Fortezza

Abstract: Skipjack is the secret key encryption algorithm developed by the NSA for the Clipper chip and Fortezza PC card. It uses an 80-bit key, 128 table lookup operations, and 320 XOR operations to map a 64- bit plaintext into a 64-bit ciphertext in 32 rounds. This paper describes an efficient attack on a variant, which we call Skipjack-3XOR (Skipjack minus 3 XORs). The only difference between Skipjack and Skipjack- 3XOR is the removal of 3 out of the 320 XOR operations. The attack uses the ciphertexts derived from about 500 plaintexts and its total running time is equivalent to about one million Skipjack encryptions, which can be carried out in seconds on a personal computer. We also present a new cryptographic tool, which we call the Yoyo game, and efficient attacks on Skipjack reduced to 16 rounds. We conclude that Skipjack does not have a conservative design with a large margin of safety.

Abstract: Skipjack is a block cipher designed by the NSA for use in US government phones, and commercial mobile and wireless products by AT&T Among its initial implementations in hardware were the Clipper chip and Fortezza PC cards, which have since influenced the private communications market to be compatible with this technology For instance, the Fortezza card comes in PCMCIA interface and is a very easy plug-n-play device to add on to mobile and wireless systems to provide encryption for wireless transmissions Initially classified when it was first proposed, Skipjack was declassified in 1998 and sparked numerous security analyses from security researchers worldwide because it provides insight into the state-of-the-art security design techniques used by a highly secretive government intelligence agency such as the NSA In this paper, commemorating over a decade since Skipjack's public revelation, we revisit the security of Skipjack against cryptanalytic results and discuss why certain attack approaches fare better with reference to Skipjack's design structure

Abstract: The US Department of Defense (DOD) is a large user of both e-mail and security services. The introduction of commercial wireless communications and networks, and the recognition by industry of the need for security has provided the opportunity for development and trials of a wireless, secure e-mail service. The Center for Systems Engineering at the Defense Information Systems Agency has developed this capability and conducted trials with a small community of DOD users who have requirements for mobility in the workplace. These trials have introduced DOD approved security into commercial wireless data networks, and have inserted advanced technology into the hands of DOD users. The objective of these trials was to validate the system design, evaluate performance and utilization, and obtain user feedback. To realize a broad-based trial, the authors selected multiple wireless services, e-mail packages, security packages, and mobile computers, which were integrated in various combinations to meet user needs and allow a thorough trial. Both packet radio (RAM and ARDIS) and cellular digital packet data (CDPD) services were employed for the wireless connection of the mobile unit to a mail server on the user's local area network (LAN). Two commercial e-mail packages (LOTUS CC:Mail and Microsoft Mail) were integrated with the wireless service and with the security packages. Two security packages were used, one based on commercial software (SecretAgent) and the other based on a PCMCIA card (FORTEZZA) developed by the National Security Agency. >

Abstract: SISTex's Assure(R) Basic product provides security features including access controls and transparent file encryption (using the Data Encryption Standard) in a DOS/Windows environment. To meet the needs of certain customers, we converted the DES based file encryption to use NSA's Fortezza card, which uses the Skipjack algorithm. Despite our expectations, Fortezza was not a clean replacement for DES. The paper discusses some of the thorny technical problems encountered during product development.