NSA begins crypto upgrade

The National Security Agency is beginning a 15-year, multibillion-dollar effort to modernize the nation's cryptographic systems, which are rapidly growing obsolete and vulnerable.

Cryptographic systems encode messages and include such tools as secure telephones, tactical radios and smart cards. Virtually every federal department and agency—including the military, the White House, intelligence agencies and the State Department—use encryption.

But existing encryption algorithms are no longer cutting-edge, and hardware for many systems is becoming obsolete. Replacing them is a top goal for NSA's information assurance directorate, said Michael Jacobs, who heads the directorate.

"When it comes to protecting our information, the first line of defense is NSA- provided cryptography," said Vice Adm. Richard Mayo, Navy director of space, information warfare, command and control, speaking before the House Armed Services Committee in May. Mayo said the Navy, joint forces and allied militaries have more than "400,000 such cryptographic products of varying type in our inventory for voice, video and data."

"A lot of that [hardware] technology is at or [is] getting to the point where you cannot obtain replacement parts, so it's becoming a maintenance problem," Jacobs said. He noted that the security features in the cryptographic systems—"specifically the underlying cryptographic algorithms"—are nearing the end of their life expectancy.

The agency recently published a cryptography plan and shared its vision with 70 potential vendors this summer. NSA will fund early development of new technologies under the Crypto Moderni.zation Program, and the various departments and agencies will acquire the systems once they have been developed.

"Information system security is the name of the game, and if NSA cannot guarantee that security, it is a serious problem," said Steven Aftergood, intelligence policy analyst for the Federation of American Scientists. "It's a problem for everyone who depends on secure communications, and that's almost everyone in government."

NSA's budget is classified, but Jacobs said the agency has budgeted "multiple millions" of dollars just to update its cryptographic systems in 2002 and is seeking to increase funding in its 2003 to 2008 budget plan.

"We're at the front end of this process, which in terms of dollar value is a lot smaller than the middle and back end, where acquisition starts," Jacobs said.

Agency officials must decide which families of equipment they initially want to modify or replace; the first modernized products will likely be delivered in 2004.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.