In the wake of information leaks to Web sites like WikiLeaks, the Department of Defense is instituting a PKI hardware-based authentication system on its classified network, the Secret Internet Protocol Router Network (SIPRNet). To that end, it’s evaluating a new smart card for use as a hardware token.
Barksdale Air Force Base in Louisiana is conducting the evaluation, in conjunction with Air Force Global Strike Command and members from select units and combatant commands, as the DoD’s SIPRNet hardware token Initial Operational Test and Evaluation.
The SIPRNet token is similar to the current common access card (CAC) in that each is a hardware token that is cryptographically tied to one identity, and the card format is an exact duplicate. Like the CAC, the SIPRNet token also contains individual PKI certificates for logging onto the network, authenticating Web sites and enabling secure e-mail.
The SIPRNet token doesn’t outwardly contain any identifying information, such as picture, name, grade or service component. It also differs in that users will only have one constant eight-digit PIN as a password.
At Barksdale AFB, 1,607 SIPRNet tokens have been issued, covering 63% of the base. While there have been some glitches with the program, including two technologies that couldn’t talk to each other, the DoD hopes to keep the program on track for its December 2013 implementation deadline.
The second phase of rollouts will include F.E. Warren Air Force Base in Wyoming and Malmstrom Air Force Base in Montana.