Red/black concept

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search
Red/black box

The red/black concept, sometimes called the red–black architecture[1] or red/black engineering,[2][3] refers to the careful segregation in cryptographic systems of signals that contain sensitive or classified plaintext information (red signals) from those that carry encrypted information, or ciphertext (black signals).

In NSA jargon, encryption devices are often called blackers, because they convert red signals to black. TEMPEST standards spelled out in Tempest/2-95 specify shielding or a minimum physical distance between wires or equipment carrying or processing red and black signals.[4]

Different organizations have differing requirements for the separation of red and black fiber optic cables.

Red/black terminology is also applied to cryptographic keys. Black keys have themselves been encrypted with a "key encryption key" (KEK) and are therefore benign. Red keys are not encrypted and must be treated as highly sensitive material.[5]

See also[edit]


  1. ^ David Kleidermacher. "Bringing Android to military communications devices". 2010.
  2. ^ "MIL-HDBK-232A: Red/black engineering -- installation guidelines". 1988.
  3. ^ "Cabling for Secure Government Networks".
  4. ^ McConnell, J. M. (12 December 1995). "NSTISSAM TEMPEST/2-95". Archived from the original on 2007-04-08. Retrieved 2007-12-02.
  5. ^ Clark, Tom (2003). Designing Storage Area Networks. Addison-Wesley Professional. ISBN 0-321-13650-0.