Communications security

Specialties

• Cryptographic security: The component of communications security that results from the provision of technically sound cryptosystems and their proper use. This includes ensuring message confidentiality and authenticity.
• Emission security (EMSEC): The protection resulting from all measures taken to deny unauthorized persons information of value that might be derived from communications systems and cryptographic equipment intercepts and the interception and analysis of compromising emanations from cryptographic equipment, information systems, and telecommunications systems.
• Transmission security (TRANSEC): The component of communications security that results from the application of measures designed to protect transmissions from interception and exploitation by means other than cryptanalysis (e.g. frequency hopping and spread spectrum).
• Physical security: The component of communications security that results from all physical measures necessary to safeguard classified equipment, material, and documents from access thereto or observation thereof by unauthorized persons.

Related terms

• ACES – Automated Communications Engineering Software
• AEK – Algorithmic Encryption Key
• AKMS – the Army Key Management System
• CCI – Controlled Cryptographic Item - equipment which contains COMSEC embedded devices
• CT3 – Common Tier 3
• DTD – Data Transfer Device
• ICOM – Integrated COMSEC, e.g. a radio with built in encryption
• KEK – Key Encryption Key
• KG-30 – family of COMSEC equipment
• KOI-18 – Tape Reader General Purpose
• KPK – Key production key
• KYK-13 – Electronic Transfer Device
• KYX-15 – Electronic Transfer Device
• LCMS – Local COMSEC Management Software
• OTAR – Over the Air Rekeying
• OWK – Over the Wire Key
• SKL – Simple Key Loader
• SOI – Signal operating instructions
• STE – Secure Terminal Equipment (secure phone)
• STU-III – (obsolete secure phone, replaced by STE)
• TED – Trunk Encryption Device such as the WALBURN/KG family
• TEK – Traffic Encryption Key
• TPI – Two person integrity
• TSEC – Telecommunications Security (sometimes referred to in error transmission security or TRANSEC) Types of COMSEC equipment:
• Authentication equipment
• Crypto equipment: Any equipment that embodies cryptographic logic or performs one or more cryptographic functions (key generation, encryption, and authentication).
• Crypto-ancillary equipment: Equipment designed specifically to facilitate efficient or reliable operation of crypto-equipment, without performing cryptographic functions itself.
• Crypto-production equipment: Equipment used to produce or load keying material

DoD Electronic Key Management System

The Electronic Key Management System (EKMS) is a United States Department of Defense (DoD) key management, COMSEC material distribution, and logistics support system. The National Security Agency (NSA) established the EKMS program to supply electronic key to COMSEC devices in securely and timely manner, and to provide COMSEC managers with an automated system capable of ordering, generation, production, distribution, storage, security accounting, and access control.

The Army's platform in the four-tiered EKMS, AKMS, automates frequency management and COMSEC management operations. It eliminates paper keying material, hardcopy Signal operating instructions (SOI) and saves the time and resources required for courier distribution. It has 4 components:

• LCMS provides automation for the detailed accounting required for every COMSEC account, and electronic key generation and distribution capability.
• ACES is the frequency management portion of AKMS. ACES has been designated by the Military Communications Electronics Board as the joint standard for use by all services in development of frequency management and crypto-net planning.
• CT3 with DTD software is in a fielded, ruggedized hand-held device that handles, views, stores, and loads SOI, Key, and electronic protection data. DTD provides an improved net-control device to automate crypto-net control operations for communications networks employing electronically keyed COMSEC equipment.
• SKL is a hand-held PDA that handles, views, stores, and loads SOI, Key, and electronic protection data.

Key Management Infrastructure (KMI) Program

KMI is intended to replace the legacy Electronic Key Management System to provide a means for securely ordering, generating, producing, distributing, managing, and auditing cryptographic products (e.g., asymmetric keys, symmetric keys, manual cryptographic systems, and cryptographic applications). This system is currently being fielded by Major Commands and variants will be required for non-DoD Agencies with a COMSEC Mission.

References

References

1. USCENTCOM PL 117-02-1.
2. (May 25, 2011). "AIR FORCE AIR INTELLIGENCE, SURVEILLANCE AND RECONNAISSANCE AGENCY INSTRUCTION 33-203". [[Air Force Intelligence, Surveillance and Reconnaissance Agency]].
3. INFOSEC-99
4. "FY20 DOD PROGRAMS – Key Management Infrastructure (KMI)".
5. "Archived copy".