EKMS
Encyclopedia
The Electronic Key Management System (EKMS) system is a United States National Security Agency
led program responsible for Communications Security (COMSEC) key management
, accounting and distribution. Specifically, EKMS generates and distributes electronic key
material for all NSA encryption systems
whose keys are loaded using standard fill devices, and directs the distribution of NSA produced key material. Additionally, EKMS performs account registration, privilege management, ordering, distribution and accounting to direct the management and distribution of physical COMSEC material for the services. The common EKMS components and standards facilitate interoperability and commonality among the armed services and civilian agencies.
The need for joint interoperability led to the Defense Reorganization Act of 1986, under which the Joint Chiefs of Staff
(JCS) tasked NSA, the Defense Information Systems Agency (DISA
), and the Joint Tactical Command, Control and Communications Agency (JTC3A) to develop a Key Management Goal Architecture (KMGA). Subsequent difficulties in coordinating COMSEC distribution and support during joint military operations, e.g., Desert Storm, Urgent Fury
, and Operation Just Cause, have further emphasized the need for a system capable of interoperability between the Services.
), STE
, FNBDT, Iridium, Secure Data Network System (SDNS), and other electronic key are managed from an underground building in Finksburg, Maryland
which is capable of the following:
The CF talks to other EKMS elements through a variety of media, communication devices, and networks, either through direct distance dialing using STU-III
(data mode) or dedicated link access using KG-84
s. During the transition to full electronic key, the 3.5-inch floppy disk and 9-track magnetic tape are also supported. A common user interface, the TCP/IP-based message service, is the primary method of communication with the CF. The message service permits EKMS elements to store EKMS messages that include electronic key for later retrieval by another EKMS element.
in San Diego.
EKMS Tier 2, the Local Management Device (LMD), is composed of a commercial off-the-shelf (COTS) personal computer
(PC) running the Santa Cruz Operation's SCO UNIX
operating system, and an NSA KOK-22A Key Processor (KP). The KP is a trusted
component of EKMS. It performs cryptographic functions, including encryption
and decryption functions for the account, as well as key generation, and electronic signature operations. The KP is capable of secure field generation of traditional key. Locally generated key can be employed in cryptonet communications, transmission security (TRANSEC) applications, point-to-point circuits, and virtually anywhere that paper-based keys were used. Electronic keys can be downloaded directly to a fill device
, such as the KYK-13
, KYX-15, or the more modern AN/CYZ-10
Data Transfer Device (DTD) for further transfer (or fill) into the end cryptographic unit.
Condensed from http://infosec.navy.mil and other US Government sites.
, and all other means used to fill key to End Cryptographic Units (ECUs); hard copy material holdings only; and STU-III/STE material only using Key Management Entities (KMEs) (i.e., Local Elements (LEs)). Unlike LMD/KP Tier 2 accounts, Tier 3 using entities never receive electronic key directly from a COR or Tier 0.
National Security Agency
The National Security Agency/Central Security Service is a cryptologic intelligence agency of the United States Department of Defense responsible for the collection and analysis of foreign communications and foreign signals intelligence, as well as protecting U.S...
led program responsible for Communications Security (COMSEC) key management
Key management
Key management is the provisions made in a cryptography system design that are related to generation, exchange, storage, safeguarding, use, vetting, and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.Key management concerns...
, accounting and distribution. Specifically, EKMS generates and distributes electronic key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
material for all NSA encryption systems
NSA encryption systems
The National Security Agency took over responsibility for all U.S. Government encryption systems when it was formed in 1952. The technical details of most NSA-approved systems are still classified, but much more about its early systems has become known and its most modern systems share at least...
whose keys are loaded using standard fill devices, and directs the distribution of NSA produced key material. Additionally, EKMS performs account registration, privilege management, ordering, distribution and accounting to direct the management and distribution of physical COMSEC material for the services. The common EKMS components and standards facilitate interoperability and commonality among the armed services and civilian agencies.
Reasons for development
The primary reason for the development of EKMS centers on the security and logistics problems that plagued the COMSEC Material Control System (CMCS), which replaced the Registered Publications System (RPS) in the 1970s. The CMCS was a very labor-intensive operation that had been stretched to capacity. The most serious, immediate concern was the human threat associated with access to and exploitation of paper key throughout its life cycle. The disclosure of the Walker spy ring was clear justification of this concern. Although eliminating the majority of paper key will greatly reduce this human threat, the long-term goal of EKMS to minimize human access to key will not be realized until benign fill key is fully implemented. Benign fill permits the encrypted distribution of electronic keying material directly to the COMSEC device without human access to the key itself.The need for joint interoperability led to the Defense Reorganization Act of 1986, under which the Joint Chiefs of Staff
Joint Chiefs of Staff
The Joint Chiefs of Staff is a body of senior uniformed leaders in the United States Department of Defense who advise the Secretary of Defense, the Homeland Security Council, the National Security Council and the President on military matters...
(JCS) tasked NSA, the Defense Information Systems Agency (DISA
Disa
Disa is the heroine of a Swedish legendary saga, which was documented by Olaus Magnus, in 1555. It is believed to be from the Middle Ages, but includes Old Norse themes....
), and the Joint Tactical Command, Control and Communications Agency (JTC3A) to develop a Key Management Goal Architecture (KMGA). Subsequent difficulties in coordinating COMSEC distribution and support during joint military operations, e.g., Desert Storm, Urgent Fury
Invasion of Grenada
The Invasion of Grenada, codenamed Operation Urgent Fury, was a 1983 United States-led invasion of Grenada, a Caribbean island nation with a population of about 100,000 located north of Venezuela. Triggered by a military coup which had ousted a four-year revolutionary government, the invasion...
