User's Manual

Table Of Contents
MM102558V1 R1A
5.3.3.1 Voice Guard
Voice Guard is the first generation digital voice format available only as an encrypted signal. Voice
Guard signals use Gaussian Minimum Shift Keying (GMSK), running at 9600 bps, two level FM
modulation, Non-Return-to-Zero (NRZ), serial data. This means that the data is a serial train of two-state
data bits (i.e., ones and zeros) occurring at the rate of 9600 bits per second. The NRZ characteristic
means that the duration of each data bit is a full clock period (approximately 104 microseconds) instead
of returning to zero before the next bit time starts.
Voice Guard is available in two types of encryption provided by either of two different algorithms. These
algorithms are:
Data Encryption Standard (DES)
Voice Guard Encryption (VGE)
These algorithms are the mathematical manipulations used to scramble the digitized voice bit pattern.
Both algorithms offer the user a higher level of voice security by virtue of the extremely large number of
available cryptographic keys. The availability of encryption devices are subject to national and
international export laws.
5.3.3.2 AEGIS
AEGIS is a second generation digital voice format, available in both encrypted and unencrypted formats.
AEGIS uses Adaptive Multi-band Encoding (AME). AME offers enhanced voice quality characteristics
over Voice Guard technology. AEGIS operates at 9600 bps, two level FM, with encryption provided by
DES or VGE algorithms.
5.4 ENCRYPTION FORMATS
5.4.1 Data Encryption Standard (DES)
DES is a public domain encryption system. DES employs a 64 bit cryptographic key, 56 bits of which are
used for encryption and the remaining eight bits are parity bits. This results in 7.2 times 10 to the 16
th
power unique cryptographic keys being available. The security of a DES equipped system is a result of
the extremely large number of available keys.
5.4.2 Voice Guard Encryption (VGE)
The VGE algorithm is a very secure, proprietary, encryption algorithm which was developed to meet the
security needs of international and domestic customers. The encryption algorithm utilizes highly complex
non-linear data spreading and iterative key scheduling to insure the security of encrypted voice data.
The VGE algorithm utilizes a 64-bit cryptographic key, and thus offers the security of 1.8 times 10 to the
19
th
power permutations of keys. It also utilizes a key scheduling algorithm, bit permutations, and non-
linear product transformations to provide a very high level of bit spreading.
Unlike DES, the VGE algorithm offers an additional level of security, in the form of Customer Unique
Encryption (CUE). The programming of a second 64-bit CUE code (16hex characters) allows a user
increased security. Even if two parties use the same cryptographic key, their equipment will not
communicate unless they use the same CUE. This, effectively, increases the number of key and CUE
permutations to 3.4 times 10 to the 38th power, equivalent to 128-bit encryption.
VGS is a customer unique, customer specific encryption algorithm that works very similar to VGE.
28