Re: Been there
Clearly just from reading the CESG homepage, these guys just don't get it apparently;
ECTOCRYP® Blue is the next stage in sovereign UK cryptographic development which is what there director is waffling on about..
This enterprise version with its 19” rack mounting is fully interoperable with ECTOCRYP® Yellow, providing High Grade encryption for strategic and tactical networks.
◾Sovereign High Grade SECRET and TOP SECRET
◾PRIME Suite A certified to interoperate with other certificated PRIME conformant devices, modules include:
◾Base (IKEv2)
◾Suite A
◾Pre-Shared Key
◾Pre Placed Key SA
◾Community Separation (CCOI)
◾NAT Traversal
◾Peer Topology Sharing (Node)
◾Advanced Networking (DSCP Bypass, IKEv2 Liveness)
◾Encryption of multi-cast communications using Pre-Placed Key (PPK)
◾Supports crypto discovery using Peer Topology Sharing (PTS)
◾Up to 256 cryptographic keys (PPK, PSK, CCOI)
◾> 512 simultaneous Security Associations (SA)
◾>1.6 Gb/sec bidirectional IMIX throughput
◾Support for remote management
◾Crypto Ignition Key (CIK) support; Device Not Protectively Marked (NPM) ACCSEC when CIK removed, easing handling constraints.
There is a huge difference between Pre-Shared Key and Public-Shared Key and I sure as hell don't like the sound of Pre Placed Key (SA) that implies they want to insert there signed-ness everywhere - With support for remote management, that must means a hackable Linux web-portal on it's ass end somewhere with there own private (SA) which some clever bod will replace with there own (SA) after they've broken in... Stupid is as stupid does! What is a DSCP Bypass? An IKEv2 dear god pay peanuts get monkeys there still playing with IPsec calling it secret, ah bless there little cotton socks!