Defence cutting new cryptographic key

The Interactive Link is entering service, but JP 2049 is now looking to establish a key management system to support the next generation of cryptographic devices.
JP 2049 is two-phase project tasked to provide Defence with a multi-level information security (INFOSEC) capability, and enhance support for the Department's security cryptographic requirements.

Phase 1 of the project supports the definition of a Defence-wide information security architecture, research into a series of component technologies, technology transfer and support to industry for DSTO's "Starlight" INFOSEC technology, including an initial procurement of devices.

Defence requires a multi-level security capability to support its command and control systems, and to provide ready access to and sharing of information across different security levels. Security products of high assurance are not currently available off-the-shelf. The high levels of assurance and the specific concepts and technologies required to be embedded in these security products are the subject of leading-edge research, including work undertaken by DSTO.

Transferring this technology to Australian industry and its further development is intended during this phase of the project. It is planned that this will result in the development of an Australian industry capability for the development and production of INFOSEC products to meet Defence requirements, and hopefully stimulate an industry capability to pursue non-defence markets.

Phase 1 was approved in the context of the 1996/97 Budget. An Australian consortium headed by Vision Abell, now Tenix, was selected to provide research and development assistance to DSTO and for commercialisation of the Starlight technology. The contract was awarded to Vision Abell in December 1997. The first product, the Data Diode, was certified on November 18, 1999. The Interactive Link and Multiple Computer Switch were certified on March 30 and March 16, 2000 respectively. The consortium is producing an initial number of certified devices for Defence, and has commenced work on the specification of the next product, the Trusted Reviewer.

Phase 2 of JP 2049 will establish an Australian Electronic Key Management System (AEKMS) to support information security cryptographic requirements.

This phase will provide Defence with an AEKMS for current technology cryptographic devices and provide a foundation to support the next generation of cryptographic devices. The proposed AEKMS will replace the current manual, paper-based system with an electronically based system that is inherently more secure, operationally more flexible and efficient, and capable of supporting the increasing demand for keying material. This will be achieved by the procurement of a system to support the electronic generation, distribution, accounting and destruction of keying material in a combined, joint and single service environment.

The AEKMS is based on specialised hardware and software available only from specific United States sources. The overall systems integration task is planned to be undertaken by the supplier with Commercial-Off-The-Shelf (COTS) equipment being sourced in Australia.

The support of the US-sourced hardware and software will need to accord with United States export control requirements and will be a Defence in-house activity.

By Daniel Cotterill, Canberra