335:(FEC) to ensure reliable transmission. The receiving station acknowledges accurate receipt of data blocks and can ask for a block to be re-transmitted, if necessary. For voice, SCIP simply sends a stream of voice data frames (typically MELPe frames, but possibly G.729D or another codec if that has been negotiated between the terminals). To save power on voice calls, SCIP stops sending if there is no speech input. A synchronization block is sent roughly twice a second in place of a data frame. The low order 14 bits of the encryption counter are sent with every sync block. The 14 bits are enough to cover a fade out of more than six minutes. Part of the rest of the state vector are sent as well so that with receipt of three sync blocks, the entire state vector is recovered. This handles longer fades and allows a station with the proper TEK to join a multi station net and be synchronized within 1.5 seconds.
36:
1304:
181:(STE) which made assumptions about the underlying communication systems that prevented interoperability with more modern wireless systems. STE sets can be upgraded to work with SCIP, but STU-III cannot. This has led to some resistance since various government agencies already own over 350,000 STU-III telephones at a cost of several thousand dollars each.
350:
Prior to this, SCIP specifications were not widely diffused or easily accessible. This made the protocol for government use rather "opaque" outside governments or defense industries. No public implementation of the Type 1 security and transport protocols are available, precluding its security from
295:
The low-order two bits of the state vector are reserved for applications where the data frame is longer than the block cipher output. The next 42 bits are the counter. Four bits are used to represent the transmission mode. This allows more than one mode, e.g. voice and data, to operate at the same
263:
The security used by the multinational and national modes of SCIP is defined by the SCIP 23x family of documents. SCIP 231 defines AES based cryptography which can be used multinationally. SCIP 232 defines an alternate multinational cryptographic solution. Several nations have defined, or are
254:
2400 bit/s MELPe is the only mandatory voice coder required for SCIP. Other voice coders can be supported in terminals. These can be used if all terminals involved in the call support the same coder (agreed during the negotiation stage of call setup) and the network can support the required
247:, with additional preprocessing, analyzer and synthesizer capabilities for improved intelligibility and noise robustness. The old MELP and the new MELPe are interoperable and both operate at 2400 bit/s, sending a 54 bit data frame every 22.5
112:) project. SCIP supports a number of different modes, including national and multinational modes which employ different cryptography. Many nations and industries develop SCIP devices to support the multinational and national modes of SCIP.
315:, SCIP specifies that two data frames are encrypted with each cipher output bloc, the first beginning at bit 1, the second at bit 57 (i.e. the next byte boundary). At least one commercial grade implementation uses the
255:
throughput. G.729D is the most widely supported non-mandatory voice coder in SCIP terminals as it offers a good compromise between higher voice quality without dramatically increasing the required throughput.
300:, it is essential that the same state vector value never be used twice for a given TEK. At MELP data rates, a 42-bit counter allows a call over three thousand years long before the encryption repeats.
296:
time with the same TEK. The high-order 16 bits are a sender ID. This allows multiple senders on a single channel to all use the same TEK. Note that since overall SCIP encryption is effectively a
1284:
1114:
1342:
327:
The SCIP signalling plan is common to all national and multinational modes of SCIP. SCIP has two mandatory types of transmission. The mandatory data service uses an
526:
184:
There are several components to the SCIP standard: key management, voice compression, encryption and a signalling plan for voice, data and multimedia applications.
967:
205:
462:
SCIP-related documents are made available through the
Information Assurance Directorate web site. Documents can be retrieved by typing "SCIP" into the
101:
491:
143:
in that once a connection is made, two SCIP phones first negotiate the parameters they need and then communicate in the best way possible.
