Search

US-12627466-B2 - Low-observable encryption device for facilitating communications

US12627466B2US 12627466 B2US12627466 B2US 12627466B2US-12627466-B2

Abstract

An apparatus, system, and methods to use a low-observable encryption device that includes an encryption unit; a communication unit; and a computing unit, wherein a microprocessor comprises two encryption units. The low-observable encryption device may also include an interchangable device. In some embodiments, the interchangable device comprises a computing unit, a software defined radio, an electrical to optical converter, or a combination thereof. In some embodiments, power is delivered by a USB port. In some embodiments, an input interconnect comprises an Ethernet interface, a USB interface, a Wi-Fi interface, a radio interface, a SATCOM interface, or a Bluetooth interface. In some embodiments, an output interconnect comprises an Ethernet interface, a USB interface, a Wi-Fi interface, a radio interface, a SATCOM interface, or a Bluetooth interface.

Inventors

  • Eric Adolphe
  • Riaan Gouws
  • Benjamin Tullis
  • Thomas Summe

Assignees

  • Forward Edge-AI, Inc.

Dates

Publication Date
20260512
Application Date
20240325

Claims (20)

  1. 1 . A low-observable encryption device, comprising: an encryption unit configured to encrypt an egressing native packet using an encryption key, create an encrypted egressing native packet, and add a connectionless header to form an egressing connectionless datagram; a communication unit configured to couple and communicate with the encryption unit, receive the egressing connectionless datagram, and add a complex header to the egressing connectionless datagram to form an egressing packet; and a computing unit configured to couple and communicate with the communication unit, establish a communication session between the computing unit and an external computing unit of an external encryption device, transmit an identifier list comprising an identifier, a number of identifiers, and an identifier selecting parameter, select an identifier from the identifier list, receive the egressing packet from the communication unit, and forward the egressing packet to the external computing unit through a path identified from a plurality of paths for a time interval based on the identifier list and the identifier selecting parameter, wherein a microprocessor comprises two encryption units.
  2. 2 . The device of claim 1 , further comprising an interchangable device.
  3. 3 . The device of claim 2 , wherein the interchangable device comprises a computing unit and a software defined radio.
  4. 4 . The device of claim 2 , wherein the interchangeable device comprises an electrical to optical converter.
  5. 5 . The device of claim 2 , wherein the interchangeable device is on the same side of a trust barrier as interconnects IC1 and IC3, an isolated power, and an electrical to optical converter.
  6. 6 . The device of claim 2 , wherein power is delivered by a USB port.
  7. 7 . The device of claim 2 , wherein an input interconnect comprises an Ethernet interface, a USB interface, a Wi-Fi interface, a radio interface, a SATCOM interface, or a Bluetooth interface.
  8. 8 . The device of claim 2 , wherein an output interconnect comprises an Ethernet interface, a USB interface, a Wi-Fi interface, a radio interface, a SATCOM interface, or a Bluetooth interface.
  9. 9 . The device of claim 2 , wherein an output interconnect to the interchangeable device comprises an Ethernet interface, a USB interface, a Wi-Fi interface, a radio interface, a SATCOM interface, or a Bluetooth interface.
  10. 10 . The device of claim 1 , wherein the encryption units, communication unit, and computing unit are on one side of a trust barrier.
  11. 11 . The device of claim 1 , wherein the microprocessor, interconnects communicating with the microprocessor, Faraday cage, and galvanic isolator are on the same side of a trust barrier.
  12. 12 . A system, comprising: a low-observable encryption device, comprising an encryption unit configured to encrypt an egressing native packet using an encryption key, create an encrypted egressing native packet, and add a connectionless header to form an egressing connectionless datagram; a communication unit configured to couple and communicate with the encryption unit, receive the egressing connectionless datagram, and add a complex header to the egressing connectionless datagram to form an egressing packet; a computing unit configured to couple and communicate with the communication unit, establish a communication session between the computing unit and an external computing unit of an external encryption device, transmit an identifier list comprising an identifier, a number of identifiers, and an identifier selecting parameter, select an identifier from the identifier list, receive the egressing packet from the communication unit, and forward the egressing packet to the external computing unit through a path identified from a plurality of paths for a time interval based on the identifier list and the identifier selecting parameter; and an interchangable device.
  13. 13 . The system of claim 12 , wherein a microprocessor comprises two encryption units.
  14. 14 . The system of claim 13 , wherein the microprocessor, interconnects communicating with the microprocessor, Faraday cage, and galvanic isolator are on the same side of a trust barrier.
  15. 15 . The system of claim 12 , wherein the interchangeable device comprises a computing unit and a software defined radio.
  16. 16 . The system of claim 12 , wherein the interchangeable device comprises an electrical to optical converter.
