Table of Contents
Advertisement
3.2.4 FIPs Module Processing
The FIPs Module on the DMD1050TS does bulk encryption and decryption of traffic over the
satellite using the AES-256 algorithm. When operating in Non-STANAG 4486 (Enhanced
Bandwidth Efficient Modem (EBEM)) modes, the DMD1050TS AES encryption uses Code Block
Chaining (CBC) mode to do the encryption and decryption of the user data.
All encryption occurs directly before the FEC encoder, and decryption occurs just after the FEC
decoder.
The FIPs module maintains a local copy of the Traffic Encryption Keys (TEK) and the Initialization
Vectors (IV). It also provides Built-In Self Test (BIST) functions, per the FIPS 140-2 level
requirements. Finally, it provides a simple framing structure with the primary purpose of allowing
the decryption engine on the receive side to recover Advanced Encryption Standard (AES) block
alignment. However, the framing structure can also provide a means for lossless TEK rollover.
TRANSEC Overhead Rate = (3 + 16 * N) / (16 * N), where N is the Encryption Frame Length
When operating in STANAG 4486 (EBEM) mode bulk encryption and decryption are per the
STANAG requirement.
3.2.4.1
Access to the FIPs Module HTTPS Interface
See Chapter 8 or Chapter 9 for details on getting access to the functions of the FIPs TRANSEC
Module.
Theory of Operation
DMD1050TS Satellite Modem Board
3–8
Revision 1
MN-DMD1050TS
Advertisement
Chapters
Table of Contents
