SCIP

From Wikipedia, the free encyclopedia

SCIP is the U.S. Government's standard for secure voice and data communication. The acronym stands for Secure Communications Interoperability Protocol and was adopted to replace the FNBDT (Future Narrowband Digital Terminal) title in 2004. SCIP systems have been in use since 2001, beginning with the CONDOR secure cell phone. The standard is designed to cover wideband as well as narrowband voice and data security.

SCIP has to operate over the wide variety of communications systems that the U.S. Government uses, including commercial land line telephone, military radios, communication satellites, Voice over IP and the several different cellular telephone standards. Therefore it was designed to make no assumptions about the underlying channel other than a minimum bandwidth of 2400 Hz. It is similar to a dial-up modem in that once a connection is made, two SCIP phones first negotiate the parameters they need and then communicate in the best way possible.

SCIP was designed by the Department of Defense Digital Voice Processor Consortium (DDVPC) in cooperation with the U.S. National Security Agency and is intended to solve problems with earlier NSA encryption systems for voice, including STU-III and STE which made assumptions about the underlying communication systems that prevented interoperability with more modern wireless systems. STE sets can be upgraded to work with SCIP, but STU-III cannot. This has led to some resistance since various government agencies already own over 350,000 STU-III telephones at a cost of several thousand dollars each.

There are several components to the SCIP standard: key management, voice compression, encryption and a signalling plan.

Contents

[edit] Key management (120)

To set up a secure call, a new Traffic Encryption Key (TEK) must be negotiated. For Type 1 security (classified calls), the SCIP signalling plan uses an enhanced FIREFLY messaging system for key exchange. FIREFLY is an NSA key management system based on public key cryptography. At least one commercial grade implementation uses Diffie-Hellman key exchange.

STEs use security tokens to limit use of the secure voice capability to authorized users while other SCIP devices only require a PIN code, 7 digits for Type 1 security, 4 digits for unclassified.

[edit] Voice compression

SCIP can work with a variety of vocoders, but the standard requires, as a minimum, support for Mixed Excitation Linear Prediction (MELP), an enhanced LPC algorithm, with additional synthesizer capabilities for improved intelligibility. MELP operates at 2400 bit/s, sending a 54 bit data frame every 22.5 milliseconds.

MELP was designed by Texas Instruments, Atlanta Signal Processor and the NSA. It was selected through an evaluation process conducted by the Arcon Corporation. MELP encoded speech samples can be found on the Arcon web site.

[edit] Encryption (230)

For security, SCIP uses a block cipher operating in counter mode. A new Traffic Encryption Key (TEK) is negotiated for each call. The block cipher is fed a 64-bit state vector (SV) as input. If the cipher's block size is longer than 64 bits, a fixed filler is added. The output from the block cipher is xored with the MELP data frames to create the cipher text that is then transmitted.

The low-order two bits of the state vector are reserved for applications where the data frame is longer than the block cipher output. The next 42 bits are the counter. Four bits are used to represent the transmission mode. This allows more than one mode, e.g. voice and data, to operate at the same time with the same TEK. The high-order 16 bits are a sender ID. This allows multiple senders on a single channel to all use the same TEK. Note that since overall SCIP encryption is effectively a stream cipher, it is essential that the same state vector value never be used twice for a given TEK. At MELP data rates, a 42-bit counter allows a call over three thousand years long before the encryption repeats.

For Type 1 security, SCIP uses BATON, a 128-bit block design. With this or other 128-bit ciphers, such as AES, SCIP specifies that two data frames are encrypted with each cipher output bloc, the first beginning at bit 1, the second at bit 57 (i.e. the next byte boundary). At least one commercial grade implementation uses the Triple DES cipher.

[edit] Signalling plan (210)

SCIP has two modes for transmission. For data, it uses an ARQ protocol with forward error correction (FEC) to ensure reliable transmission. The receiving station acknowledges accurate receipt of data blocks and can ask for a block to be re-transmitted, if necessary. For voice, SCIP simply sends a stream of MELP data blocks. This is done to maximize the use of the available channel bandwidth. To save power on voice calls, SCIP stops sending if there is no speech input. A synchronization block is sent roughly twice a second in place of a data frame. The low order 14 bits of the encryption counter are sent with every sync block. The 14 bits are enough to cover a fade out of more than six minutes. Part of the rest of the state vector are sent as well so that with receipt of three sync blocks, the entire state vector is recovered. This handles longer fades and allows a station with the proper TEK to join a multi station net and be synchronized within 1.5 seconds.

[edit] See also

[edit] References

[edit] External links

Cipher machines
v  d  e
Rotor machines: CCM | Enigma | Fialka | Hebern | HX-63 | KL-7 | Lacida | M-325 | Mercury | NEMA | OMI | Portex | SIGABA | SIGCUM | Singlet | Typex
Mechanical: Bazeries cylinder | C-36 | C-52 | CD-57 | Cipher disk | HC-9 | Kryha | Jefferson disk | M-94 | M-209 | Reihenschieber | Scytale
Teleprinter: 5-UCO | BID 770 | KW-26 | KW-37 | Lorenz SZ 40/42 | Siemens and Halske T52
Secure voice: KY-3 | KY-57 | KY-58 | KY-68 | OMNI | SIGSALY | STE | STU-II | STU-III | VINSON | SCIP | Sectéra Secure Module
Miscellaneous: Cryptex | JADE | KG-84 | KL-43 | Noreen | PURPLE | Pinwheel | Rockex
Cryptography
v  d  e
History of cryptography | Cryptanalysis | Cryptography portal | Topics in cryptography
Symmetric-key algorithm | Block cipher | Stream cipher | Public-key cryptography | Cryptographic hash function | Message authentication code | Random numbers