272:
SCIP 230 defines the cryptography of the US national mode of SCIP. The rest of this section refers to SCIP 230. For security, SCIP uses a
57:
519:
162:
240:
960:
79:
1332:
223:
STEs use security tokens to limit use of the secure voice capability to authorized users while other SCIP devices only require a
442:
1163:
512:
343:
As of March 2011 a range of SCIP documents, including the SCIP-210 signalling standard, are publicly available from the
224:
288:) as input. If the cipher's block size is longer than 64 bits, a fixed filler is added. The output from the block cipher is
1347:
132:
953:
312:
1279:
1234:
1047:
50:
44:
1158:
492:
https://web.archive.org/web/20060530160027/http://www.hfindustry.com/Sept05/Sept2005_Presentations/HFIAbriefing.ppt
1274:
905:
824:
410:
178:
61:
1264:
1254:
1109:
589:
332:
328:
166:
147:
131:
standards. Therefore, it was designed to make no assumptions about the underlying channel other than a minimum
814:
420:
1259:
1249:
1052:
1012:
1005:
995:
990:
890:
614:
609:
549:
213:
120:
1337:
1000:
751:
170:
1307:
1153:
1099:
885:
880:
855:
660:
655:
1269:
1193:
918:
604:
564:
115:
SCIP has to operate over the wide variety of communications systems, including commercial land line
1032:
913:
799:
1138:
1122:
1069:
193:
128:
1198:
1188:
1059:
1133:
104:
one-to-one connections, not packet-switched networks. SCIP derived from the US Government
599:
446:
155:
1208:
1128:
1089:
1037:
1022:
700:
685:
650:
594:
554:
304:
217:
201:
151:
1326:
1289:
1244:
1203:
1183:
1079:
1042:
1017:
746:
541:
297:
124:
439:
212:
messaging system for key exchange. FIREFLY is an NSA key management system based on
1239:
1084:
1074:
1064:
1027:
976:
766:
360:
277:
273:
463:
1218:
804:
670:
415:
248:
1178:
1148:
1143:
1104:
779:
316:
292:
with the MELP data frames to create the cipher text that is then transmitted.
284:) is negotiated for each call. The block cipher is fed a 64-bit state vector (
1168:
116:
1213:
1173:
928:
923:
251:
but the MELPe has optional additional rates of 1200 bit/s and 600 bit/s.
165:
Digital Voice
Processor Consortium (DDVPC) in cooperation with the U.S.
834:
819:
774:
726:
705:
390:
236:
209:
174:
311:, a 128-bit block design. With this or other 128-bit ciphers, such as
1094:
895:
875:
839:
829:
756:
629:
624:
619:
579:
559:
400:
395:
17:
482:
870:
865:
860:
794:
789:
741:
736:
731:
721:
695:
680:
665:
634:
584:
569:
405:
375:
344:
308:
244:
146:
US SCIP or FNBDT systems were used since 2001, beginning with the
140:
136:
784:
690:
675:
574:
450:
385:
380:
370:
365:
100:) is a US standard for secure voice and data communication, for
949:
508:
227:
code, 7 digits for Type 1 security, 4 digits for unclassified.
289:
29:
239:. The standard requires, as a minimum, support for the
1115:
Cryptographically secure pseudorandom number generator
488:
264:
defining, their own national security modes for SCIP.
496:
216:. At least one commercial grade implementation uses
1227:
983:
904:
848:
765:
714:
643:
540:
453:discusses the prospects for FNBDT for NATO in 2003
243:(MELP) coder, an enhanced MELP algorithm known as
208:calls), the SCIP signalling plan uses an enhanced
192:To set up a secure call, a new Traffic Encryption
231:Voice compression using Voice Coders (vocoders)
169:and is intended to solve problems with earlier
94:Secure Communications Interoperability Protocol
961:
520:
8:
1343:National Security Agency encryption devices
968:
954:
946:
527:
513:
505:
501:
497:
479:Securing the Wireless Environment (FNBDT)
80:Learn how and when to remove this message
464:IAD SecurePhone document search web page
43:This article includes a list of general
432:
27:US standard for secure communications
7:
150:. The standard is designed to cover
241:mixed-excitation linear prediction
106:Future Narrowband Digital Terminal
49:it lacks sufficient corresponding
25:
1303:
1302:
483:http://wireless.securephone.net/
280:. A new Traffic Encryption Key (
235:SCIP can work with a variety of
34:
1164:Information-theoretic security
1:
490:, HFIA briefing available at
139:. It is similar to a dial-up
1280:Message authentication code
1235:Cryptographic hash function
1048:Cryptographic hash function
421:Sectéra secure voice family
268:US National Mode (SCIP 230)
127:and the several different
1364:
1159:Harvest now, decrypt later
481:, briefing available from
200:) must be negotiated. For
1298:
1275:Post-quantum cryptography
945:
504:
500:
411:Secure Terminal Equipment
351:being publicly verified.
