ARPANET encryption devices

The ARPANET pioneered the creation of novel encryption devices for packet networks in the 1970s and 1980s, and as such were ancestors to today's IPsec architecture, and High Assurance Internet Protocol Encryptor (HAIPE) devices more specifically.

The first such device for the ARPANET was the private line Interface (PLI), and a series of additional devices was created during the 1970s and 1980s in ARPANET-related research and development, such as:"Re: Network Layer Encryption History and Prior Art"
email by Steve Kent on the ipsec mailing list, Wed, 19 Jun 1996 10:59:39 +0100
* Private line interface (PLI)
* Black-crypto-red (BCR)
* Blacker
* Internet private line interface (IPLI)

Private Line Interface (PLI)

The Private Line Interface (PLI) was the first packet encryptor, sponsored by the Advanced Research Projects Agency and implemented by BBN Technologies as part of the creation of the ARPANET. It was in an early ideation phase by 1973, with a stated goal of providing users with the equivalent of a private, leased line through the ARPANET. In that early phase, the PLI was envisioned to provide two distinct capabilities: transferring a continuous bit steam over the ARPANET, and possibly encrypting the bit stream while it was within the ARPANET.

As design progressed, it evolved into a packet encryption device, which was approved starting in 1975 by the National Security Agency for limited deployment on the ARPANET, to protect classified data as it passed through the network. Each PLI device incorporated a KG-34 encryption device, and as a result was a manually keyed system.

Black-Crypto-Red (BCR)

Black-Crypto-Red (BCR) was an experimental, end-to-end, network packet encryption system developed in a working prototype form by BBN and the Collins Radio division of Rockwell between 1975 and 1980. BCR was the first network security system to support TCP/IP traffic for IPv3, and it incorporated the first Data Encryption Standard (DES) chips that were validated by the U.S. National Bureau of Standards (now called NIST). It provided automated, key distribution center based key management and access control (as later adopted by Kerberos and Blacker), and supported IP header bypass.

Blacker

The first Blacker program began in the late 1970s, with a follow-on eventually producing fielded devices in the late 1980s.
DARPA Technical Accomplishments: An Historical Review of DARPA Projects
', vol. 1, by Sidney G. Reed, Richard H. Van Atta, and Seymore J. Deitchman, IDA Paper P-2192, 1990, pages 20-18 to 20-20. It was sponsored by the National Security Agency as a very high assurance (A1), multi-level security system, and developed by SDC (software) and Burroughs (hardware), and after their merger, by the resultant company Unisys.

Internet Private Line Interface (IPLI)

The Internet Private Line Interface (IPLI) was created by BBN as a successor to the PLI. It was updated to use TCP/IP (IPv4) and newer COMSEC technology ( KG-84), but still manually keyed. They were intended for use in the Defense Data Network and also in DARPA Low-Cost Packet Radios in the SURAN project.

References

{{reflist

Encryption devices
Encryption devices