Point-to-Point Network traffic cypher

Communication security system is based on an algorithm of indirect encryption, which belongs to a class of undisclosed algorithms.


End-to-End IP-network traffic encryption

Information protection based on undisclosed algorithms

Offered in CRYPTOX III communication security system is based on an algorithm of indirect encryption, which belongs to a class of undisclosed algorithms.

Indirect algorithm encryption

According to this algorithm, the input data is processed cyclically and each iteration consists of two phases:

  • Data encryption and decryption
  • Rearrange the basic vector

Each vector is subjected to a series of independent permutations using the one-time pad. Base vector is constantly replaced by the new key from the container and re-used. For preparation of the base vector to the decryption process on the receiving side the opposite occurs reshuffle. Special software modules are integrated into the network stack and OS intercept network traffic in accordance with the desired settings. Procedure for capture and traffic encryption occurs independently from and transparent to the user of another software. Several schemes can be used to synchronize the key: Start encryption with pre-shared key; Reconciliation key for data transmission; As a key performs offset number for the key container that has nothing to do with the contents of the container-key.

Point-to-point network traffic solution includes:

  • CryptoX III keys initialization and TRNG generator station
  • VOIP server station
  • CryptoBOX III

The advantages of the encryption algorithm

  • The algorithm belongs to the class is not disclosed;
  • Special key container (one-time pad) is used as a key;
  • The key is generated by a special device that generates a random sequence, which is based on physical processes;
  • The key is used only once;
  • Knowledge of encrypted information does not allow to predict the following key sequence;

Supported OS

Linux, Windows (XP, Vista, Server 2008, 7, 8)
Used in the CB-3 software technology is not subject to any additional license fees.

The encryption of any network protocol

TCP/UDP traffic is encrypted between two ports

  • The streaming nature of the transfer of large volumes of data
  • The time scale with the strict requirements for QoS (~ 500 ms / cycle)
  • Intensity data exchange with the external environment
  • Generation of a large array of true random numbers
  • Development of new methods of harmonization of key information between the parties to the communication session
  • Transparent integration uncrackable ciphers in the existing protocols and information systems
Encryption method

The proposed solution is used for securing the communication channel point-to-point. There are several uses: Encrypt any network protocol (depend on option); TCP/UDP traffic encryption between two ports; For this purpose, special software modules that are installed in the security module.

Creating a "Key-Container"

To generate the key container using a special software package together with a hardware random number generator is true on the basis of physical processes. Generated keys containers stored on carriers which are then installed in the security modules, each participant (A and B) secure session.

Expandable functionality
The basic device configuration includes VOIP security option which can be expanded by the following options: Option A: FTP Option B: SMTP Option C: HTTP Option D: Instant messaging (SIP, XMPP/Jingle) * The options list can be extended by agreement.



Dimensions (WxDxH) 215x230x44 mm
Color Black
Front Panel
LCD display 20x2 characters
LEDs destination base 7
Keyboard 15-keys
USB 2.0 1 port
HDD 1 indicator
Rear Panel
DUAL GIGABYTE LAN INTEL ® (10/100/1000 Mbit/s) 2 RJ-45 ports
Serial-Port / GPS-antenna 1
USB 3.0 4 ports
DC-IN 9-30V 3.36A 1