One if by land ... (Communications).Efforts to conceal certain communication elements from unauthorised eavesdroppers is a practice that can be traced as far back as the Roman Empire and Julius Caesar's shift key cipher--and yet further back to the 5th and 6th centuries BC. Today's battlefield offers challenges of unrivalled proportions, most decidedly due to the problems inherent in such an electronically saturated environment. Managing the flow of landline and wireless information beamed around a battlefield, shuffled to and from headquarters and relayed by drones and satellites to control centres tens of thousands of kilometres away is a monumental task in itself. To ensure the integrity of such communications, dodging jamming, interception, spoofing and intrusion attempts, requires a multi-tiered management system that must be adhered to at all levels else all is for nought. Couple these worries with the fact that hacking, denial of service attacks and virus creation is the hobby of today's teenagers (and others), and one is confronted with an environment that could give any warfighter sleepless nights. But there are weapons with which to effect a graceful parry. Craftier than Thou Communications security See COMSEC. (comsec) covers cryptography and its key management practices, query and response, authentication, intrusion detection See IDS and IPS. and other methods. Technology has driven this market to such an extreme that AuthenTec, a semiconductor company serving the biometrics industry (security via fingerprint and retina, as well as facial and voice recognition), now provides a secure fingerprint sensor with a contact surface area of only 0.4-inches square, and sees its future application in computer keyboards, mice and mobile devices. This technology is still at the leading edge and not yet practical for battlefield application. But cryptography is, and in wireless communication it is gaining ground on the futuristic biometric field. ITT ITT Initial Teacher Training (UK) ITT I Think That ITT Invitation To Tender ITT Individual Time Trial (professional cycling) ITT Intention-To-Treat ITT In This Thread (forums) , for example, co-developer of the Software Communications Architecture The Software Communications Architecture (SCA) is an open architecture framework that tells designers how elements of hardware and software are to operate in harmony within a software defined radio. SCA is a key element in the U.S. military's Joint Tactical Radio System (JTRS). (SCA (Single Connector Attachment) An 80-pin plug and socket used to connect peripherals. With a SCSI drive, it rolls three cables (power, data channel and ID configuration) into one connector for fast installation and removal. ) for the JTRS JTRS Joint Tactical Radio System JtRS Just The Right Shoe JTRS Just the Right Size JTRS Johnson Technical Reports Server JTRS Joint Tenancy with Right of Survivorship JTRS Jefferson Township Rescue Squad programme, recently introduced its Spearhead set. The company labels this unit `the world's smallest handheld tactical radio' designed for the international market. Much interest has already been received domestically and from Asian countries, Singapore in particular. The Spearhead covers 30 to 512 MHz (MegaHertZ) One million cycles per second. It is used to measure the transmission speed of electronic devices, including channels, buses and the computer's internal clock. A one-megahertz clock (1 MHz) means some number of bits (16, 32, 64, etc. with a modular, snap-off back module that converts the unit's transmission frequencies from RF to UHF (Ultra High Frequency) The range of electromagnetic frequencies from 300 MHz to 3 GHz. In the U.S., analog television has used UHF channels 52 to 69 in the 700 MHz band. . At only 500 grams, the network-ready Spearhead uses country-unique Comsec and Transec (Communications/ Transmission Security), frequency hopping A wireless modulation method that rapidly changes the center frequency of a transmission. See spread spectrum and 802.11. and software programmability. To dissect dissect /dis·sect/ (di-sekt´) (di-sekt´) 1. to cut apart, or separate. 