Getting up to speed on NSA-approved two-layer commercial encryption

The National Security Agency/Central Security Service (NSA/CSS) created the Commercial Solutions for Classified (CSfC) Program to enable the use of commercial protection in layered solutions to protect classified National Security Systems (NSS) data. Thanks to CSfC, system designers can now deploy a commercial off-the-shelf () solution with encrypted data protection in a matter of months and at a fraction of the cost, compared to the multiple years and millions of dollars typically required to achieve certification for more sensitive Type 1 products. Type 1 products, certified by the NSA to cryptographically secure classified U.S. Government information, use approved NSA algorithms. These products are typically designed and certified by the NSA through a rigorous and often very lengthy process.

As an alternative, CSfC defines an approach for protecting critical data using two-layer commercial encryption technologies. In many cases, system integrators considering a Type 1 approach may be pleasantly surprised to find that their application can instead use the significantly faster and less costly two-layered COTS approach.

System designers: Getting started with CSfC

Any COTS product vendor can develop products for use in a CSfC solution. To achieve NSA approval and placement on the CSfC Components List the COTS- based encryption components must undergo Common Criteria (CC) evaluation by the National Information Assurance Partnership (NIAP). Once that CC process is formally underway, the COTS vendor must establish a Memorandum of Agreement (MOA) with the NSA.

What is NIAP?

NIAP was created by the NSA and National Institute of Science and Technology (NIST) to evaluate commercial solutions proposed for inclusion in CSfC solutions. NIAP ensures that commercial products meet NSA standards for security by testing the products against stringent security profiles in certified labs. It oversees U.S. implementation of the Common Criteria validation of commercial IT products for use in national-security systems.

What is Common Criteria?

Common Criteria (ISO-15408) is a technically demanding, international set of guidelines for security certification that is required by the U.S. and 27 national governments worldwide. Common Criteria certification provides assurance that the process of specification, implementation, and evaluation of technology products has been conducted in a rigorous, standard, and repeatable manner. In partnership with NIST, NIAP approves Common Criteria Testing Laboratories to conduct security evaluations in private-sector operations across the U.S. Upon successful completion of the Common Criteria evaluation by the lab, the test results are then validated by NIAP and a Common Criteria certification is posted. NSA CSfC review and approval are the next steps. Then the approved product can be added to the NSA’s CSfC Components List and proposed in a layered CSfC solution by an integrator. Selecting a preapproved device from the CSfC Components List enables system architects to rapidly design a COTS encryption solution and begin their system development, saving significant development cost and time while also greatly reducing their program risk.

What is the CSfC component list?

This list enables system integrators to identify products that are in evaluation or are already certified products that can be used in a data-protection solution. System integrators must apply to the NSA identifying the proposed product from the Component List and the application details. This approach enables system integrators to begin evaluating their data-security architecture and greatly reduces program risk and schedule. The NSA publishes Capability Packages (CP) which provide the solution guidance for different applications (such as Data-at-Rest).

A COTS solution for CSfC Data-at-Rest protection

As an example, recently commenced the Common Criteria certification process for its Data Transport System (DTS1) network attached storage (NAS) storage device. The small form-factor data recorder uses two layers of commercially available CNSA (formerly Suite B) cryptographic algorithms. It also uses the NSA’s Data-At-Rest Capability Package as a design template and is based on the hardware and software full disk encryption (HS) solution approach. (Figure 1.)

21
Figure 1: The DTS1 network attached storage device supports two encryption layers in one product.

Thanks to CSfC, COTS products using software and hardware encryption layers will be able to ease and speed the ability of system designers to protect Top Secret data with an NSA-approved cost-effective alternative to Type 1 encryption. This progress will result in more critical data being protected, sooner.

CSfC Resources

Commercial Solutions for Classified (CSfC) Customer Handbook Version 1.1

DATA AT REST CAPABILITY PACKAGE Version 3 March 2016

NIAP Approved Protection Profiles

Collaborative Protection Profile for Full Drive Encryption - Encryption Engine

Collaborative Protection Profile for Full Drive Encryption - Authorization Acquisition

Paul Davis is Director of Product Management, Data Solutions, for Curtiss-Wright Defense Solutions.

Curtiss-Wright Defense Solutions www.curtisswrightds.com

Topics covered in this article