DSD 72A-SP Bulk Data Encryption

DSD 72A-SP Military Data Bulk Encryption Appliance

Strategic-Level Military Bulk Data Encryption

Protecting Military/Government Data Communications

The DSD 72A-SP military bulk encryption system provides strategic-level cryptographic security for data signals in demanding environments. Critical applications such as missile control and firing units; broadband data networks; command, control, communications, computer and intelligence networks (C4I); and many others are protected today by the DSD 72A-SP.


  • Strategic-level data protection
  • TCC SNARK or another custom-defined national algorithm
  • Demonstrated cryptographic strength
  • Proven reliability in demanding, harsh environments
  • Support for multiple electrical interfaces and link protocols
  • Ease of management with automated key selection, centralized (or peer to peer) device management and autonomous operation

Military/Government Secure Data Communications

Securing full-duplex data links at rates from 64Kbps to 34.368Mbps and higher, the DSD 72A-SP military bulk data encryption system reliably delivers strategic-level security in very demanding environments. DSD 72A-SP units are in service around the world, being used in various critical data applications, including:

  • Strategic communications backbone
  • Tactical C4I data links
  • Missile defense networks
  • Air defense fire unit systems


Modular, Adaptable Design

Generally viewed as one of the most versatile encryption products in the world, the DSD 72A-SP has been deployed with a variety of different encryption algorithms and a broad range of standards-based interface configurations. The units are trusted for their cryptographic strength. TCC continuously evolves and advances the DSD 72A-SP to meet current-day customer requirements.

Customized Algorithms

In addition to the baseline SNARK cryptographic algorithm, the DSD 72A-SP's highly adaptable, modular architecture promotes efficient development and validation of customized national algorithms. Customized algorithms are cooperatively-developed by a joint team of cryptographic experts from both the end-customer and TCC. The DSD 72A-SP's cryptographic hardware architecture incorporates flexible field programmable gate arrays, supporting efficient implementations of data encryption algorithms.

Proven, Highly Reliable Design

The DSD 72A-SP has been designed for, and tested to operate in harsh environmental conditions. The DSD 72A-SP has a long history of demonstrated reliability with over 2,200 units deployed worldwide. Tested to meet and exceed stringent MIL-STD-810 environmental requirements, it seamlessly integrates into tactical mobile shelters, missile launch platforms, and fixed communications facilities. With two supported cryptographic synchronization modes, long cycle and cipher feedback, the DSD 72A-SP stays online in high-link error and jamming environments.

Operational Simplicity and Key Management

The DSD 72A-SP's simple device operation and automated key management streamline network operations. An installed DSD 72A-SP can operate autonomously on a data network for many months or years with no maintenance or operator action required. Using a large local key storage are (battery-backed memory) along with automated key changes, crypto support personnel typically perform key load operations at most once a year.

SNARK-based DSD 72A-SP units' primary keys are generated and loaded into the SmartModule key fill device using the Crypto Management System (CMS-72A). The CMS-72A uses an anti-tamper protected Security Vault to generate and store local keys (traffic encrypting keys). The local keys are encrypted and securely stored in a SmartModule key fill device for distribution to the target DSD 72A-SP device. The CMS-72A supports black key distribution, securing the local keys from compromise during transport in SmartModule key fill devices. The CMS' authenticated user interface provides differentiation of role-based privileges, minimizing the exposure of sensitive key material.

Technical Specifications


 SNARK non-linear key stream generator (standard)

  • 128-bit traffic encryption key
    • Dual keybanks (400 keys each x 2 = 800 keys total)
  • Supported crypto synchronization modes:
    • Long cycle (64-bit IV) mode
    • Cipher feedback mode (self-synchronizing)

 National algorithm(s)

  • Co-developed by customer and TCC cryptographers
  • Traffic key lengths: customer specified (≥ 128-bits)
  • Algorithm operational mode: customer specified
  • Supported synchronization mode(s): customer specified

Key Management

 Manually distributed secret key

  • Key fill devices (Black Key)

 Crypto Management System (CMS)

  • Vault-based local key generation and key storage
  • Key fill device service port

Key Management
(Baseline SNARK implementation)

 Key fill device: SmartModule-64K

  • Holds one (or both) Keybank(s) of local keys

 Manually distributed secret key

  • Local keys: 120-bits each (times 800 keys per device)
  • Network key: 8-bits

  Black key distribution

  • Encrypted keys stored in SmartModule key fill device

Device Management (CMS-72A)

 Remote device management (via RS-232/Centralized CMS) 

 IP network-based device management, optional (via IP over Ethernet)

 Local unit device management (via front panel menus or via pre-configured SmartModule)

Full Duplex
Interface Options
(unit configuration

 G.703 CEPT E3 (E31) (34.368Mbps) Bulk, Single Rate

 G.703 CEPT E2 (E22) (8.448Mbps) Bulk, Single Rate

 G.703 CEPT E1 (E12) (2.048Mbps) Bulk, Single Rate

 ANSI T1 (E11) (1.544Mbps) Bulk, Single Rate

 EIA-422 (64kbps – 8.192Mbps; 8.448Mbps) Bulk

 TRITAC (256; 288; 512; 576; 1,024; 1,152; 2,048; 2,304kbps)

 ATACS (256; 512; 1,024kbps) Bulk

 D/1 (Mux) – ATACS (Radio) (256; 512; 1,024kbps) Bulk

 Eurocom D/1 (256; 512; 1,024; 2,048kbps) Bulk; Autobaud

 Triple Interface (selectable Eurocom D/1; CEPT E1; & CEPT E2)

Environmental and EMI

 Operational temperature: -20ºC to +70ºC

 Storage temperature: -40ºC to +85ºC

 Humidity: 95% (240-hours) MIL-STD-810 Meth 507.2; Proc III

 Rain: MIL-STD-810 Method 506.2; Proc I

 Transit Drop: MIL-STD-810 Method 516

 Shock: MIL-STD-810 Method 516.3; Proc I

 Vibration: MIL-STD-810 Method 514.3; Proc I

 Altitude: MIL-STD-810 Method 500.2; Proc II

 EMI: MIL-STD-461A – CS02; CS06; RS03

Network Compatibility

 Supports Multiple Interfaces & Protocols:

  • ANSI T1
  • Eurocom D/1 Multi-rate
  • E1; E2; Eurocom D/1 ‘Triple Interface’
  • ATACS Multi-rate
  • D/1 – ATACS Hybrid, Multi-rate
  • TIA-/EIA-422 Multi-rate
  • TRITAC Multi-rate

 Size and Weight

 15.3cm high / 43.2cm wide / 35.6cm deep

 11.4kg (25lbs) maximum

Primary Power

 High reliability internal power supply options

  • AC-option:
  • 85V to 264VAC Universal / 47 – 440Hz
  • DC-option:
  • 24VDC or 48VDC ± 20%
  • Power consumption:
  • 20-Watts (maximum)


 Key/Lock Access Controls

  • Medeco™ Case Lock (with Anti-Tamper Key Erase)
  • Medeco Lock actuated Menu Access control

 Standard 19" rack mountable

 Comprehensive built-in-test capability


TCC is dedicated to quality products and services. TCC is ISO 9001 certified. ISO 9001, granted to TCC by TUV, is the most stringent standard available for total quality systems in design/development, production, installation and servicing.

Cipher One

CipherONE® Optimized Network Encryption

Our solutions meet TCC's CipherONE Optimized Network Encryption best-in-class criteria for maximum cryptographic strength, and are optimized for performance and ease of use for our customers.

Read More