Homepage
Crypto
Index
Enigma
Hagelin
Fialka
Siemens
Philips
Nema
Racal
Motorola
STK
Transvertex
Gretag
HELL
Telsy
TST
Mils
AT&T
Tadiran
USA
USSR
UK
Voice
Hand
Mixers
Phones
Spy sets
Burst encoders
Intercept
Covert
Radio
PC
Telex
Agencies
Manufacturers
Donate
Kits
Shop
News
Events
Wanted
Contact
About
Links
Logo (click for homepage)
TCE-621/M   Cryptel-IP
Mobile IP Encryptor

The TCE-6217M is a mobile IP encryption device, developed by Thales in Oslo (Norway) around 2012 for use by NATO at all levels of secrecy, including COSMIC TOP SECRET. It is currently (2014) the dominant NATO IP Crypto Equipment (NICE). It provides end-to-end security to the IP protocol and is interoperable with all members of the TCE-621 Cryptel-IP family including the TCE-621/B. The TCE-621/M is also known as MINP.
 
The image on the right shows a typical TCE-621/M as it was used by NATO for instruction. The device measures just 160 x 44 x 120 mm and has all connections at the front. At the center of the front panel is the MODE switch, which acts as the power switch, but is also used for ereasing the crypto variables (ZEROIZING).

The TCE-621/M provides full RED/BLACK separation. The left half of the device deals with the BLACK side (i.e. the outside world) and loading of the key material, whilst the right half is for the RED side (i.e. the internal network).
  

The TCE-621/M allows any 10/100 Mbps IP-based network to be secured. The BLACK side also supports USB 2.0 and, via an adapter, legacy RS232. In addition, an optical interface can be added to the RED side. The devices can be managed from the TCE-671 Management Centre.
 
TCE-621/M with protective covers over the connectors Front view of the TCE-621/M Keypad on top of the device Top view of the TCE-621/M Zeroize knob Zeroizing the TCE-621/M

 
Controls

 
Security
The TCE-621/M uses a distributed key, which is loaded into the device by means of a special key transfer devices that is connected to the 3rd socket at the front panel. The device can only be operated when a valid and properly initialized Crypto Ignition Key (CIK) is present at the front.
 
In case security is compromised, the keys can be destroyed quickly by pulling the black knob at the center of the device outwards, and rotating it clockwise to the E setting, as shown in the image. This procedure is called ZEROIZING.

For data encryption the user has the choice between a proprietary NATO NICE algorithm known as EINRIDE, and the public key based AES algorithm.
  
Zeroizing the TCE-621/M

 
Specifications
  • Designed for NATO secret traffic
  • NATO Type A algorithm (Einride)
  • NATO Type B algorithm (AES)
  • Vectorized AES (allowing customized vector)
  • Removable CIK
  • 10/100 Mbps ethernet
  • IPv4 and IPv6 compatible
  • PPP support (black side)
  • USB 2.0
  • RS232 (via USB adapter)
  • Key fill via DS-101 (DTD) or DS-102 (KOI-18) protocol
  • ISO 7816 smart card
References
  1. Thales, TCE-321/M
    Date unknown. Retrieved April 2014.

  2. NATO IACD, TCE 621/M
    Retrieved April 2014.

Further information

Any links shown in red are currently unavailable. If you like this website, why not make a donation?
Copyright 2009-2013, Paul Reuvers & Marc Simons. Last changed: Thursday, 03 April 2014 - 10:57 CET
Click for homepage