Securing Telemetry Data with Commercial Encryption Standards
December 01, 2021 | BY: Paul Cook
Published in Military Embedded Systems
An industry perspective from Curtiss-Wright Defense Solutions.
Telemetry data from military flight tests often needs to be secured, not only when at rest, but also while in motion across a network or a telemetry link.
While flight-test vehicles are generally not deployed in adversarial environments, their data can be particularly at risk due to the newness, and therefore the desirability, of the technology. For example, there is a risk of data loss on a hypersonic flight-test vehicle due to the possibility of a test aircraft being captured by other parties, by data being stolen by bad actors, or by data interception on what could be a very long flight path.
In the U.S., classified telemetry has been encrypted data since the late 1970s, due to a mandate that all telemetry data be made secure during transmission. Meanwhile, much of the unclassified data has historically been transmitted unencrypted. The telemetry industry has traditionally relied on the NSA to provide leadership and/or solutions to encrypt telemetry data for streaming (data-in-motion) applications. This system has worked well over the years but it’s not actually practical for data in transit that is not classified, data that is considered private, or programs with short development cycles.
Frequently, system designers are under the impression that NSA Suite A cryptography is their only option for protecting critical telemetry data. While Suite A is necessary for protecting some categories of sensitive information, in many other cases the Commercial National Security Algorithm Suite (CNSA) – a 2018 replacement of NSA Suite B – can be implemented if handled correctly. CNSA is a set of cryptographic algorithms designed to protect U.S. National Security Systems information up to the top-secret level. It offers notable advantages over Suite A, including less-restrictive foreign military sales, the ability to control the encryption keys (Suite A keys are produced and managed by the NSA), and typically faster and less expensive implementation.