This standard specifies interoperability and security related requirements for using encryption at the Physical Layer of the ISO Open Systems Interconnection (OSI) Reference Model in telecommunication systems conveying Automatic Data Processing (ADP) and/or narrative text information. The algorithm used for encryption is the Data Encryption Standard (DES), described in Federal Information Processing Standards Publication 46. Requirements contained in this standard relate to the interoperation of Physical Layer Data Encryption Equipment, or their interoperation with associated Data Terminal Equipment or Data Circuit-terminating Equipment. Additional security requirements, not directly relating to interoperability, are contained in Federal Standard 1027.
To facilitate the interoperation of Government data communication facilities and systems that require cryptographic protection using the Data Encryption Standard (DES) algorithm
To prevent the disclosure of plaintext
This standard applies to all DES cryptographic components, equipment, systems, and services procured or leased by Federal departments and agencies for encryption of ADP and/or narrative text information in the Physical Layer of data communications using the Data Encryption Standard (DES) algorithm. Encryption of video signals and facsimile documents is not within the scope of this standard. Guidance to facilitate the application of this standard, with respect to degradation of security by improper implementation or use, will be provided for in a revision to Federal Property Management Regulation 41 Code of Federal Regulations 101-35.3.
The following definitions, conventions, and terminology apply in this standard. Further definitions are contained in Federal Standard 1037.
a. Ciphertext: Encrypted data.
b. Data Encryption Equipment (DEE): DES Cryptographic Equipment used in data communications. This equipment may be integrated into Data Terminal Equipment, Data Circuit-terminating Equipment, or be stand-alone.
c. DES: The Data Encryption Standard algorithm specified in Federal Information Processing Standards Publication 46.
d. DES Cryptographic Equipment: Equipment embodying one or more DES devices and associated controls interfaces, power supplies, alarms and the related hardware, software, and firmware used to encrypt, decrypt, authenticate, and perform similar operations on information.
e. DES Device: The electronic hardware part or subassembly which implements just the DES algorithm specified in Federal Information Processing Standards Publication 46, and which is validated by the National Bureau of Standards.
f. DES Key Variable: The 64 bits used to key DES Data Encryption Equipment. Eight bits are used for parity checking and 56 bits are used by DES devices for encryption and decryption.
g. Initializing Vector (IV): A vector used in defining the starting point of an encryption process within a DES device.
h. Narrative Text: Text for which the semantic content is not changed by Automatic Data Processing (ADP) equipment (e.g., record or narrative traffic).
i. Plaintext: Unencrypted data.
j. Service Data Unit: The unit of data provided as input to a given layer of the ISO Open Systems Interconnection Reference Model from the next higher layer.