Protecting top-secret data with NSA-approved COTS encryption

Type 1 products, certified by the National Security Agency (NSA) to cryptographically secure classified U.S. government information, use approved NSA algorithms. These controlled products are designed to NSA standards and certified by the NSA through a rigorous and often very lengthy evaluation process.

In response to the ever-increasing need to protect deployed data-at-rest (DAR), the NSA/Central Security Service (NSA/CSS) has created the Commercial Solutions for Classified (CSfC) Program, which provides a new path for protecting critical and sensitive data in deployed systems. The CSfC Program enables the use of commercial data protection in layered solutions to protect classified National Security Systems (NSS) data.

The program, an alternative approach to Type 1 encryption, was developed to accelerate the protection of top-secret data. It defines an approach for protecting critical data using two layers of commercial encryption. In many cases, system integrators considering a Type 1 approach may be pleasantly surprised to find that their application can instead use this significantly faster and less costly two-layered commercial off-the-shelf (COTS) CSfC approach.

The CSfC approach makes it faster and more cost-effective than ever before for system designers to deploy a solution with approved encrypted data protection. In fact, it reduces the certification process to just a matter of months and a fraction of the cost when compared to the multiple years and millions of dollars typically required previously.

The CSfC approval process

To achieve NSA approval and placement on the CSfC Components List, the COTS-based encryption components must undergo Common Criteria (CC) evaluation by the National Information Assurance Partnership (NIAP). NIAP was created by the NSA and National Institute of Science and Technology (NIST) to evaluate commercial encryption components for inclusion in CSfC solutions. The CC validates COTS information technology products to ensure conformance to the international Common Criteria Evaluation and Validation Scheme (CCEVS), which is recognized around the world by 17 Certificate Producing countries and by 11 Certificate Consuming countries. Once that CC process is formally underway, the COTS component vendor must establish a Memorandum of Agreement (MOA) with the NSA. NIAP ensures that commercial products meet NSA standards for security by testing the products in certified labs against stringent security standards called collaborative protection profiles. NIAP oversees U.S. implementation of the CC certification of commercial IT products for use in national-security systems.

The benefits of being on the CSfC component list

The CSfC component list enables system integrators to identify products that are in evaluation, or are already certified, that can be used in a data-protection solution. System integrators then apply to the NSA identifying the proposed product from the Component List and the application details. This approach enables system integrators to begin developing and testing their data-­security architecture today. With leading COTS suppliers investing in the development and certification process, solution integrators will find a great reduction in program cost, risk, and schedule for protecting critical deployed DAR.

An approved COTS solution for CSfC Data-at-Rest protection

In a recent example, Curtiss-Wright completed the Common Criteria certification process for its Data Transport System (DTS1) Network Attached Storage (NAS) device, which is designed to support two  layers of full disk encryption (FDE) in a  single device. The small unit, which weighs only three pounds, stores as much as 4 TB of solid-state storage (SSD) with two layers of certified encryption. The small-form-factor data recorder – aimed at use on helicopters, unmanned aerial vehicles (UAVs), unmanned underwater vehicles (UUVs), unmanned ground vehicles (UGVs), and intelligence/­surveillance/­reconnaissance (ISR) aircraft that require the protection of sensitive DAR – uses commercially available CNSA (formerly Suite B) cryptographic algorithms. (Figure 1.)

21
Figure 1: The DTS1 NAS device is designed for use in unmanned aloft, ground, or underwater vehicles that must protect data-at-rest.
(Click graphic to zoom)
 

The unit was designed with NSA’s DAR Capability Package as a template and is based on the hardware and software FDE solution approach. Having received CC certification, both the hardware and software FDE layers are now currently listed on the United States NIAP Product Compliant List. Additionally, the two encryption layers are now listed on the NSA’s CSfC Components List and can be proposed as a DAR solution.

Selecting a preapproved device from the CSfC Components List enables system architects to greatly reduce the time and cost needed to design a COTS encryption solution, enabling them to begin system development immediately and greatly reducing their program risk.

Paul Davis is Director, Product Management – Data Solutions, for Curtiss-Wright Defense Solutions.