By Paul Parkinson
Recently, I attended the IDEF 2011 defence trade show in Instanbul as part of the Wind River team exhibiting on the Tektronik (Turkish distributor) stand.
Our partner, Curtiss-Wright, who were also exhibiting at the event, had kindly lent me a VPX chassis and VPX6-185 board, which I used to demonstrate a Cross-Domain Solution (CDS) demo running on VxWorks MILS. The demo filters packets of data between black and red networks based on the security classification of the data, and uses multiple partitions to implement sender and receiver on different interfaces.
The demo currently uses a simple encryption algorithm for data passed over the black network (which wouldn't present much of a challenge to GCHQ/CESG or NSA), so I decided to replace it with a stronger encryption algorithm which is more appropriate for real world systems. I initially considered using an open source implementation of AES-256, but then I remembered the export controls on 256-bit AES, so I decided to use a public domain implementation of the Russian GOST 28147-89 (which also uses a 256-bit keys).