179:Secure Terminal Equipment
161:SCIP was designed by the
158:voice and data security.
1265:Quantum key distribution
1255:Authenticated encryption
1110:Random number generation
333:forward error correction
167:National Security Agency
148:CONDOR secure cell phone
121:communication satellites
1333:Cryptographic protocols
1260:Public-key cryptography
1250:Symmetric-key algorithm
1053:Key derivation function
1013:Cryptographic primitive
1006:Authentication protocol
996:Outline of cryptography
991:History of cryptography
214:public key cryptography
64:more precise citations.
1001:Cryptographic protocol
752:Siemens and Halske T52
171:NSA encryption systems
1154:End-to-end encryption
1100:Cryptojacking malware
815:Sectéra Secure Module
440:Introduction to FNBDT
323:Signalling plan (210)
307:security, SCIP uses
259:Encryption (SCIP 23x)
173:for voice, including
163:Department of Defense
1348:Secure communication
1270:Quantum cryptography
1194:Trusted timestamping
919:Intel SHA extensions
188:Key Management (120)
1033:Cryptographic nonce
914:AES instruction set
119:, military radios,
1139:Subliminal channel
1123:Pseudorandom noise
1070:Key (cryptography)
445:2016-11-04 at the
129:cellular telephone
1320:
1319:
1316:
1315:
1199:Key-based routing
1189:Trapdoor function
1060:Digital signature
941:
940:
937:
936:
906:Computer hardware
651:Bazeries cylinder
90:
89:
82:
16:(Redirected from
1355:
1306:
1305:
1134:Insecure channel
970:
963:
956:
947:
529:
522:
515:
506:
502:
498:
466:
460:
454:
437:
416:L-3 Omni/Omni xi
102:circuit-switched
85:
78:
74:
71:
65:
60:this article by
51:inline citations
38:
37:
30:
21:
1363:
1362:
1358:
1357:
1356:
1354:
1353:
1352:
1323:
1322:
1321:
1312:
1294:
1223:
979:
974:
933:
900:
844:
761:
747:Lorenz SZ 40/42
710:
639:
536:
535:Cipher machines
533:
475:
470:
469:
461:
457:
447:Wayback Machine
438:
434:
429:
357:
341:
325:
270:
261:
233:
190:
86:
75:
69:
66:
56:Please help to
55:
39:
35:
28:
23:
22:
15:
12:
11:
5:
1361:
1359:
1351:
1350:
1345:
1340:
1335:
1325:
1324:
1318:
1317:
1314:
1313:
1311:
1310:
1299:
1296:
1295:
1293:
1292:
1287:
1285:Random numbers
1282:
1277:
1272:
1267:
1262:
1257:
1252:
1247:
1242:
1237:
1231:
1229:
1225:
1224:
1222:
1221:
1216:
1211:
1209:Garlic routing
1206:
1201:
1196:
1191:
1186:
1181:
1176:
1171:
1166:
1161:
1156:
1151:
1146:
1141:
1136:
1131:
1129:Secure channel
1126:
1120:
1119:
1118:
1107:
1102:
1097:
1092:
1090:Key stretching
1087:
1082:
1077:
1072:
1067:
1062:
1057:
1056:
1055:
1050:
1040:
1038:Cryptovirology
1035:
1030:
1025:
1023:Cryptocurrency
1020:
1015:
1010:
1009:
1008:
998:
993:
987:
985:
981:
980:
975:
973:
972:
965:
958:
950:
943:
942:
939:
938:
935:
934:
932:
931:
926:
921:
916:
910:
908:
902:
901:
899:
898:
893:
888:
883:
878:
873:
868:
863:
858:
852:
850:
846:
845:
843:
842:
837:
832:
827:
822:
817:
812:
807:
802:
797:
792:
787:
782:
777:
771:
769:
763:
762:
760:
759:
754:
749:
744:
739:
734:
729:
724:
718:
716:
712:
711:
709:
708:
703:
701:Reihenschieber
698:
693:
688:
686:Jefferson disk
683:
678:
673:
668:
663:
658:
653:
647:
645:
641:
640:
638:
637:
632:
627:
622:
617:
612:
607:
602:
597:
592:
587:
582:
577:
572:
567:
562:
557:
552:
546:
544:
542:Rotor machines
538:
537:
534:
532:
531:
524:
517:
509:
495:
494:
485:
474:
471:
468:
467:
455:
431:
430:
428:
425:
424:
423:
418:
413:
408:
403:
398:
393:
388:
383:
378:
373:
368:
363:
356:
353:
340:
337:
331:protocol with
324:
321:
269:
266:
260:
257:
232:
229:
220:key exchange.