, and Operation Just Cause, have further emphasized the need for a system capable of interoperability between the Services.
Central facility
EKMS starts with the Central Facility (CF), run by NSA, which provides a broad range of capabilities to the Services and other government agencies. The CF, also referred to as Tier 0, is the foundation of EKMS. Traditional paper-based key, and key for Secure Telephone Unit - Third Generation (STU-IIISTU-III
STU-III is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user...
), STE
Secure Terminal Equipment
Secure Terminal Equipment is the U.S. Government's current , encrypted telephone communications system for wired or "landline" communications. STE is designed to use ISDN telephone lines which offer higher speeds of up to 128k bits per second and are all digital...
, FNBDT, Iridium, Secure Data Network System (SDNS), and other electronic key are managed from an underground building in Finksburg, Maryland
Finksburg, Maryland
Finksburg is an unincorporated community in Carroll County, Maryland, United States. It is the location of the National Security Agency's EKMS Central Facility. Finksburg is located at the intersection of Maryland Route 91 and Maryland Route 140, on the border of Carroll and Baltimore counties...
which is capable of the following:
- processing orders for both physical and electronic key
- electronically generating and distributing key
- generating key material for FIREFLYFireflyLampyridae is a family of insects in the beetle order Coleoptera. They are winged beetles, and commonly called fireflies or lightning bugs for their conspicuous crepuscular use of bioluminescence to attract mates or prey. Fireflies produce a "cold light", with no infrared or ultraviolet frequencies...
(an NSA algorithm based on public key cryptography) - performing seed conversion and rekey
- maintaining compromise recovery and management of FIREFLY material
- support for over-the-air rekeying (OTAR)
The CF talks to other EKMS elements through a variety of media, communication devices, and networks, either through direct distance dialing using STU-III
STU-III
STU-III is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user...
(data mode) or dedicated link access using KG-84
KG-84
The KG-84A and KG-84C are encryption devices developed by the U.S. National Security Agency to ensure secure transmission of digital data. The KG-84C is a Dedicated Loop Encryption Device , and both devices are General-Purpose Telegraph Encryption Equipment...
s. During the transition to full electronic key, the 3.5-inch floppy disk and 9-track magnetic tape are also supported. A common user interface, the TCP/IP-based message service, is the primary method of communication with the CF. The message service permits EKMS elements to store EKMS messages that include electronic key for later retrieval by another EKMS element.
Tier 1
Under CMCS, each service maintained a central office of record (COR) that performed basic key and COMSEC management functions, such as key ordering, distribution, inventory control, etc. Under EKMS, each service operates its own key management system using EKMS Tier 1 software that supports physical and electronic key distribution, traditional electronic key generation, management of material distribution, ordering, and other related accounting and COR functions. Common Tier 1 is based on the U.S. Navy's key distribution system (NKDS) software developed by the Naval Research Laboratory and further developed by SAICScience Applications International Corporation
SAIC is a FORTUNE 500 scientific, engineering and technology applications company headquartered in the United States with numerous federal, state, and private sector clients...
in San Diego.
Tier 2
Personal computer
A personal computer is any general-purpose computer whose size, capabilities, and original sales price make it useful for individuals, and which is intended to be operated directly by an end-user with no intervening computer operator...
(PC) running the Santa Cruz Operation's SCO UNIX
Unix
Unix is a multitasking, multi-user computer operating system originally developed in 1969 by a group of AT&T employees at Bell Labs, including Ken Thompson, Dennis Ritchie, Brian Kernighan, Douglas McIlroy, and Joe Ossanna...
operating system, and an NSA KOK-22A Key Processor (KP). The KP is a trusted
Trusted system
In the security engineering subspecialty of computer science, a trusted system is a system that is relied upon to a specified extent to enforce a specified security policy...
component of EKMS. It performs cryptographic functions, including encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
and decryption functions for the account, as well as key generation, and electronic signature operations. The KP is capable of secure field generation of traditional key. Locally generated key can be employed in cryptonet communications, transmission security (TRANSEC) applications, point-to-point circuits, and virtually anywhere that paper-based keys were used. Electronic keys can be downloaded directly to a fill device
Fill device
A fill device is an electronic module used to load cryptographic keys into electronic encryption machines. Fill devices are usually hand held and battery operated....
, such as the KYK-13
KYK-13
The KYK-13 Electronic Transfer Device is a common fill device designed by the United States National Security Agency for the transfer and loading of cryptographic keys with their corresponding check word....
, KYX-15, or the more modern AN/CYZ-10
AN/CYZ-10
The AN/CYZ-10 Data Transfer Device, often called a Filler, Crazy 10, ANCD or DTD, is a United States National Security Agency-developed, portable, hand-held fill device, for securely receiving, storing, and transferring data between compatible cryptographic and communications equipment...
Data Transfer Device (DTD) for further transfer (or fill) into the end cryptographic unit.
Condensed from http://infosec.navy.mil and other US Government sites.
Tier 3
The lowest tier or layer of the EKMS architecture which includes the AN/CYZ-10 (Data Transfer Device (DTD), the SKL (Simple Key Loader) AN/PYQ-10AN/PYQ-10
The AN/PYQ-10 Simple Key Loader is a ruggedized, portable, hand-held fill device, for securely receiving, storing, and transferring data between compatible cryptographic and communications equipment...
, and all other means used to fill key to End Cryptographic Units (ECUs); hard copy material holdings only; and STU-III/STE material only using Key Management Entities (KMEs) (i.e., Local Elements (LEs)). Unlike LMD/KP Tier 2 accounts, Tier 3 using entities never receive electronic key directly from a COR or Tier 0.