit is programmed with a four-digit code, the DCP 4010 throuogh thumbwheel switches and the DCP 1015 throught the DIP switches. If the code from the originating unit doesn't match that of the answer unit, the answer unit does not respond. To prevent transmission errors, data is temporarily buffered while a cyclic redundancy check is performed at the receiving end. When errors are present, the data is retransmitted and rechecked. Operation is automatic and transparent to existing hardware and software. The units sell for $750 each, droppint to $600 in quantity.

For security conscious customers, satellite carriers also offer optional encryption of transmissions. American Satellite Corporation supplies a DES-based encryption device operating in the cipher block-chaining mode. The CryptoLine handles full-duplex serial synchronous data at rates to 56 kbps. A phase-lock-loop prevents loss of synchronization on links with delay problems. Because of its protocol transparency, the CryptoLine can provide security for digital voice, video and facsimile traffic, none of which has a protocol base. It provides two levels of security: a primary key, which is set and changed as often as desired by the user; and a second, resident key.

Among suppliers of local area networks, Sytek, Incorporated provides data security and network protection with the ZO1 option of the LocalNet 20/100 Packet Communications Unit (PCU). When used with the KDC (Key Distribution Center) option of the LocalNet 50/100 network control center, the security feature protects against both passive and active data interception in a manner completely transparent to the user. Based on the DES algorithm, the security feature allows users to engage in multiple encrypted and/or standard sessions simultaneously, and allows for secure "subnets" while permitting free access to all network resources from any secure PCU.

Concern about data security is no longer restricted to government installations. With the proliferation of data networks, commercial organizations are becoming increasingly aware of their vulnerability to wiretaps, unauthorized access of proprietary data bases and other forms of electronic espionage. Computer-related fraud already accounts for losses estimated at $2 billion a year. And that figure is expected to go much higher as more systems go on-line.

Unfortunately, as the stakes are increasing, wiretapping is becoming easier and cheaper. Also, since the wiretaps can be operated remotely, today's eavesdroppers are less likely to get caught. Short of keeping the entire communications link secure physically, the only way to thwart eavesdroppers is through data encryption. In some cases, encryption may also be the most cost-effective technique for protecting stored data. This guards against unauthorized data base access and "active" forms of eavesdropping such as modifying messages or inserting false data.

For users seeking central control of encryption procedures and key management, IBM offers a subsystem that operates under the control of its Systems Network Architecture (SNA). Known as the IBM Cryptographic Subsystem, it can encrypt and decrypt information automatically without intervention by the terminal user of application.

To aid key management with its Info-guard system, Codex offers two optional units: the Key Generator Module (KGM), which is used to generate and store up to 512 keys; and the Key Loader Module (KLM), a portable hand-held device that accepts keys from the KGM and loads them into the encryption/decryption devices through an electrooptical interface to avoid electromagnetic radiations that could be detected by would-be intruders.

Info-guard's principal element is the Network Security Module (NSM), the encryption/decryption device which resides encryption/decryption device which resides on the data side of the modemsat both ends of the link. The NSM operates with asynchronous and half- and full-duplex synchronous protocols, and with five- or eight-bit code sets at data rates to 9.6 kabps. It uses the DES algorithm and a 64-bit key, which comprises a 56-bit key broken into seven-bit groups with an eight bit appended to the end of each group for odd parity. The NSM operates in cippher feedback mode for improved synchronization and intersymbol dependence.

The Infor-guard units are transparent to the data system and operate in a master-slave relationship. Two PROMs within the NSM handle specific protocols. The NSM also includes a hexadecimal keypad in a swing-down section that is secured from access by dual pick-resistant locks. Through the keypad, users may request the master NSM to generate the secondary code and down-line load it to the slave units. Alternatively, users may employ the KLM to distribute both primary and secondary keys.

For digital voice security applications, Datotek integrates a voice digitizer with its DS-138 encryptor and 9.6-kbps modem. The firm also offers encryption devices for analog facsimile transceivers, Baudot teleprinters and radio and telephone systems. The DC-105 is designed for off-line operation with a full-duplex Baudot teleprinter, while the DC-125 can be used either on- or off-line. The DC-125 can operate with both full character and telex character sets with multiple baud rates from 45 to 100. For secure facsimile transmissions, the DF-300 scrambler can operate with Xerox, 3M, Muirhead and Burroughs units, amont others. Digital fax machines can be secured with DS-138 units.

For added security with satellite transmissions, American Satellite now offers a DES-based encryption device operting in the cipher block-chaining mode. The CryptoLine handles full-duplex serial synchronous data at rates to 56 kbps. A phase-lock-loop prevents loss of synchronization on links with delay problems. Because of its protocol transparency, the CryptoLine can provide security for digital voice, video and facsimile traffic, none of which has a protocol base. It provides two levels of security: a primary key which is set and changed as often as desired by the user; and a second, resident key.

Oak Communicatioins of Rancho Bernardo, California offers a satellite signal encryptor to ensure the security of corporate video conferences. Known as Orion, for Oak Restrictedk Information and Operation Network, the system scrambles the television signal using one of a possible 4 million different codes. Transmissions can only be decoded with appropriate descrambling device.

With the concern over computer security heightened by last summer's publicity over the movie "War Games," and reports of youngsters gaining unauthorized access to government and commercial computers, interest in data security is at a high level. Stung by illegal penetration of government computer systems, the Department of Defense has divided its Arpanet packet-switching network into two segments, one for military users and the other for access by civilians. The military network, known as Milnet, will be used to interconnect classified computer sites; the otherk, R&Dnet, will serve unclassified sites only. Individuals daialing into either network over public telephone lines will have to give a password before being granted access to files.

COPYRIGHT 1984 Nelson Publishing
COPYRIGHT 2004 Gale Group