2. to expose structures of a cadaver for anatomical study. dis·sect v. a phrase, frequency hopping is a common practice that entails dividing certain transmission information into small packets that are then broadcast individually via a pre-determined combination of radio frequencies, thus making it rather challenging to follow throughout the spectrum. With today's radios hopping at 1000 frequencies per second, separating these packets from background noise and other transmissions is, as mentioned, virtually impossible--with a bit of stress on the virtually. Companies designing these frequency or channel hopping (chat) channel hopping - To rapidly switch channels on IRC, or a GEnie chat board. This term may derive from the TV idiom, "channel surfing". radios are working in tandem Adv. 1. in tandem - one behind the other; "ride tandem on a bicycle built for two"; "riding horses down the path in tandem" tandem (but not necessarily together) with those developing follow-on or follower algorithms (and jammers) that chase these signals throughout the spectrum. A game of cat and mouse as it were. On the opposite end of that spectrum, Rohde & Schwarz produces a range of signal detection, direction finder direction finder, electronic device used to determine the position of a ship or aircraft. In a simple direction finder a radio receiver is equipped with a revolving directional antenna. and system monitoring A System Monitor (SM) is a process within a distributed system for collecting and storing state data. There are many issues involved with designing and implementing a system monitor. equipment, along with cryptographic and communication systems. The German company's DDF DDF Distributed Data Facility DDF Digital Distribution Frame DDF Director's Discretionary Fund DDF Danske Dagblades Forening DDF District Development Fund (UN) DDF Data Decryption Field DDF Drug and Disease Free 0xM direction finder utilises digital signal processing See DSP. Digital Signal Processing - (DSP) Computer manipulation of analog signals (commonly sound or image) which have been converted to digital form (sampled). through filtering, bearing calculations and signal demodulation demodulation: see modulation. See demodulate. (communications) demodulation - To recover the signal from the carrier. For example, in a radio broadcast using amplitude modulation the audio signal is transmitted as the mean amplitude of a data to lock on to a burst or hopping signal. An industry-standard algorithm for correlating the signal's position through a method named the Watson-Watt DF is then applied. The DDF0xM also uses an advanced correlative Having a reciprocal relationship in that the existence of one relationship normally implies the existence of the other. Mother and child, and duty and claim, are correlative terms. interferometer interferometer: see interference under Interference as a Scientific Tool. See also virtual telescope. An instrument that measures the wavelengths of light and distances. method for signal processing See DSP. , whereas the antenna voltages of the signal received are compared with stored reference values ref·er·ence values pl.n. A set of laboratory test values obtained from an individual or from a group in a defined state of health. giving a difference that can be accurately measured. Even short-burst signals are not immune to such a search method. Moreover, a main problem inherent with most wireless communication stems from the fact that interception cannot be detected. One exception to this rule is with free-space optical transmissions, wherein a beam of optical energy (laser) is focused on a receptacle within the line-of-sight of the transmitter. Any system compromise would result in a noticeable loss of power (attenuation Loss of signal power in a transmission. Attenuation The reduction in level of a transmitted quantity as a function of a parameter, usually distance. It is applied mainly to acoustic or electromagnetic waves and is expressed as the ratio of power densities. ) throughout the communication network. But that doesn't help in the rest of the wireless world. Changing My Name Cryptography is the communications technique that translates information into an apparently random series of characters, which are to be reverse-translated at the reception end. This is a world inhabited by mathematicians, analysts and interpreters, those who create their own cipher cipher: see cryptography. (1) The core algorithm used to encrypt data. A cipher transforms regular data (plaintext) into a coded set of data (ciphertext) that is not reversible without a key. `languages' and try to decipher those of others. The cipher process involves the use of a mathematical algorithm that substitutes each symbol (including punctuation and spaces), letter or a combination of these within a plain text message for a different letter or group, resulting in a message written in jabberwocky jab·ber·wock·y n. Nonsensical speech or writing. [After "Jabberwocky," a nonsense poem by Lewis Carroll.] Noun 1. . To those units authorised to receive specific communications is distributed the `key' that will match the combination to the corresponding letters or packets, returning the gibberish to a readable message. Once developed, these algorithms are written to computer chips and embedded in radio equipment. The development and dissemination of crypto algorithms in the US is governed by the dictates of the US National Security Agency (NSA NSA abbr. National Security Agency Noun 1. NSA - the