In a typical time division multiplexing (TDM) communication system (see Fig.1), several channels of low-speed signals like user digitalized voice and data are combined into a single channel of high-speed bit stream at the multiplexer where the appropriate frame synchronous signals are also inserted. Then, the combined bit stream together with the frame synchronous signals are sent to the transmission equipment and finally, through channels such as microwave, troposcatter, optical fibre and satellite channels, etc., to the receiver.
Fig. 1 A typical multiplex communication system
The received high-speed bit stream is sent to a multiplexer who usually also plays the role of de-multiplexing. The multiplexer demultiplexes the hi-speed bit stream into multiple low-speed digital signals and distributes them to terminal devices. Thus a single high-rate channel can transmit data of multiple users simultaneously. Since it is rather easy for the adversaries to intercept signal of microwave, troposcatter and satellite communications, measures have to be taken to preserve the confidentiality of the data being transmitted. The most effective way to protect data confidentiality is to have it encrypted before transmission.
SEC-30 Encryptor is such a device that can provide encryption for trunk communication lines. The cost of deploying SEC-30 encryptor is lower than applying encryptors for each low-speed line separately. If the low data rate lines are encrypted, the extra encryption provided by link encryptor will improve the overall security level of the communication system. The location of the encryptor in a TDM communication system is shown in Fig.2
Fig. 2 Location of SEC-30 Encryptor in a multiplex communication system
The SEC-30 Encryptor is installed between a switch and a channel device to provide encryption to the high-speed bit stream output from the switch. At the sending end, the sender encryptor encrypts data switch transform it into ciphertext bit stream. At the receiving end, the receiver encryptor decrypts the ciphertext data and restores the original plaintext bit stream before forwarding it to the switch. The ciphertext bit stream is unintelligible to any outsiders, thus its confidentiality is preserved.
2 Technical Specifications:
Throughput: 2048 Kbps.
Work mode: Full-duplex.
Interface type: comply with E1 standard; frame format is in compliance with the E1 frame specification.
Synchronization mode: One-time synchronization.
Self-test: During self-testing, the machine tests all functional modules and gives indications when any fault is detected.
Operation status indication: The encryptor provides operation status indication and fault indication.
Structure: Standard 1U rack mounted.
Reliability: MTBF: ≥5,000 hours. MTTR: ≤20 minutes.
(1) Operation temperature: -25℃～+55℃;
(2) Storage temperature: -40℃～+70℃;
(3) Power supply
Dimensions: 436×360×44mm (1U Chassis).
Weight ＜10 Kg.
Power supply: AC220V/50HZ or DC 36V-72V. Power consumption ≤15 W
The encryptor is of 1U desktop type that can be mounted onto 19” rack. Its front panel provides operation state and fault display, keypad and key loader for connecting socket and key destruction switch.
Front panel layout for SEC-30 Encryptor
The rear panel has 5 BNC plugs, AC power socket, AC fuse, DC power socket, DC fuse, earthing terminal, chassis lock, etc..
Rear panel layout for SEC-30 Encryptor
(2) Dimensions and weight External dimensions: height x width x depth = 43.6 x 482.6 x 360（mm3）(for 19” cabinet).
Weight: less than 10 kg.