218:Diffie-Hellman
189:
186:
88:
87:
42:
40:
33:
26:
24:
14:
13:
10:
9:
6:
4:
3:
2:
1360:
1349:
1346:
1344:
1341:
1339:
1338:Speech codecs
1336:
1334:
1331:
1330:
1328:
1309:
1301:
1300:
1297:
1291:
1290:Steganography
1288:
1286:
1283:
1281:
1278:
1276:
1273:
1271:
1268:
1266:
1263:
1261:
1258:
1256:
1253:
1251:
1248:
1246:
1245:Stream cipher
1243:
1241:
1238:
1236:
1233:
1232:
1230:
1226:
1220:
1217:
1215:
1212:
1210:
1207:
1205:
1204:Onion routing
1202:
1200:
1197:
1195:
1192:
1190:
1187:
1185:
1184:Shared secret
1182:
1180:
1177:
1175:
1172:
1170:
1167:
1165:
1162:
1160:
1157:
1155:
1152:
1150:
1147:
1145:
1142:
1140:
1137:
1135:
1132:
1130:
1127:
1124:
1121:
1116:
1113:
1112:
1111:
1108:
1106:
1103:
1101:
1098:
1096:
1093:
1091:
1088:
1086:
1083:
1081:
1080:Key generator
1078:
1076:
1073:
1071:
1068:
1066:
1063:
1061:
1058:
1054:
1051:
1049:
1046:
1045:
1044:
1043:Hash function
1041:
1039:
1036:
1034:
1031:
1029:
1026:
1024:
1021:
1019:
1018:Cryptanalysis
1016:
1014:
1011:
1007:
1004:
1003:
1002:
999:
997:
994:
992:
989:
988:
986:
982:
978:
971:
966:
964:
959:
957:
952:
951:
948:
944:
930:
927:
925:
922:
920:
917:
915:
912:
911:
909:
907:
903:
897:
894:
892:
889:
887:
884:
882:
879:
877:
874:
872:
869:
867:
864:
862:
859:
857:
854:
853:
851:
847:
841:
838:
836:
833:
831:
828:
826:
823:
821:
818:
816:
813:
811:
808:
806:
803:
801:
798:
796:
793:
791:
788:
786:
783:
781:
778:
776:
773:
772:
770:
768:
764:
758:
755:
753:
750:
748:
745:
743:
740:
738:
735:
733:
730:
728:
725:
723:
720:
719:
717:
713:
707:
704:
702:
699:
697:
694:
692:
689:
687:
684:
682:
679:
677:
674:
672:
669:
667:
664:
662:
659:
657:
654:
652:
649:
648:
646:
642:
636:
633:
631:
628:
626:
623:
621:
618:
616:
613:
611:
608:
606:
603:
601:
598:
596:
593:
591:
588:
586:
583:
581:
578:
576:
573:
571:
568:
566:
563:
561:
558:
556:
553:
551:
548:
547:
545:
543:
539:
530:
525:
523:
518:
516:
511:
510:
507:
503:
499:
493:
489:
486:
484:
480:
477:
476:
472:
465:
459:
456:
452:
448:
444:
441:
436:
433:
426:
422:
419:
417:
414:
412:
409:
407:
404:
402:
399:
397:
394:
392:
389:
387:
384:
382:
379:
377:
374:
372:
369:
367:
364:
362:
359:
358:
354:
352:
348:
346:
338:
336:
334:
330:
322:
320:
318:
314:
310:
306:
301:
299:
298:stream cipher
293:
291:
287:
283:
279:
