PLI Diagram, BBN Report 2816, April 1974

The

ARPANET The Advanced Research Projects Agency Network (ARPANET) was the first wide-area packet-switched network with distributed control and one of the first networks to implement the TCP/IP protocol suite. Both technologies became the technical fou ...

pioneered the creation of novel

encryption In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can de ...

devices for packet networks in the 1970s and 1980s, and as such were ancestors to today's

IPsec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...

architecture, and High Assurance Internet Protocol Encryptor (HAIPE) devices more specifically. DuPont and Fidler provide a historical perspective of ARPANET encryption devices in the broader evolution of computer networks and cybersecurity. They focus primarily on the first such ARPANET device, the Private Line Interface (PLI). That said, the PLI was just the first in a series of devices created during the 1970s and 1980s in ARPANET-related research and development:"Re: Network Layer Encryption History and Prior Art"
email by Steve Kent on the ipsec mailing list, Wed, 19 Jun 1996 10:59:39 +0100 * Private Line Interface (PLI) * Black-Crypto-Red (BCR) * Blacker * Internet Private Line Interface (IPLI)

Private Line Interface (PLI)

The Private Line Interface (PLI) was the first packet encryptor, sponsored by the

Advanced Research Projects Agency The Defense Advanced Research Projects Agency (DARPA) is a research and development agency of the United States Department of Defense responsible for the development of emerging technologies for use by the military. Originally known as the Adv ...

and implemented by

BBN Technologies Raytheon BBN (originally Bolt Beranek and Newman Inc.) is an American research and development company, based next to Fresh Pond in Cambridge, Massachusetts, United States. In 1966, the Franklin Institute awarded the firm the Frank P. Brown ...

as part of the creation of the ARPANET. It was in an early ideation phase by 1973, with a stated goal of providing users with the equivalent of a private, leased line through the ARPANET. In that early phase, the PLI was envisioned to provide two distinct capabilities: transferring a continuous bit steam over the ARPANET, and possibly encrypting the bit stream while it was within the ARPANET. As design progressed, it evolved into a packet encryption device, which was approved starting in 1975 by the

National Security Agency The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collect ...

for limited deployment on the ARPANET, to protect classified data as it passed through the network. Each PLI device incorporated a KG-34 encryption device, and as a result was a manually keyed system.

Black-Crypto-Red (BCR)

Black-Crypto-Red (BCR) was an experimental, end-to-end, network packet encryption system developed in a working prototype form by BBN and the Collins Radio division of Rockwell between 1975-1980. BCR was the first network security system to support

TCP/IP The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suit ...

traffic for IPv3, and it incorporated the first

Data Encryption Standard The Data Encryption Standard (DES ) is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cry ...

(DES) chips that were validated by the U.S. National Bureau of Standards (now called NIST). It provided automated, KDC-based key management and access control (as later adopted by Kerberos and Blacker), and supported IP header bypass.

Blacker

The first Blacker program began in the late 1970s, with a follow-on eventually producing fielded devices in the late 1980s.
DARPA Technical Accomplishments: An Historical Review of DARPA Projects
', vol. 1, by Sidney G. Reed, Richard H. Van Atta, and Seymore J. Deitchman, IDA Paper P-2192, 1990, pages 20-18 to 20-20. It was sponsored by the National Security Agency as a very high assurance (A1), multi-level security system, and developed by SDC (software) and Burroughs (hardware), and after their merger, by the resultant company Unisys.

Internet Private Line Interface (IPLI)

The Internet Private Line Interface (IPLI) was created by BBN as a successor to the PLI. It was updated to use TCP/IP (IPv4) and newer COMSEC technology (

KG-84 The KG-84A and KG-84C are encryption devices developed by the U.S. National Security Agency (NSA) to ensure secure transmission of digital data. The KG-84C is a Dedicated Loop Encryption Device (DLED), and both devices are General-Purpose Telegra ...

), but still manually keyed. They were intended for use in the

Defense Data Network The Defense Data Network (DDN) was a computer networking effort of the United States Department of Defense from 1983 through 1995. It was based on ARPANET technology. History As an experiment, from 1971 to 1977, the Worldwide Military Command an ...

and also in DARPA Low-Cost Packet Radios in the SURAN project.

References

{{reflist

Encryption devices In cryptography, encryption is the process of encoding information. This process converts the original representation of the information, known as plaintext, into an alternative form known as ciphertext. Ideally, only authorized parties can decip ...

Encryption devices