United States cryptologic organization that coordinates and directs highly specialized activities to protect United States information systems and to produce foreign ), who keeps a sharp eye on the domestic use of cryptography and, even more stringently, on that being exported. This is where the security of a nation, and not the wishes of a manufacturer, come into play. Harris, for example, has recently received NSA certification for its Sierra cryptographic module for use by the US military forces. To receive this certification, Harris had to prove that its `military grade' algorithm (received from the NSA) was integrated into its on-board chips in compliance with NSA standards. These chips are used, for example, in the Harris Falcon II series of tactical radios, which will also feature prominently in the JTRS military communication environment; a software-defined tactical radio programme for worldwide defence forces. Harris developed its Citadel module for the Falcon II series radios supplied to US allies. The Citadel is another military grade-chip that includes country-unique algorithms customised by the company; an operation that ensures no single country has access to the complete algorithm. Omnisec, of Switzerland, like other non-American companies, is not as restricted as its US counterparts in algorithm development; Omnisec therefore has a more open hand to custom-build solutions for its military offerings. The company designs and develops encryption solutions for facsimile, landline communications, VPN (Virtual Private Network) A private network that is configured within a public network (a carrier's network or the Internet) in order to take advantage of the economies of scale and management facilities of large networks. connections and e-mail, to name but a few. The ability to provide a truly unique crypto solution, complete with a one-off algorithm, gives an edge to companies outside the envelope of America's NSA. The Key is the Key During World War II, the United States United States, officially United States of America, republic (2005 est. pop. 295,734,000), 3,539,227 sq mi (9,166,598 sq km), North America. The United States is the world's third largest country in population and the fourth largest country in area. recruited over 400 Navajo Indian Code Talkers to speak in their native tongue and pass along sensitive information. The Navajo language Navajo or Navaho (native name: Diné bizaad) is an Athabaskan language (of Na-Dené stock) spoken in the southwest United States by the Navajo people (Diné). is based on tonal sounds, which made it extremely difficult for others to understand and decipher. The Japanese and Germans hardly knew how to handle this new form of code for which the only key was to capture a native Navajo and somehow force him to decipher the message traffic. Today, algorithm and key management is paramount to maintaining a secure base of communications. But, as elsewhere, "Nobody wants to spend money on security", mentions Giuliano Otth, Chief Executive Officer of Switzerland's Crypto, "until one's system is compromised." Then it's a mad dash to close the doors and windows Doors and Windows is a multimedia disk by the Irish band The Cranberries. Track listing
Crypto specialises in algorithm design and the implementation of key management solutions, which the company sees as an overall strategy to maintaining communication and information security. Key management involves, among other things, developing `need to know' lists, the physical management of sensitive materials, performing cipher checks, tamper-proofing hardware and designing equipment to surpass Tempest (radiation leak) standards. Crypto was established in 1948 by Boris Hagelin, a Swedish inventor who offered his ciphering device to the Americans at the start of World War II, when cryptographic hardware was in great demand. His successful prototype was then mass-produced at the SmithCorona typewriter factory, where over 140,000 units were manufactured. His M-209 model, nicknamed "Hag" by US forces, was used in large numbers during the invasion of Normandy. Crypto has also developed a high-level security system of systems labelled TIS, Total Information Security. The TIS programme encompasses tamper-proof hardware, unique software solutions, Tempest control and access and key management. When asked which part of the system would most contribute to a compromise, Mr Otth replied, "Our solutions are complete solutions, where each member of the system is as important as the next. Therefore, no single organ's compromise can severely affect the whole. But if I were to pick the single most important element it would, of course, be the key". Yet the company claims the trend has changed from the chase for the key to the deciphering of the complete system. In this vein, Crypto's offers