Technology Today - Home
Information assurance is defined by the processes and technologies required to manage the risks of storing and sharing information. Cryptography, a subset of information assurance, includes the technologies deployed to ensure the protection of sensitive information. Cryptographic methods are an esoteric blend of mathematics and computer science. Within the U.S., these methods and techniques are strictly controlled by the National Security Agency.

Raytheon produces a variety of communication systems that include embedded cryptographic technologies certified by the NSA for use in classified applications. Many of these systems use different cryptographic engines — each NSA-certified — but employ disparate technologies that have evolved independently as their program needs matured over the years. These products are referred to as Type 1 products. Type 1 is defined as a cryptographic system approved by the NSA for handling U.S. government-classified information.

The Type 1 certification process shown in Figure 1 is very rigorous and includes the creation of dozens of complex documents specific to a particular crypto embedment. It may span two to three years, and it requires a close working relationship with the NSA. Several Raytheon products have been certified using this process, with more in the pipeline. Every step in the process thoroughly analyzes minute details of a design to ensure minimal risk of inadvertently transposing classified information on an unclassified signal path. Typically, once a system has been certified, there is little desire to repeat this process.

Introducing Crypto Modernization
If changes are required in a crypto design or production process, this certification process must be repeated. Whether tailored or not, new certification requires serious time, engineering and funding. Because of this, Raytheon embraced software-defined cryptography and extreme commonality across its various product lines, with a goal to reuse hardware, software, firmware and certification documentation to minimize cost, schedule and risk for new certifications. This adaptability allows for rapid incorporation of new cryptographic algorithms, key management services or undefined capabilities yielding a future-proof design.

The NSA has defined new requirements for crypto modernization in NSA/CSS Policy 3-9 to include six basic tenets:
1. Assured security robustness
2. Cryptographic algorithm support
3. Interoperability
4. Releasability
5. Programmability
6. End crypto unit management and key management infrastructure compatibility

This new agency mandate requires that Raytheon's existing suite of Type 1 products must be "crypto modern," driven largely by the retirement of old crypto algorithms in favor of new, highly robust algorithms. Raytheon has the opportunity to upgrade its legacy application-specific products to be capable of running new, sometimes yet-to-be-defined algorithms. This provides both an opportunity for growth and a technology challenge, as many of these products use different cryptographic engines and techniques to achieve NSA certification.

Developing a Reference Architecture
To prepare for this challenge, Raytheon developed a Cryptographic Reference Architecture to guide programs toward a common crypto solution by providing the desired hardware, software, firmware and certification documentation reuse.

Raytheon's unique position in the embedded crypto market is the diversity of solutions employed to achieve Type 1. Rather than relying on our own organic crypto engine solution, we tailor the selection of the engine to our unique requirements. In doing so, our embedment skills span technologies beyond a single device family and include devices from a variety of suppliers and competitors. We have exploited this knowledge to create the reference architecture and the common designs emerging from it.

Raytheon has successfully deployed the reference architecture on one high-profile system and used it to win the highly competitive F-22 Raptor KOV-50 Cryptographic Processor contract. The F-22 capture resulted in an Excellence in Business Development award, while the team that developed the reference architecture received a Raytheon Excellence in Engineering and Technology award.

Creating Benefits
Imagine the benefits of a common set of programmable, crypto modern solutions that can be reused across airborne, ground/vehicular, and man-portable Type 1 product lines: improved time to market, guaranteed interoperability, reduced unit costs, and Mission Assurance. All are achievable through this unusual level of commonality, saving millions of dollars and man years of effort for each Type 1 embedment.

Raytheon is emerging as a premier provider of embedded Type 1 cryptographic solutions. The diversity of our embedded cryptographic solutions; the multiple product domains we satisfy; the unique skill sets commensurate with Type 1 certification; our NSA-certified embedment specialists: All of these combine to provide growth opportunities in the new crypto-modernization market.

Larry Finger