Lab buys software site license

In a move designed to eliminate password security vulnerabilities the Energy Department's Lawrence Livermore National Laboratory has purchased a site license for encryption software that will encompass all 12 000 users at the lab.

Livermore has purchased a license for F-Secure SSH software from Data Fellows Inc. a Finnish company with U.S. headquarters in San Jose Calif. The client/server software provides user authentication data encryption and privacy protection for internal and remote communications.

Frank Swift unclassified computer security coordinator at Livermore said the purchase should allow the lab to move away from using passwords to identify internal and remote users. The product also was chosen because it supports Apple Computer Inc.'s Macintosh platforms which are prevalent at the lab as well as Microsoft Corp.'s Windows 3.1 95 and NT and all Unix platforms.

"It gives you an encrypted session " he said. "The major threat you have these days is someone sniffing a password - normally it's off-site. Most of the problems we've had in computer security...have been a result of a sniffed password. If you have a sniffer out there [when using F-Secure] all you'd get is a bunch of garbage."

Although this is the first U.S. government site license for Data Fellows Petri Laakkonen president of Data Fellows said other agencies especially other DOE labs may soon follow Livermore's lead because the lab has a reputation of being a leader in information technology security. DOE's Los Alamos National Laboratory Sandia National Laboratory and its Jet Propulsion Laboratory each have acquired a few licenses to date to test the F-Secure product Laakkonen said. Data Fellows' other federal government customers include NASA the Air Force and the Navy.

"It's a pretty good size site license " he said. "Lawrence Livermore National Laboratory is one of those labs that was set up originally in the Cold ensure national security. They are one of the most powerful computing centers in the whole world and the information they deal with in that lab [is] very sensitive information."

In addition the product provides three types of encryption for users which also made the product more attractive Swift said. F-Secure users can choose to use products that employ Triple Data Encryption Standard the International Data Encryption Algorithm or the Blowfish algorithm. Triple DES is a triple implementation of the DES approved by the government for use by federal agencies. IDEA is a fairly new algorithm designed by a Swiss researcher and Blowfish is a DES alternative embedded in the popular Pretty Good Privacy software and other products.

At the beginning of a transmission using F-Secure the client and server authenticate each other with public-key technology from RSA Data Security Inc. Subsequently the software creates an encrypted channel between the client and the server and all transmitted data is encrypted Laakkonen said. The product is designed to protect individual data packets from tampering if captured by an authorized user he said. It also secures electronic-mail databases and World Wide Web servers.

"We provide end-to-end security " he said. "It's not from port-to-port or device-to-device."


  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.