its HC-6950 emission-protected workstation, which guards against the electromagnetic emanation emanation, in philosophy emanation (ĕmənā`shən) [Lat.,=flowing from], cosmological concept that explains the creation of the world by a series of radiations, or emanations, originating in the godhead. of compromising information and includes virtual memory protection, file, disk and message encryption and solid encryption of Virtual Private Network connections. A much-needed soldier-proof asset when dealing with a nation's secrets. Rohde & Schwarz has long been a market leader in cryptographic solutions for Nato forces, offering the services of its 100 mathematicians, computer scientists and engineers for the development of communication and encryption equipment. The company's Sit division has developed its TopSec line of solutions for voice and data encryption via GSM and ISDN ISDN in full Integrated Services Digital Network Digital telecommunications network that operates over standard copper telephone wires or other media. . Using the Back Door The process isn't as easy as just deciphering, changing and re-transmitting a `caught' signal (known as spoofing), as Dick Rzepkowski, Vice President, Communications Security Products at Harris RF Communications Division explains, "Most crypto systems include certain checks and verifications. An error extension, for example, amplifies a system error when it notices even one bit has changed. Time stamping time stamping The stamping of order tickets with the time of entry and execution. For example, options exchanges require stamping of order tickets with the times of execution to the nearest minute. is another method--one that `stamps' the time code into the message so any deviation of real-time reception (if the message is caught, changed and retransmitted) flags the message as not authentic". This is all well and good for radio-transmitted signals, but what about land-based networks? Sending and receiving voice, data, even something as simple as e-mail, which is actually one of the most non-secure communication methods we use today. The Internet is host to a plethora of parasites, viruses, hackers and those generally interested in what a soldier or sailor is doing and where he or she is and will be. Even "secure" military Internets and intranets are not immune. For example, the author did a simple search on the Internet and scored with a copy of the US National Security Agency's security guidelines. It is not hard to find hackers who have taken control of or compromised sites and networks and advertise their work. A common hacking thread is to enter through e-mail systems and drop a `bomb' into someone's system or computer. Therefore, by programming a `watcher' to record and transmit the users' keystrokes (or transcript of websites visited), the hacker has a record of usernames and passwords to e-commerce sites, for example, complete with the credit card information. That same hacker's access could be gained directly through a firewall simply to retrieve database information for later use. On the battlefield this creates a more serious situation where, once an e-mail or `instant' message has been intercepted, any combination of scenarios can manifest themselves. The impact of troop movement or surveillance information being compromised speaks volumes in itself. The solution is to implement some sort of e-mail and/or file encryption system. From the pioneer in e-mail encryption--Pretty Good Privacy (PGP (Pretty Good Privacy) A data encryption program from PGP Corporation, Palo Alto, CA (www.pgp.com). Published as freeware in 1991 and widely used around the world for encrypting e-mail messages and securing files, PGP is available for commercial use and as freeware for )--to any of several military-grade encryption programmes, the field from which to select is both broad and deep. Omnisec has developed an e-mail and file encryption bundle, the Omnisec 320-E, which consists of a plug-in for MS Outlook and Exchange, therefore embedding encryption into normal e-mail usage. The 320 File Encryption application ensures secure data storage on local or remote media; it works with Windows 95/98/2000 and NT 4.0, and shares a master key with the 320-E version that is generated by yet another application, Omnisec 320 K. The master key-sharing applications rely on hardware-based encryption that is housed in the company's Omnicard, which is access and tamper protected. Omnisec has also developed a hardware key management centre, Omnisec 710, designed to support the company's Omnicrypt Security Architecture. The 710 generates master keys, programs security modules and calculates authenticated key agreement data. The Harris FR-6750W Wireless Gateway and RF-6710W Wireless Message Terminal combine to provide a secure wireless e-mail solution for