1995-08-11 - Re: "S1" encryption system

Header Data

From: John Young <jya@pipeline.com>
To: cypherpunks@toad.com
Message Hash: e243194cc8531247d4a1bb06e961e16cba6cd8dc1cdf8d322218ab03cc02cf2e
Message ID: <199508111401.KAA07834@pipe5.nyc.pipeline.com>
Reply To: N/A
UTC Datetime: 1995-08-11 14:01:59 UTC
Raw Date: Fri, 11 Aug 95 07:01:59 PDT

Raw message

From: John Young <jya@pipeline.com>
Date: Fri, 11 Aug 95 07:01:59 PDT
To: cypherpunks@toad.com
Subject: Re: \"S1\" encryption system
Message-ID: <199508111401.KAA07834@pipe5.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain


   Is it possible that there are multiple levels of encryption
   included in the "S1" algorithm?

   This question is prompted by reviewing the DoD's Multilevel
   Security (MLS) Program at:

      http://www.disa.mil/MLS/mls_home.html

   One of the features of this program is to design means to
   simultaneously transmit data with different levels of
   security, so that communicants send and/or read the data
   according to their levels of security clearance. This is
   amplified in Section 3 of the program description at:

      http://www.disa.mil/MLS/info/basics/sec3.html#2

   Excerpts:

      Multilevel security allows information systems to
      provide capabilities that augment its existing
      single-level data processing and data communications
      services. Data of multiple security levels are  
      processed and transferred by the system, which also
      separates the different security levels and controls
      access to the data. ...

      When a system operates in the multilevel mode, it allows
      data of two or more security levels to be processed
      simultaneously when not all users have the clearance,
      formal authorization, or need to know for all data
      handled by the system. The system is able to separate
      and protect the data according to these restrictions.
   
      To amplify the definition, an MLS system might process
      both Secret and Top Secret collateral data and have some
      users whose maximum clearance is Secret and others whose
      maximum clearance is Top Secret. Another MLS system
      might have all its users cleared at the Top Secret
      level, but have the ability to release information
      classified as Secret to a network consisting of only
      Secret users and systems. Still another system might
      process both Secret and Unclassified information and
      have some users with no clearance. In each of these
      instances, the system must implement mechanisms to
      provide assurance that the system's security policy is
      strictly enforced. In these examples, the policy  
      allows access to the data by only those users who are
      appropriately cleared and authorized (e.g., having
      formal access approval) and who have an official need to
      know for the data.
   
      A related mode of operation is the partitioned mode,
      also known as compartmented mode. Although similar
      concepts and solutions are involved for compartmented
      mode operations as are for the multilevel mode, there is
      also a key difference. In the compartmented mode, all
      users have clearances for all the data processed but may
      not have authorizations for all the data; whereas for
      multilevel mode, some users may not even be cleared for
      the highest level. Because the compartmented mode is
      often envisioned for the intelligence community, all
      such users would have Top Secret security clearances and
      often authorizations for one or more, but possibly not
      all, compartments in the system.

   End excerpts.

   There are also descriptions of the soft and hardware
   implementations of MLS.

   Would anyone care to comment on how this differentiation of
   levels of security is done, by a single encryption program
   or multiples, and if multiples, their arrangement? Is
   feature then embedded in the hardware, such as the Fortezza
   card system cited in the program?












Thread