Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients.
The Speech Security Equipment (VINSON), TSEC/KY-57, is a portable, tactical cryptographic device in the VINSON family, designed to provide voice encryption for a range of military communication devices such as radio or telephone.
Key management refers to management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, crypto-shredding (destruction) and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.
STU-III is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user. When a call is placed to another STU-III unit that is properly set up, one caller can ask the other to initiate secure transmission. They then press a button on their telephones and, after a 15-second delay, their call is encrypted to prevent eavesdropping. There are portable and militarized versions and most STU-IIIs contained an internal modem and RS-232 port for data and fax transmission. Vendors were AT&T, RCA and Motorola.
Fortezza is an information security system that uses the Fortezza Crypto Card, a PC Card-based security token. It was developed for the U.S. government's Clipper chip project and has been used by the U.S. Government in various applications.
The National Security Agency took over responsibility for all U.S. Government encryption systems when it was formed in 1952. The technical details of most NSA-approved systems are still classified, but much more about its early systems have become known and its most modern systems share at least some features with commercial products.
The Electronic Key Management System (EKMS) is a United States National Security Agency led program responsible for Communications Security (COMSEC) key management, accounting, and distribution. Specifically, EKMS generates and distributes electronic key material for all NSA encryption system whose keys are loaded using standard fill devices, and directs the distribution of NSA produced key material. Additionally, EKMS performs account registration, privilege management, ordering, distribution, and accounting to direct the management and distribution of physical COMSEC material for the services. The common EKMS components and standards facilitate interoperability and commonality among the armed services and civilian agencies.
The AN/CYZ-10 Data Transfer Device, often called a Filler, Crazy 10, ANCD or DTD, is a United States National Security Agency-developed, portable, hand-held fill device, for securely receiving, storing, and transferring data between compatible cryptographic and communications equipment. It is capable of storing 1,000 keys, maintains an automatic internal audit trail of all security-relevant events that can be uploaded to the LMD/KP, encrypts key for storage, and is programmable. The DTD is capable of keying multiple information systems security (INFOSEC) devices and is compatible with such COMSEC equipment as Single Channel Ground and Airborne Radio System (SINCGARS) radios, KY-57 VINSON, KG-84, and others that are keyed by common fill devices (CFDs). The AN/CYZ-10 supports both the DS-101 and DS-102 interfaces.
The KOV-14 Fortezza Plus is a US National Security Agency-approved PC card which provides encryption functions and key storage to the Secure Terminal Equipment and other devices. It is a tamper-resistant module based on the Mykotronx Krypton chip, including all of the cryptographic functionality of the original Fortezza card plus the Type 1 algorithms/protocols BATON and Firefly, the SDNS signature algorithm, and the STU-III protocol. It was developed by Mykotronx as part of the NSA's MISSI program. As of 2008, the KOV-14 is beginning to be phased out and replaced by the backwards compatible KSV-21 PC card.
This glossary lists types of keys as the term is used in cryptography, as opposed to door locks. Terms that are primarily used by the U.S. National Security Agency are marked (NSA). For classification of keys according to their usage see cryptographic key types.
The Microsoft Windows platform specific Cryptographic Application Programming Interface is an application programming interface included with Microsoft Windows operating systems that provides services to enable developers to secure Windows-based applications using cryptography. It is a set of dynamically linked libraries that provides an abstraction layer which isolates programmers from the code used to encrypt the data. The Crypto API was first introduced in Windows NT 4.0 and enhanced in subsequent versions.
A hardware security module (HSM) is a physical computing device that safeguards and manages digital keys, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.
The KYK-13 Electronic Transfer Device is a common fill device designed by the United States National Security Agency for the transfer and loading of cryptographic keys with their corresponding check word. The KYK-13 is battery powered and uses the DS-102 protocol for key transfer. Its National Stock Number is 5810-01-026-9618.p
A High Assurance Internet Protocol Encryptor (HAIPE) is a Type 1 encryption device that complies with the National Security Agency's HAIPE IS. The cryptography used is Suite A and Suite B, also specified by the NSA as part of the Cryptographic Modernization Program. HAIPE IS is based on IPsec with additional restrictions and enhancements. One of these enhancements includes the ability to encrypt multicast data using a "preplaced key". This requires loading the same key on all HAIPE devices that will participate in the multicast session in advance of data transmission. A HAIPE is typically a secure gateway that allows two enclaves to exchange data over an untrusted or lower-classification network.
A fill device or key loader is a module used to load cryptographic keys into electronic encryption machines. Fill devices are usually hand held and electronic ones are battery operated.
The KIK-20 Secure DTD2000 System (SDS) is a key fill device developed by Sypris Electronics, Florida, US, under the auspices of the U.S. National Security Agency. It, along with the AN/PYQ-10, is intended to eventually replace the AN/CYZ-10 key fill device, along with older units still in service, and can support a wide variety of cryptographic devices and key types.
The AN/PRC-152 Multiband Handheld Radio is a portable, compact, tactical software-defined combat-net radio manufactured by Harris Corporation. It is compliant without waivers to the Joint Tactical Radio System (JTRS) Software Communications Architecture (SCA). It has received NSA certification for the transmission of Top Secret data.
The AN/PRC-117 Multiband Manpack Radio, or Multiband Multi Mission Radio (MBMMR), is a man-portable, tactical software-defined combat-net radio, manufactured by Harris Corporation, in two different version:
The KIK-30 "Really Simple Key loader" (RASKL) is a fill device made by Sypris Electronics and approved by the US National Security Agency for the distribution of NSA Type 1 cryptographic keys. It can also store and transfer related communications security material, including control data for frequency hopping radios, such as SINCGARS and Have Quick. It can store up to 40 cryptographic keys and has male and female U-229 connectors for the NSA DS-101 and 102 fill protocol, allowing it to be plugged into most other NSA fill devices and EKMS equipment. It is 6.14 inches long, weighs less than one pound and is powered by four AAA batteries. The operator interface has an 8 line of 20 characters and 6 buttons, with what Sypris calls "1-button key squirt" and 2-button zeroize.
NESTOR was a family of compatible, tactical, wideband secure voice systems developed by the U.S. National Security Agency and widely deployed during the Vietnam War through the late Cold War period of the 1980s. NESTOR consists of three systems. The KY-8 was used in vehicular and afloat applications; the KY-28 was the airborne version: and the KY-38 was the portable or man-pack model. About 30,000 NESTOR equipments were produced prior to their replacement by the VINSON secure voice family.