tactical radios. These products work seamlessly with MS Outlook and deliver error-free e-mail messages with ASCII ASCII or American Standard Code for Information Interchange, a set of codes used to represent letters, numbers, a few symbols, and control characters. Originally designed for teletype operations, it has found wide application in computers. , binary and image file attachments from one wireless node to another across a wide swath of the electromagnetic spectrum electromagnetic spectrum Total range of frequencies or wavelengths of electromagnetic radiation. The spectrum ranges from waves of long wavelength (low frequency) to those of short wavelength (high frequency); it comprises, in order of increasing frequency (or decreasing (HF to UHF, satellite, etc). The e-mail system is compliant with Nato Stanag and it uses the Compressed File Transfer (CFTP CFTP Coupling from the Past (probability theory) CFTP Certified Finance and Treasury Professional (Australia) CFTP Compagnie Franco Tunisienne des Petroles (Tunisia oil company) ) and HF Mail Transport (HMTP HMTP High Frequency Mail Transfer Protocol HMTP Hyper Mail Transfer Protocol ) protocols. The RF-6750W software package connects directly to an Ethernet TCP/IP TCP/IP in full Transmission Control Protocol/Internet Protocol Standard Internet communications protocols that allow digital computers to communicate over long distances. local area network and operates as a radio mail server and, oddly enough, is even compatible with software running on Linux and Macintosh operating systems (Windows taken for granted Adj. 1. taken for granted - evident without proof or argument; "an axiomatic truth"; "we hold these truths to be self-evident" axiomatic, self-evident obvious - easily perceived by the senses or grasped by the mind; "obvious errors" ). The System 200 package from Austrian firm Mils Electronic contains a tamper-resistant security PCI (1) (Payment Card Industry) See PCI DSS. (2) (Peripheral Component Interconnect) The most widely used I/O bus (peripheral bus). module, the MilsCard, that provides secure storage of cryptographic keys and executes one-time key algorithms in a sealed, protected environment. Further in System 200 is the MilsMail message exchange application that extends MS Outlook functionality by adding encryption and decryption (cryptography) decryption - Any procedure used in cryptography to convert ciphertext (encrypted data) into plaintext. . The MilsAdministrator manages key generation and distribution, and MilsFile is a secure storage application that works through Windows Explorer. MilsFile can be applied to single files or entire folders on either local or remote storage devices. Of significance is that the cryptographic keys in System 200 are either protected by being stored on MilsCard or by being encrypted with a specific key algorithm. Access is completely restricted to users in possession of a valid MilsCard and the corresponding password. Mils Electronic has developed its proprietary stream cipher algorithm with high cryptographic security standards with regard to cycle and key length and degree of non-linearity. The encryption technology operates with a random key that is generated by a noise source and used only once, therefore, as the company illustrates, impossible to break. Deft Fingers--Tuned Ears Although not an e-mail application, but just as likely to be subject to attack is the Tri-sector Access Point from AI Wireless. An 11Mbps Ethernet broadcast service which pushes full motion video and other data over the company's proprietary 802.11b protocol at 6.2 Mbps with a 448-bit Blowfish A secret key cryptography method that uses a variable length key from 32 to 448 bits long. It uses the block cipher method, which breaks the text into 64-bit blocks before encrypting them. encryption. The bit count in encryption refers to the total number of possible keys that can be used to encrypt the information. The principle here is similar to that of a combination lock on a safe. If the lock is well designed so that a burglar cannot hear or feel its inner workings, a person who does not know the combination can open it only by dialling one set of numbers after another until it yields. The sizes of encryption keys are measured in bits and the difficulty of trying all possible keys grows exponentially with the number of bits used. Adding one bit to the key doubles the number of possible keys; adding ten increases it by a factor of more than a thousand. It is a property of computer encryption that modest increases in computational cost can produce vast increases in security. Encrypting information very securely (e.g., with 128-bit keys) typically requires little more computing than encrypting it weakly (40-bit keys). In many applications, the cryptography itself accounts for only a small