microwave encryption
TRANSCRIPT
-
7/27/2019 Microwave Encryption
1/5
CONFIDENTIAL
- 1 -
SenetasSecurity
WhitepaperMicrowave linkencryption
June 2006
-
7/27/2019 Microwave Encryption
2/5
CONFIDENTIAL
- 2 -
1. Overview
1.1. Microwave links
Microwave links are an established part of defence, corporate, education, health,
finance and utility networks and are popular for their ability to be quickly and easily
deployed over both short and long distances.
The maturity of radio frequency (RF) technology has permitted the use of microwavelinks as the major trunk channel for long distance communication. The use of
microwave links has major advantages over cabling systems:
Freedom from land acquisition rights. Removes requirement for permanentaccess to cabling infrastructure for installation and repair.
Ease of communication over difficult terrain. Removes the requirement toinstall difficult and expensive cabling
The use of microwave links however has some disadvantages that mainly arise from
the use of free-space communication:
Bandwidth allocation is extremely limited. The competition for RF
bandwidth from various competing users leads to very strict allocations of
bandwidth.
-
7/27/2019 Microwave Encryption
3/5
CONFIDENTIAL
- 3 -
Atmospheric effects. The use of free-space communication results in
susceptibility to weather effects, particularly rain.
Transmission path needs to be clear. Microwave communication requires
line-of-sight, point-to-point communication.
Interference. The microwave system is open to RF interference.
Security Vulnerability to tapping
1.2. Microwave security concernsMicrowave links are very vulnerable to interception during transmission as the signalis sent across free-space line of sight links. Commercial equipment to tap into the
signal for this kind of interception is readily and cheaply available.
Fixed microwave facilities such as office buildings are common targets for this kind
of interception as a very small rooftop antenna and decoder in the vicinity of themicrowave link are all that is required.
Antenna radiation patterns also present the opportunity for monitoring of links outside
direct line of sight due to the presence of signal sidelobes which can be picked upby sensitive receivers in the area.
Electronic surveillance intelligence agencies such as the NSA are also known to have
satellite-based microwave link interception capabilities. These systems can intercept
microwave beams from satellites placed in appropriate positions.
-
7/27/2019 Microwave Encryption
4/5
CONFIDENTIAL
- 4 -
2. Encryption solution case study
2.1. Background
A new multi-million dollar public safety data network was recently developed in a
major Australian city. The goal was to allow public safety agencies to share
information and communicate more effectively by using an end-end wireless
information network.
The digital network was designed to deliver up to date operational information to
emergency services and allow greater coordination when responding to incidents.
A critical part of the infrastructure was the provision of microwave links between
three sites that would carry sensitive voice and data. It was a requirement that all
information carried across the microwave links be secured through digital encryption.
The customer required an
encryption solution capable
of securing a mix of traffic
types and one that wouldnot impact performance by
increasing bandwidth
requirements across the
link.
Working with a major
wireless communicationsvendor and a local law
enforcement agency
Senetas demonstrated layer
2 encryption of voice anddata traffic on the
microwave link at 2Mbps
using its CypherNet E1 linkencryption platform as
shown on the right. Duringrigorous acceptance tests
not a single error was
observed and the network isnow fully operational.
Microwave link
Command & Control Centre
2M Encryptor
Operational Centre
2M Encryptor
2M Encryptor
2M encryptor
Microwave link
Microwave link Microwave link
Encrypted
voice & data
Communications Centre
Encrypted
voice & data
-
7/27/2019 Microwave Encryption
5/5
CONFIDENTIAL
- 5 -
2.2. CypherNet Link encryptor
The CypherNet E1/T1 link encryptor is a high-performance purpose built integrated
security solution for protocol independent networks. CypherNet has been designed to
integrate transparently and simply into protocol independent network architecturesand has the following features:
Operates on G.703 data transmission networks
Full duplex speed up to 2Mbps
Support for triple DES or AES
Fully automated key management using X.509 certificates for
authentication
Secure remote management using SNMPv3
Designed to International Security Standards
Common Criteria EAL4
FIPS PUB 140-2 Level 3