From: John Young <jya@pipeline.com>
To: cypherpunks@toad.com
Message Hash: e243194cc8531247d4a1bb06e961e16cba6cd8dc1cdf8d322218ab03cc02cf2e
Message ID: <199508111401.KAA07834@pipe5.nyc.pipeline.com>
Reply To: N/A
UTC Datetime: 1995-08-11 14:01:59 UTC
Raw Date: Fri, 11 Aug 95 07:01:59 PDT
From: John Young <jya@pipeline.com>
Date: Fri, 11 Aug 95 07:01:59 PDT
To: cypherpunks@toad.com
Subject: Re: \"S1\" encryption system
Message-ID: <199508111401.KAA07834@pipe5.nyc.pipeline.com>
MIME-Version: 1.0
Content-Type: text/plain
Is it possible that there are multiple levels of encryption
included in the "S1" algorithm?
This question is prompted by reviewing the DoD's Multilevel
Security (MLS) Program at:
http://www.disa.mil/MLS/mls_home.html
One of the features of this program is to design means to
simultaneously transmit data with different levels of
security, so that communicants send and/or read the data
according to their levels of security clearance. This is
amplified in Section 3 of the program description at:
http://www.disa.mil/MLS/info/basics/sec3.html#2
Excerpts:
Multilevel security allows information systems to
provide capabilities that augment its existing
single-level data processing and data communications
services. Data of multiple security levels are
processed and transferred by the system, which also
separates the different security levels and controls
access to the data. ...
When a system operates in the multilevel mode, it allows
data of two or more security levels to be processed
simultaneously when not all users have the clearance,
formal authorization, or need to know for all data
handled by the system. The system is able to separate
and protect the data according to these restrictions.
To amplify the definition, an MLS system might process
both Secret and Top Secret collateral data and have some
users whose maximum clearance is Secret and others whose
maximum clearance is Top Secret. Another MLS system
might have all its users cleared at the Top Secret
level, but have the ability to release information
classified as Secret to a network consisting of only
Secret users and systems. Still another system might
process both Secret and Unclassified information and
have some users with no clearance. In each of these
instances, the system must implement mechanisms to
provide assurance that the system's security policy is
strictly enforced. In these examples, the policy
allows access to the data by only those users who are
appropriately cleared and authorized (e.g., having
formal access approval) and who have an official need to
know for the data.
A related mode of operation is the partitioned mode,
also known as compartmented mode. Although similar
concepts and solutions are involved for compartmented
mode operations as are for the multilevel mode, there is
also a key difference. In the compartmented mode, all
users have clearances for all the data processed but may
not have authorizations for all the data; whereas for
multilevel mode, some users may not even be cleared for
the highest level. Because the compartmented mode is
often envisioned for the intelligence community, all
such users would have Top Secret security clearances and
often authorizations for one or more, but possibly not
all, compartments in the system.
End excerpts.
There are also descriptions of the soft and hardware
implementations of MLS.
Would anyone care to comment on how this differentiation of
levels of security is done, by a single encryption program
or multiples, and if multiples, their arrangement? Is
feature then embedded in the hardware, such as the Fortezza
card system cited in the program?
Return to August 1995
Return to “John Young <jya@pipeline.com>”
1995-08-11 (Fri, 11 Aug 95 07:01:59 PDT) - Re: "S1" encryption system - John Young <jya@pipeline.com>