fraction of the computing costs, compared to such processes as voice or image compression required to prepare material for encryption. Most crypto-developing companies believe that a 128-bit key is more than sufficient to thwart a timely attack. Only by the purest luck and the world's greatest computing power can one break a 128-bit key in one lifetime (rhetorically-speaking). The 448-bit key used in the Tri-sector Access Point video encryption may seem like overkill overkill Vox populi An excess of anything , but to what level of security does one assign UAV UAV Unmanned Aerial Vehicle UAV Unmanned Air Vehicle UAV Unmanned Aerospace Vehicle UAV Unmanned Airborne Vehicle UAV Uninhabited Air Vehicle UAV Urban Assault Vehicle UAV Unpiloted Aerial Vehicle (less common) or forward observer battlefield video feeds? An Ounce of Prevention This leads us back to the notion of encrypting one's message. Communicating through secure e-mail is convenient, but products, such as L-3 Communications-Ilex Systems' 895-SF Secure Office Fax and the 595-TSF Tempest Facsimile add to the spectrum of crypto-based communication equipment. No stone left unturned--fax, e-mail, radio, telephony and computer-based communications, all are vulnerable to intrusion, jamming, interception, spoofing and the ubiquitous virus. Virus protection programs are standard kit on almost every computer--but virus developers seem to get craftier each day and are passing along their viruses at an alarming rate. With this in mind, the US Army has selected Harris' Stat vulnerability assessment software to protect its global computer network from cyber threats. Under a multi-million dollar contract, Harris is deploying its Stat Scanner on more than 1.5 million workstations. Stat Scanner travels through a computer network--including strategic, tactical, MSE MSE Mouse (computer) MSE Materials Science & Engineering MSE Mean Squared Error MSE Mean Square Error MSE Master of Science in Engineering MSE Manufacturing Systems Engineering MSE Mechanically Stabilized Earth and the Army's tactical Internet--and provides the network administrator with a comprehensive analysis of all vulnerabilities, with specific details on the risk level of each. Harris also provides its Stat Analyzer to analyse and identify both internal and external security vulnerabilities. BAE Systems has developed a firewall that protects against a newly-discovered vulnerability in the SNMP (Simple Network Management Protocol) A widely used network monitoring and control protocol. Data are passed from SNMP agents, which are hardware and/or software processes reporting activity in each network device (hub, router, bridge, etc. V1 Internet standard protocol. This open door allows cyber attackers to gain control of, or even take down, commercial and military networks. The Midass firewall, developed in conjunction with QinteiQ, ensures that only traffic approved by a security policy can transit the firewall. Raytheon recently dedicated a $14 million, 70,000 [ft.sup.2] satellite communications, integration and operations centre designed to promote hands-on customer involvement in the development of new systems. The diagnostic equipment and testing laboratories are state-of-the-art--but will some inquisitive organisation hire their 13-year-old neighbour to slip in through the cracks? Anyone Can Get In Tactical Internets are as vulnerable as the Internet the rest of the world uses. A sample of recent information copied from hacker sites throughout the Internet illustrates how easy it is to either become proficient in hacking civil, government or military sites and networks or how one can acquire the services of one who already possesses the talents--more often than not, teenagers. Some Freely Available Online Hacking Tools Include:
PW-Gen a password generator,
DisCard checks and generates credit card numbers
Web Bug Locator a web bug can track your movements throughout the
Internet
Codice Fiscale calculates Italian Fiscal Codes (similar to US
Social Security numbers)
OurBiz an online personal encryption tool for private
communications
Browsinfo tool that shows all possible collectible
information about a person browsing the Internet
(Browser, system, documents on hard drive)
DialTone provides all types of dial tones used in the US
phone system (pay phone, telecom-specific and
keypad tones)
A Few of the Available Hacking Guides Include: * How to Bypass BIOS Passwords * FAQ (Frequently Asked Questions) A group of commonly asked questions about a subject along with the answers. Vendors often display them on their Web sites for use as troubleshooting guidelines. and Guide to Cracking (hacking) * Sniffer FAQ (What a sniffer is and how it works, where sniffers are available and how to stop a sniffing attack.) |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion