This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
DNC Decryption Flow
DNC Decryption Flow

Version management

Difference between version and

At line 1 added 434 lines
!!! Overview
[{$pagename}] detects and [decrypts] selected [communications] that are encrypted using [IPsec] then re-injects the unencrypted [packets] back into [TURMOIL] Stage 1.
[TURMOIL] Stage 1 [applications] process the [packets] into [sessions] and when appropriate forwards the [decrypted|Decryption] content to follow-on processing systems.
The DNC eventing (PPF) components in [TURMOIL] detect all [IKE]/[ISAKMP] and [ESP] packets and queries [KEYCARD] for each unique [IKE] exchange session and each unique [ESP] session to determine if the link should be selected for processing. Selection is based on [IP Address].
Decryption is attempted if either the source or the destination IP address is targeted for decryption in [KEYCARD] (the [KEYCARD] tasking action is labeled "TRANSFORM" so as not to use the term "decrypt"). If KEYCARD returns a hit for an [IKE] packet, then the [IKE] packet is sent to [LONGHAUL] where is is used to recover [keys].
If KEYCARD returns a hit for an [ESP] packet, a key request is sent to [LONGHAUL]. The [IPsec] Security Parameter Index (SP1) correlate s [IKE] sessions with [ESP] sessions. A [LONGHAUL] response message will either return the [key] or indicate that a [key] could not be recovered. If a key is recovered, the [ESP] packets are decrypted and re-injected into [TURMOIL] for further processing.
!! Category
%%category [Government Surveillance]%%
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop