Security Architecture OmniCrypt™

Individually selectable encryption algorithms with a national algorithm design

OmniCrypt™ protects classified information exchanged between defence organizations, governmental authorities and intelligence organizations up to the highest security level. The customer can fully verify all layers, with every detail of the cryptological process fully disclosed.

 

 

THE PROTECTIVE ELEMENTS OF OMNICRYPT™

OmniCrypt™ Key Management

The core of all OmniCrypt™ solutions

At the center of the key management infrastructure is the Security Module Programmer SMP 704, a specially designed hardware device. It is used to generate true random, statistically independent and unbiased cryptographic secret keys 256 bit long from a physical white noise source.

The Key Management Center KMC 711 is the application that defines the topology of a security network, assigns stations to groups and initiates the generation of long-term keys on the SMP 704 for all encryption devices that comprise the network.

Customers own and operate the key management infrastructure. This provides a unique benefit: the complete processing chain from the physical noise source to the usage of the keys in the devices out in the field can be verified step by step to the last bit.

Technical mechanisms alone are not sufficient to properly protect classified information. This high-end key management technology is therefore used by customers at the highest levels of the organization in conjunction with corresponding policies, guidelines, roles and responsibilities.

OmniCrypt™ Network Management

Keeping the network secure and up to date

The Security & Network Management Center SNMC consists of a central server and a client application. It is used to define and efficiently maintain all the parameters of all encryption stations in OmniCrypt™ networks. Access to the SNMC Server is authenticated and the management instructions and the traffic to the encryptors as well as to the SNMC Client are always encrypted.

The design and implementation of this architecture is optimized for the sake of simplicity and for efficient and easy handling in order to reduce the risk of configuration failures and downtimes. 

The dedicated SNMC management network used to securely download parameters to every encryptor is also based on OmniCrypt™.

Unique, short-term keys are derived from the long-term keys securely stored in the tamper-proof Security Modules. Every management connection owns its exclusive, bilateral short-term keys, which are renewed automatically after a preselected time interval or a specified volume of encrypted traffic.

Keep Your Secrets Secret