High assurance cryptographic interface

Maintaining strategic advantage in modern warfare requires the deployment and use of cryptographic systems to ensure the confidentiality and integrity of vital communications between operational elements. The ability to accomplish this goal imparts a sense of confidence both to the receiver that information originated unmodified from a trusted source and to the sender that it will be read by only the intended recipient, thus playing a significant role in assuring mission success. Embedded cryptographic hardware is the means by which most sensitive mission data is protected. Today, mission application software is generally written to use the services of a specific cryptographic module, making it difficult to replace a module with one designed by a different vendor or to adapt to changing requirements. The commercial world has resolved this issue by specifying standardized cryptographic interfaces that are used by a wide range of applications to access cryptographic services. Until recently, however, no generic, full-featured interface to high assurance cryptographic hardware had been defined. This paper explores the goals for an interface to high assurance cryptographic modules and describes a model for such an interface.