  17. 17 . The system of claim 12 , wherein the encryption units, communication unit, and computing unit are on one side of a trust barrier.
  18. 18 . The system of claim 12 , wherein the interchangeable device is on the same side of a trust barrier as interconnects IC1 and IC3, an isolated power, and an electrical to optical converter.
  19. 19 . The system of claim 12 , wherein power is delivered by a USB port.
  20. 20 . The system of claim 12 , wherein an input interconnect to the interchangeable device comprises an Ethernet interface, a USB interface, a Wi-Fi interface, a radio interface, a SATCOM interface, or a Bluetooth interface.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS The current application is a continuation-in-part (CIP) application of U.S. nonprovisional application Ser. No. 18/309,289 filed on Apr. 28, 2023, U.S. nonprovisional application Ser. No. 18/309,323 filed on Apr. 28, 2023, U.S. nonprovisional application Ser. No. 18/326,633 filed on May 31, 2023, U.S. nonprovisional application Ser. No. 18/345,080 filed on Jun. 30, 2023, U.S. nonprovisional application Ser. No. 18/354,387 filed on Jul. 18, 2023, and U.S. nonprovisional application Ser. No. 18/464,985 filed on Sep. 11, 2023. All six of these applications are incorporated by reference herein in their entirety. GOVERNMENT INTEREST This invention was made with Government support under the Small Business Technology Transfer (STTR) Funding Agreement Number FA864923P0397 awarded by the U.S. Air Force Research Laboratory, AFWERX. The Government has certain rights in this invention. FIELD This disclosure relates to data processing including the features and use of a low observable encryption device for facilitating communications. BACKGROUND Existing encryption devices may allow adversaries eavesdrop on data traffic and other communication. Multiple devices may work together to reduce this risk, but they are not flawless. Some devices are geolocatable using triangulation and trilateration requiring additional devices to obfuscate location information. Elegant, effective devices and methods are needed. SUMMARY This summary is provided to comply with 37 C.F.R. § 1.73, requiring a summary of the invention briefly indicating the nature and substance of the invention. It is submitted with the understanding that it will not be used to interpret or limit the scope or meaning of the claims. In one embodiment, a low-observable encryption device includes an encryption unit configured to encrypt an egressing native packet using an encryption key, create an encrypted egressing native packet, and add a connectionless header to form an egressing connectionless datagram; a communication unit configured to couple and communicate with the encryption unit, receive the egressing connectionless datagram, and add a complex header to the egressing connectionless datagram to form an egressing packet; and a computing unit configured to couple and communicate with the communication unit, establish a communication session between the computing unit and an external computing unit of an external encryption device, transmit an identifier list comprising an identifier, a number of identifiers, and an identifier selecting parameter, select an identifier from the identifier list, receive the egressing packet from the communication unit, and forward the egressing packet to the external computing unit through a path identified from a plurality of paths for a time interval based on the identifier list and the identifier selecting parameter, wherein a microprocessor comprises two encryption units. The low-observable encryption device may also include an interchangable device. In some embodiments, the interchangable device comprises a computing unit, a software defined radio, an electrical to optical converter, or a combination thereof. In some embodiments, the encryption units, communication unit, and computing unit are on one side of a trust barrier. The interchangeable device may be on the same side of a trust barrier as interconnects IC1 and IC3, an isolated power, and an electrical to optical converter. The microprocessor, interconnects communicating with the microprocessor, Faraday cage, and galvanic isolator may be on the same side of a trust barrier. In some embodiments, power is delivered by a USB port. In some embodiments, an input interconnect comprises an Ethernet interface, a USB interface, a Wi-Fi interface, a radio interface, a SATCOM interface, or a Bluetooth interface. In some embodiments, an output interconnect comprises an Ethernet interface, a USB interface, a Wi-Fi interface, a radio interface, a SATCOM interface, or a Bluetooth interface. In one embodiment, a system includes a low-observable encryption device, including an encryption unit configured to encrypt an egressing native packet using an encryption key, create an encrypted egressing native packet, and add a connectionless header to form an egressing connectionless datagram, a communication unit configured to couple and communicate with the encryption unit, receive the egressing connectionless datagram, and add a complex header to the egressing connectionless datagram to form an egressing packet; a computing unit configured to couple and communicate with the communication unit, establish a communication session between the computing unit and an external computing unit of an external encryption device, transmit an identifier list comprising an identifier, a number of identifiers, and an identifier selecting parameter, select an identifier from the identifier list, receive the egressing packet from the communication unit, and forward th