Rohde & Schwarz SIT GmbH

Rohde & Schwarz SIT GmbH

Rohde & Schwarz SIT GmbH has been supplying crypto products and IT security solutions to military and government agencies worldwide for over 25 years. Rohde & Schwarz SIT develops and produces exclusively in Germany. The company is a NATO supplier and, since 2004, IT security partner of the Federal Republic of Germany.

As part of the Rohde & Schwarz group, the company serves its customers through an international sales and service network spanning more than 80 countries.

As of 2016, Rohde & Schwarz SIT in Stuttgart has focused on its core business of encryption solutions for secure radiocommunications.

Products

ELCRODAT 4-2

Ruggedized encryption device for voice and data communications via HF/VHF/UHF and SatCom (NATO).

The ELCRODAT products from Rohde & Schwarz protect voice and data communications in digital and analog networks of armed forces and government authorities for all German and NATO security classifications.

The ELCRODAT 4-2 is a fully ruggedized tactical crypto device used to encrypt and decrypt voice and data communications for all German and NATO security classifications. Since it is TEMPEST-proof, it is interoperable with HF/VHF/UHF radio, satellite communications and line transmission equipment. It is ideal for deployment on stationary and mobile platforms in rugged terrain and in naval and airborne environments.

References

The French navy uses the ELCRODAT 4-2 as part of its RIFAN II program (réseau IP de la force aéronavale). The encryption device has also been qualified for operation in advanced airborne platforms such as the Eurocopter Tiger (in Germany and Spain) and the A400M transport aircraft (in Belgium, Germany, Spain, France, Great Britain, Luxembourg and Turkey). The MMC3000, a variant of the encryption device aimed at the global market, is in demand by customers outside Europe.

Key Facts

  • Voice and data encryption from the highest German security levels up to COSMIC TOP SECRET
  • Protects HF/VHF/UHF, satellite communications and line transmission
  • Fully rugged, tamper protected, TEMPEST-proof
  • Stationary and mobile deployment in all military branches (army, navy, air force)
  • Multi-Remote Control Software for Windows 7 und MIL-Bus
  • Approved for all German and NATO classification levels

R&S®MMC3000 Multimode Multirole Crypto Device

Ruggedized encryption device for voice and data communications via HF/VHF/UHF and SatCom (Non-NATO).

The R&S®MMC3000 is a fully ruggedized tactical crypto device used to encrypt and decrypt voice and data communications at the highest security levels. It is based on the ELCRODAT 4-2 but does not contain NATO crypto algorithms. Since it is TEMPEST-proof, it is interoperable with HF/VHF/UHF radio, satellite communications and line transmission equipment. It is ideal for deployment on stationary and mobile platforms in rugged terrain and in naval and airborne environments.

Key Facts

  • Voice and data encryption to the highest security levels
  • Protects HF/VHF/UHF, satellite communications and line transmission
  • Fully rugged, tamper protected, TEMPEST-proof
  • Stationary and mobile deployment in all military branches (army, navy, air force)
  • Customizable crypto algorithms for specific user requirements

ELCRODAT 5-4

Highly secure voice and data communications in digital and analog networks.

The ELCRODAT products from Rohde & Schwarz protect voice and data communications in digital and analog networks of armed forces and government authorities for all German and NATO security classifications.

The ELCRODAT 5-4 (ED5-4) is used by military organizations and government authorities for encrypted transmission of voice and data signals in analog and ISDN networks. It provides secure end-to-end encryption, which protects messages against eavesdropping and manipulation attacks along the entire transmission path.

Key Facts

  • Encrypted operation across networks
  • Interoperable with existing voice encryption devices (ELCROVOX 1-4D, STU-IIB, TCE 500/B)
  • Encryption keys can be loaded manually via the standardized NATO fill interface or provided automatically via a key distribution center
  • Approved for all German and NATO levels of classified information
  • Access to all cryptological functions with personal chip card and PIN code

ELCRODAT 6-2

Secure voice and data communications in ISDN up to TOP SECRET classification level.

The ELCRODAT products from Rohde & Schwarz protect voice and data communications in digital and analog networks of armed forces and government authorities for all German and NATO security classifications.

The ELCRODAT 6-2 is the first encryption unit approved by the German Federal Office for Information Security (BSI) for the transmission of information classified up to TOP SECRET, which uses a public key method for key agreement. In conjunction with the public key method, the noise generator implemented in the encryption unit permits mutual authentication and key agreement. New session keys are generated in the encryption unit for each connection. The keys do not leave the units and are deleted after the session, ensuring maximum security. Access for users and administrator is secured by state-of-the-art processor chip cards.

The system is available in two versions: ELCRODAT 6-2 S and ELCRODAT 6-2 M.

Version "S" is used for Euro-ISDN basic rate access (S0 bus/port). It is the secure supplement to existing Euro-ISDN terminals or PBXs.

Version "M" is used for Euro-ISDN primary rate access (S2M port) and permits simultaneous individual encryption of up to 30 channels. A typical application of this version is the 2 Mbit/s port encryption at the frontend of ISDN PBX systems.

The devices are connected between commercial ISDN terminals and the ISDN access point. For the network, the encryption devices act like terminal equipment. For terminal equipment, the ELCRODAT 6-2 acts as a network termination (NT).