276:operating in
275:
267:
265:
258:
256:
252:
250:
246:
242:
238:
230:
228:
226:
221:
219:
215:
211:
207:
203:
199:
195:
187:
185:
182:
180:
176:
172:
168:
164:
159:
157:
153:
149:
144:
142:
138:
134:
130:
126:
125:Voice over IP
122:
118:
113:
111:
107:
103:
99:
95:
84:
81:
73:
63:
59:
53:
52:
46:
41:
32:
31:
19:
1240:Block cipher
1085:Key schedule
1075:Key exchange
1065:Kleptography
1028:Cryptosystem
977:Cryptography
809:
767:Secure voice
560:M-125 Fialka
487:
478:
458:
435:
361:Secure voice
349:
342:
339:Availability
326:
302:
294:
285:
281:
278:counter mode
274:block cipher
271:
262:
253:
249:milliseconds
234:
222:
197:
191:
183:
160:
145:
114:
109:
105:
97:
93:
91:
76:
70:October 2015
67:
48:
1228:Mathematics
1219:Mix network
715:Teleprinter
671:Cipher disk
345:IAD website
154:as well as
62:introducing
1327:Categories
1179:Ciphertext
1149:Decryption
1144:Encryption
1105:Ransomware
780:FASCINATOR
644:Mechanical
473:References
317:Triple DES
206:classified
204:security (
156:narrowband
45:references
1169:Plaintext
133:bandwidth
117:telephone
1308:Category
1214:Kademlia
1174:Codetext
1117:(CSPRNG)
929:IBM 4764
924:IBM 4758
891:Pinwheel
443:Archived
355:See also
319:cipher.
237:vocoders
152:wideband
135:of 2400
984:General
835:STU-III
820:SIGSALY
775:BID 150
727:BID 770
706:Scytale
630:Singlet
590:Mercury
391:LPC-10e
210:FIREFLY
175:STU-III
58:improve
1095:Keygen
896:Rockex
886:Purple
876:Noreen
840:VINSON
830:STU-II
800:NESTOR
757:SIGTOT
625:SIGCUM
620:SIGABA
580:Lacida
565:Hebern
555:Enigma
401:FS1016
396:FS1015
305:Type 1
202:Type 1
47:, but
1125:(PRN)
871:KL-51
866:KL-43
861:KG-84
849:Other
795:KY-68
790:KY-58
742:KW-37
737:KW-26
732:DUDEK
722:5-UCO
696:M-209
681:Kryha
666:CD-57
635:Typex
615:SG-41
610:SG-39
585:M-325
570:HX-63
427:Notes
406:ANDVT
376:MELPe
309:BATON
290:xored
245:MELPe
141:modem
110:FNBDT
18:FNBDT
856:JADE
810:SCIP
805:OMNI
785:KY-3
691:M-94
676:HC-9
661:C-52
656:C-36
595:NEMA
575:KL-7
451:NC3A
386:CELP
381:CVSD
371:MELP
366:ZRTP
303:For
177:and
98:SCIP
92:The
881:Red
825:STE
605:RED
600:OMI
550:CCM
449:by
329:ARQ
313:AES
282:TEK
225:PIN
198:TEK
194:Key
1329::
347:.
286:SV
137:Hz
123:,
969:e
962:t
955:v
528:e
521:t
514:v
196:(
108:(
96:(
83:)
77:(
72:)
68:(
54:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.