OmniCrypt™ protects classified information exchanged between defence organizations, governmental authorities and intelligence organizations up to the highest security level. The customer can fully verify all layers, with every detail of the cryptological process fully disclosed.
The secret long-term keys are autonomously generated by the customer using a physical noise source. These keys are stored in physical, tamper-resistant Security Modules.
The special Security Modules prevent long-term keys from ever being read out or copied. An OmniCrypt™ device can only be used when its physical Security Module has been inserted.
Unsecured hardware presents numerous opportunities to attack a system. The high-end encryption devices are protected against unwanted data emanation.
Simple, easy-to-control software components that have been reduced to their specific function are utilized at the intersection of the security zones.
Customers can autonomously change the core algorithm without thereby affecting the guaranteed security level. OmniCrypt™ allows customers to use their own block cipher algorithm with a variety of no less than 22000 for the encryption process.
Advanced management tools and verification technologies allow easy and secure changes to the security network at any time.
The OmniCrypt™ solutions can be seamlessly integrated into existing information security and IT management systems.
At the center of the key management infrastructure is the Security Module Programmer SMP 704, a specially designed hardware device. It is used to generate true random, statistically independent and unbiased cryptographic secret keys 256 bit long from a physical white noise source.
The Key Management Center KMC 711 is the application that defines the topology of a security network, assigns stations to groups and initiates the generation of long-term keys on the SMP 704 for all encryption devices that comprise the network.
Customers own and operate the key management infrastructure. This provides a unique benefit: the complete processing chain from the physical noise source to the usage of the keys in the devices out in the field can be verified step by step to the last bit.
Technical mechanisms alone are not sufficient to properly protect classified information. This high-end key management technology is therefore used by customers at the highest levels of the organization in conjunction with corresponding policies, guidelines, roles and responsibilities.
The Security & Network Management Center SNMC consists of a central server and a client application. It is used to define and efficiently maintain all the parameters of all encryption stations in OmniCrypt™ networks. Access to the SNMC Server is authenticated and the management instructions and the traffic to the encryptors as well as to the SNMC Client are always encrypted.
The design and implementation of this architecture is optimized for the sake of simplicity and for efficient and easy handling in order to reduce the risk of configuration failures and downtimes.
The dedicated SNMC management network used to securely download parameters to every encryptor is also based on OmniCrypt™.
Unique, short-term keys are derived from the long-term keys securely stored in the tamper-proof Security Modules. Every management connection owns its exclusive, bilateral short-term keys, which are renewed automatically after a preselected time interval or a specified volume of encrypted traffic.