User Guide DDOC0199-000-A9
1-Slot Data Transport System (CSfC) 2 - 1 Migration
© 2024 Curtiss-Wright Defense Solutions Revision 1.0
Migration
2.1 Purpose
This section describes the planned migration of the DTS1-CSfC to the DTS1-CSfC+. The following
units are covered:
Legacy Configuration DTS1-CSfC Order Numbers:
VS-DTS1SL-F .....................................................1-Slot Data Transport System (DTS1) Non-DZUS
VS-DTS1SL-FD...........................................................1-Slot Data Transport System (DTS1) DZUS
New Configuration DTS1+CSfC Order Numbers:
VS-DTS1+SL-F .................................................1-Slot Data Transport System (DTS1+) Non-DZUS
VS-DTS1+SL-FD ......................................................1-Slot Data Transport System (DTS1+) DZUS
2.2 Overview
The DTS1 will be replaced by the next generation version, DTS1+. Due to the End Of Life (EOL)
of key components, we will be replacing the DTS1 product with the DTS1+ product. This document
summarizes the major differences between the DTS1 and DTS1+ products.
The DTS1+ is a form / fit / function replacement for the DTS1. However, the Removable Memory
Cartridges (RMC) used in a DTS1 cannot be used in a DTS1+ without reformatting due to the way
the encryption is implemented in the encryption ASIC of the DTS1+. As a result, the DTS1 will not
work in combination with a DTS1+. The encrypt / decrypt functions must be done by the same
product. The RMCs and external cables are not impacted by this announcement, both will work
with the DTS1+. Refer to for a summary of the major differences between legacy and new
configurations.
NOTE
The Pre-Shared Key (PSK) is no longer maintained by Curtiss-Wright, instead, the user must
assign their own PSK in a secure environment upon receipt. To ensure the PSK is protected, the
user will have to perform a seal operation (via the CLI command cmpsk) to mask the PSK.
Legacy to New Configuration Migration
Function
Legacy Configuration New Configuration
VS-DTS1+SL-F/FD
VS-DTS1+SL-F/FD
Operating System CentOS 7
Rocky Linux 8
Updated to address several Defense
Information Systems Agency (DISA)
Security Technical Implementation
Guides (STIG) and identified Common
Vulnerabilities and Exposures (CVE)
Battery Required Not Required
Pre-Shared Key (PSK) Factory supplied PSK / ID User generated PSK / ID
Secure Boot Unsupported Supported
Hardware Full Disk Encryption
(HWFDE) Secondary User
Authentication Token (UAT)
Yes Yes, may be disabled by end-user
HWFDE Algorithm
Data
Encryption Key (
DEK) /
Encrypted
Data Encryption Key
(
EDEK) Length (hex bytes)
HWFDE: Enova X-Wall MX
Algorithm: AES-CBC
Length:64 / 80
HWFDE: Enova X-Wall MX+
Algorithm: AES-XTS
Length:128 / 144
Software Full Disk Encryption
(SWFDE) User Data / Key
Storage
SWFDE: LUKS
User Data: AES-XTS
Key Storage: AES-CBC
SWFDE: LUKS2
User Data: AES-XTS
Key Storage: AES-CBC
To Next Page
Loading...