[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FTS2000 and Encryption?



On Fri, 28 Jun 1996 [email protected] wrote:

> I trying to find out if there are any talks, decisions or even standards being 
> discussed for encryption and FTS2000?

The current FTS2000 contains little in the way of protection other than
the proprietary standards undertaken by the vendors (mostly OPSEC and
PHYSEC), and the "customer"  level crypto that's operated above the layers
provided by the FTS2000 networks. 

In the FTS2000 follow-on contract, however, things are going to change. 
The Govvies are mandating compliance with a security policy (wow - that's
an incredible change) and network management traffic has to be protected. 
Further, overhead and orderwire bytes, etc., will also have to be
protected.  The Government isn't mandating how, but the bidding vendors
are expected to propose solutions.  Further, there are going to be some
standards for points of demarcation between adjacent networks.  The
security policy and RFP materials are on the 'net (I can't get to the web
right now, or I'd post the URL with this message).  From what I remember,
the RFP does state that all payload data will be encrypted by the
Government using NSA-approved crypto and that the vendors are not to
"worry about" what's in the payloads.  All they have to do is carry it
from point a to point b.

I imagine that we'll see contining developments in the STU-III area (the
most popular crypto phone in Government use), as well as new devices
supporting Type I and Type II crypto for use on the FTS2000 nets.

------------------------------------------------------------------------- 
|Just as the strength of the Internet is  |Mark Aldrich                 |
|chaos, so the strength of our liberty    |GRCI INFOSEC Engineering     |
|depends upon the chaos and cacophony of  |[email protected]            |
|the unfettered speech the First Amendment|[email protected] |
|protects - District Judge Stewart Dalzell|                             |
|_______________________________________________________________________|
|The author is PGP Empowered.  Public key at:  finger [email protected] |
|    The opinions expressed herein are strictly those of the author     |
|         and my employer gets no credit for them whatsoever.           |
-------------------------------------------------------------------------