The ELCRODAT 6-2 high-end encryption system consists of the following components:

  • Encryption unit
  • Management station for certificate administration
  • Logging station for remote monitoring of the encryption units
  • Service station for remote administration

More Information

R&S®TrustedFilter IP

Real-time capable information flow between security domains

The R&S®TrustedFilter IP separates IP networks with different classification levels. It applies deep packet inspection to all passing packets to prevent the unwanted leakage of classified information. If a packet violates the configured filtering rules the packet is dropped and the event is logged.

The R&S®TrustedFilter IP supports the filtering of VoIP traffic (SIP, RTP) and of various radio control protocols. It is possible to add further filter rules for other protocols as necessary. Filtering is performed stateless focusing only on the current processed packet. Additionally, the R&S®TrustedFilter IP can be configured to only allow communication between certain devices in both networks. The IP addresses of the higher-classified network can be hidden from the lower-classified networks using network address translation (NAT). Audio data sent from the higher-classified network to the lower-classified network may only pass the R&S®TrustedFilter IP if they bear a correct cryptographic signature. The filter configuration of the R&S®TrustedFilter IP is easily configured using its management system.

The R&S®TrustedFilter IP is based on the R&S SIT Cryptodevice-Platform, which is embedded Linux based and uses hardware developed and manufactured by R&S. The R&S SIT Cryptodevice-Platform offers among others the following security features:

  • Separation of networks with different classification levels
  • Hardware security module
  • Secure boot
  • Security management and configuration system
  • System and security log
  • CIK for classification, configuration, and detamper oft he devices
  • Emergency clear and tamper proteciton

Key Facts

  • Whitelist filters with deep packet inspection
  • Kryptographic verification of the classification of voice data
  • Blocks not authorized network traffic
  • Not authorized network traffic is dropped and logged
  • Red-black separation and TEMPEST according to SDIP27 Level C
  • Secure Boot, Secure Update, Secure Remote Management

R&S®FT5066 Trusted Filter

Radio control information filter – red/black separation to STANAG

The R&S®FT5066 trusted filter is developed for a scenario consisting of a STANAG 5066 message handling application involving a radio and/or modem interface and a remote control protocol. The device provides firewall functionality for the radio’s control information. Inserted in the control path of a system, the filter provides a strict red/black separation. This ensures that only explicitly permitted control commands are transmitted and prevents (un)intentional data leakage over the control interface.

Key Facts

  • Rigid enforcement of classifi cation boundary between red and black data
  • Prevents data leakage over the control interface
  • Operates in systems classified up to “SECRET”
  • Built-in tests and access control
  • Audiovisual status indicators and detailed logging function
  • Supports R&S®M3SR radios, Harris and RM6 as well as GA-123 modems

Competencies

Crypto modules for radio sets

Tamper proof modules for military environment and highest security requirements

Rohde & Schwarz SIT has a longtime experience in the development of hardware and software of crypto modules. These crypto modules implement the highest security standards and can be operated even under extreme environmental conditions. Our crypto modules are not only used in SIT products, but also in radios of Rohde & Schwarz (e.g., SVFuA, SDTR).

The crypto modules are manufactured in secured areas of Rohde & Schwarz manufacturing in Germany. Depending on the requirements, they can be equipped with a high-class drilling and tamper protection. This together with other built-in security features allows for a secure download of future crypto algorithms into the module.

The key features of our crypto modules are:

  • Software-defined crypto
  • Tamper protection
  • Support of state-of-the-art crypto procedures (national, NATO, NON-NATO)
  • Secure software download
  • Access protection
  • Interfaces according to EKMS 308
  • High performance
  • Low power dissipation
  • Small, configurable form factor

VS - Approval of products

Long time experience in development of crypto products to reach an approval for all national (BSI) and NATO (SECAN) classification level

Rohde & Schwarz SIT has the technical expertise and longtime experience in the creation of security concepts and the development of modules and devices. This includes the security certification for all national (Germany) and NATO classification levels, and according to Common Criteria.

Cryptologie Expertise

Secure side channel resistent Implementation of modern crypto algorithms and crypto methods.

  • Longtime experience in the secure, side-channel resistant implementation of modern cryptographic algorithms and procedures.
  • Consulting in the analysis of security aspects, the selection of security procedures, and the creation of security concepts. Development partner of new security products.
  • Expertise in designing and engineering of highly sophisticated random number generators, including their successful certification. Consulting services in development and certification of random number generators.
  • Training in modern cryptography.
  • Rohde & Schwarz SIT creates security concepts for various security applications.
Thank you.

Your request was successfully sent!

We will get in touch with you soon.

Your Rohde & Schwarz Team

Feedback
Tell us your opinion
Please tell us which topic.

Please enter your inquiry.
Contact information

Please enter your first name.

Please enter a valid e-mail address.

Please enter your name.
Security Response Code
show captcha

The input was not correct.
*Mandatory Field
Contact us

Rohde & Schwarz SIT GmbH

Hemminger Strasse 41

D-70499 Stuttgart

Tel: + 49 (0)711 69945-100

Fax: +49 (0)711 69945-170

info.sit@rohde-schwarz.com


International Website