Cryptographic Modernization Program
Encyclopedia
The Cryptographic Modernization Program is a Department of Defense
directed, NSA Information Assurance Directorate led effort to transform and modernize Information Assurance
capabilities for the 21st century. It has three phases:
Replacement- All at risk devices to be replaced.
Modernization- Integrate modular (programmable/ embedded) crypto solutions.
Transformation- Be compliant to GIG/ NetCentric requirements.
The CM is a joint initiative to upgrade the DoD crypto inventory. Of the 1.3 million cryptographic devices in the U.S. inventory, 73 percent will be replaced over the next 10 to 15 years by ongoing and planned C4ISR
systems programs, Information Technology
modernization initiatives and advanced weapons platforms.
All command and control, communications, computer, intelligence
, surveillance
, reconnaissance
, information technology
and weapons systems that rely upon cryptography
for the provision of assured confidentiality
, integrity
, and authentication
services will become a part of this long-term undertaking. The Cryptographic Modernization program is a tightly integrated partnership between the NSA, the military departments, operational commands, defense agencies, the Joint Staff, federal government entities and industry.
The program is a multi-billion dollar, multi-year undertaking that will transform cryptographic security capabilities for national security systems at all echelons and points of use. It will exploit new and emerging technologies, provide advanced enabling infrastructure capabilities, and at the same time, modernize legacy devices that are now operationally employed.
The program also directly supports the DoD vision of the Global Information Grid
. The security configuration features enable new cryptosystems to provide secure information delivery anywhere on the global grid while using the grid itself for security configuration and provisioning—total seamless integration.
support. This allows for protection of sensitive government data as well as interoperability with coalition parters, such as NATO. The program includes the DOD's Key Management Initiative which is designed to replace cumbersome special purpose channels for distribution of cryptographic keys
with a network-based approach by 2015.
United States Department of Defense
The United States Department of Defense is the U.S...
directed, NSA Information Assurance Directorate led effort to transform and modernize Information Assurance
Information Assurance
Information assurance is the practice of managing risks related to the use, processing, storage, and transmission of information or data and the systems and processes used for those purposes...
capabilities for the 21st century. It has three phases:
Replacement- All at risk devices to be replaced.
Modernization- Integrate modular (programmable/ embedded) crypto solutions.
Transformation- Be compliant to GIG/ NetCentric requirements.
The CM is a joint initiative to upgrade the DoD crypto inventory. Of the 1.3 million cryptographic devices in the U.S. inventory, 73 percent will be replaced over the next 10 to 15 years by ongoing and planned C4ISR
C4ISR
C4ISR may refer to:* the C4ISR concept of Command, Control, Communications, Computers, Intelligence, Surveillance and Reconnaissance, the U.S. term for C4ISTAR* C4ISR Journal, a journal published by the Defense News Media Group...
systems programs, Information Technology
Information technology
Information technology is the acquisition, processing, storage and dissemination of vocal, pictorial, textual and numerical information by a microelectronics-based combination of computing and telecommunications...
modernization initiatives and advanced weapons platforms.
All command and control, communications, computer, intelligence
Intelligence (information gathering)
Intelligence assessment is the development of forecasts of behaviour or recommended courses of action to the leadership of an organization, based on a wide range of available information sources both overt and covert. Assessments are developed in response to requirements declared by the leadership...
, surveillance
Surveillance
Surveillance is the monitoring of the behavior, activities, or other changing information, usually of people. It is sometimes done in a surreptitious manner...
, reconnaissance
Reconnaissance
Reconnaissance is the military term for exploring beyond the area occupied by friendly forces to gain information about enemy forces or features of the environment....
, information technology
Information technology
Information technology is the acquisition, processing, storage and dissemination of vocal, pictorial, textual and numerical information by a microelectronics-based combination of computing and telecommunications...
and weapons systems that rely upon cryptography
Cryptography
Cryptography is the practice and study of techniques for secure communication in the presence of third parties...
for the provision of assured confidentiality
Confidentiality
Confidentiality is an ethical principle associated with several professions . In ethics, and in law and alternative forms of legal resolution such as mediation, some types of communication between a person and one of these professionals are "privileged" and may not be discussed or divulged to...
, integrity
Data integrity
Data Integrity in its broadest meaning refers to the trustworthiness of system resources over their entire life cycle. In more analytic terms, it is "the representational faithfulness of information to the true state of the object that the information represents, where representational faithfulness...
, and authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
services will become a part of this long-term undertaking. The Cryptographic Modernization program is a tightly integrated partnership between the NSA, the military departments, operational commands, defense agencies, the Joint Staff, federal government entities and industry.
The program is a multi-billion dollar, multi-year undertaking that will transform cryptographic security capabilities for national security systems at all echelons and points of use. It will exploit new and emerging technologies, provide advanced enabling infrastructure capabilities, and at the same time, modernize legacy devices that are now operationally employed.
The program also directly supports the DoD vision of the Global Information Grid
Global Information Grid
The Global Information Grid is an all-encompassing communications project of the United States Department of Defense.It is defined as a "globally interconnected, end-to-end set of information capabilities for collecting, processing, storing, disseminating, and managing information on demand to...
. The security configuration features enable new cryptosystems to provide secure information delivery anywhere on the global grid while using the grid itself for security configuration and provisioning—total seamless integration.
Cryptography
Most modernized devices will include both Suite A (US only) and Suite BNSA Suite B
Suite B is a set of cryptographic algorithms promulgated by the National Security Agency as part of its Cryptographic Modernization Program. It is to serve as an interoperable cryptographic base for both unclassified information and most classified information. Suite B was announced on 16...
support. This allows for protection of sensitive government data as well as interoperability with coalition parters, such as NATO. The program includes the DOD's Key Management Initiative which is designed to replace cumbersome special purpose channels for distribution of cryptographic keys
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
with a network-based approach by 2015.
Interoperability
The NSA has also led the effort to create standards for devices to prevent vendor lock in.- High Assurance Internet Protocol Encryptor (HAIPEHAIPEA HAIPE is a Type 1 encryption device that complies with the National Security Agency's HAIPE IS . The cryptography used is Suite A and Suite B, also specified by the NSA as part of the Cryptographic Modernization Program...
) - Link Encryptor Family (LEF)
- Secure Communications Interoperability Protocol (SCIP)