What is comsec/crypto?



Yüklə 459 b.
tarix02.11.2017
ölçüsü459 b.
#28322



What is COMSEC/CRYPTO?

  • What is COMSEC/CRYPTO?

  • Devices/CRYPTO

  • Access

  • Safeguarding

  • Reproduction

  • Destruction

  • Reporting Requirements



COMSEC (Communications Security) –

  • COMSEC (Communications Security) –

  • Broad term used to describe the measures and controls taken to deny unauthorized persons information derived from telecommunications and ensure the authenticity of such telecommunications.



CRYPTO – Marking or designator identifying all COMSEC key material used to secure or authenticate classified telecommunications

  • CRYPTO – Marking or designator identifying all COMSEC key material used to secure or authenticate classified telecommunications

  • Key Material – Sequence of random binary digits used to set up, and periodically change, operations performed by crypto equipment to encrypt, decrypt, and authenticate electronic telecommunications

  • (When written in all capital letters, CRYPTO has the meaning defined above. When written in lower case letters it’s an abbreviation for cryptographic)



Handled in 2 separate channels:

  • Handled in 2 separate channels:

  • 1. COMSEC channel – is used to distribute items that are accountable by the COMSEC Custodian to the National Security Agency (NSA)

  • 2. Administrative channels – are used to distribute other COMSEC information and material not accountable by the COMSEC Custodian but rather through the site’s Document Control system

  • When in doubt, contact the COMSEC Custodian



For purposes of this briefing, we’re concerned with the 1st channel: items that are accountable by the COMSEC Custodian to the NSA

  • For purposes of this briefing, we’re concerned with the 1st channel: items that are accountable by the COMSEC Custodian to the NSA

  • These items can be further categorized into:

    • Controlled Cryptographic Items (CCI)
    • Classified devices
    • Cryptographic key material (CRYPTO)


CONTROLLED CRYPTOGRAPHIC ITEM

  • CONTROLLED CRYPTOGRAPHIC ITEM

  • Unclassified cryptographic device

  • Protected as high value property

  • Accountable to NSA

  • Examples:

    • STE
    • Data Transfer Device (DTD)
    • KIV 7


CCI

  • CCI

  • STE

  • Secure point-to point voice/data communications up to Top Secret

  • Unclassified without the Crypto Ignition Key (CIK) or it is zeroized



CCI

  • CCI

  • Data Transfer Device (DTD)

  • Used to store electronic keys then load into crypto equipment

  • Unclassified without key material or CIK



CCI

  • CCI

  • KIV 7

  • Provides secure Line of Site Communications

  • Unclassified without classified keying material loaded into device



Cryptographic key material (CRYPTO)

  • Cryptographic key material (CRYPTO)

  • Unclassified to Top Secret

  • Requires higher degree of protection than other classified

  • Comes in various forms; key tape within plastic canister, floppy disk, electronic, algorithms on paper, PROMS



Key Tape

  • Key Tape

  • Issued by canister

  • Contains multiple segments

  • Each canister unique



The following minimum conditions must be met prior to granting access to CRYPTO:

  • The following minimum conditions must be met prior to granting access to CRYPTO:

    • Final Secret clearance or interim Top Secret
    • Need-to-Know determination
    • Receive Cryptographic Access Briefing from COMSEC Custodian, Alternate, or their written designated representative and input into EPSS


As a condition of access you must acknowledge:

  • As a condition of access you must acknowledge:

  • - that you may be subject to a non-lifestyle, counterintelligence scope polygraph exam only encompassing questions concerning espionage, sabotage, or unauthorized disclosure of classified information

  • -this examination will be administered in accordance with DoD Directive 5210.48 and applicable laws



CRYPTO Storage

  • CRYPTO Storage

  • All CRYPTO must be stored in a GSA approved safe that is either;

    • 1. inside a Closed Area and
    • 2. Under IDS control or covered by guard patrols every 4 hours
  • Do not use lockbar containers for storing CRYPTO



  • Keyed CCI & Classified Hardware Storage Requirements:

  • If being used, must be located in a Closed Area

  • If not being used, must be stored in a GSA safe

  • Storage of unkeyed CCI

  • May be stored like a high value item (e.g. within locked cabinet or storage room) but regularly sighted.

  • For STE, see COMSEC Custodian for briefing



Do NOT:

  • Do NOT:

  • store COMSEC safe combinations electronically (not even on a classified computing system)

  • place CRYPTO on any computer system (not even if the system is approved for it) until you’ve received written permission from the COMSEC Custodian

  • move any COMSEC equipment or CRYPTO (not even temporarily) to another location without the COMSEC Custodian’s prior written permission



Hand Receipt Items

  • Hand Receipt Items

  • Items Hand Receipted to you by the COMSEC Custodian become your personal responsibility and may never be transferred by you to another person or organization

  • To initiate transfer for any of your items, you must contact the COMSEC Custodian

  • Another properly cleared and briefed person may use your items but this does not relieve you of its responsibility



Key Disposition Record

  • Key Disposition Record

  • Completed by users as they load key material to ensure a continuous chain of accountability (Records are classified at least CONFIDENTIAL for CONFIDENTAL key and above. Unclassified key disposition Records are marked Unclassified/FOUO)

  • The following are the only disposition records you might have to use:

  • The COMSEC custodian will provide you with the required disposition form and instructions.



Reproduction of CRYPTO

  • Reproduction of CRYPTO

  • NOT Authorized unless:

    • COMSEC Custodian receives written approval from key material Controlling Authority and
    • COMSEC Custodian provides you written permission
  • Permission does have to formal and in writing from the controlling authority.



Destruction of CRYPTO

  • Destruction of CRYPTO

  • Requires 2 persons both being;

  • 1. appropriately cleared,

    • 2. CRYPTO briefed and
    • 3. knowledgeable of destruction procedures
    • 4. fully trained and knowledgeable on Status messages and usage factors
  • One person performs destruction while the other serves as witness

  • Never sign the record without personally sighting the destruction



  • If you have no approved destruction method available to you, return the superceded key material to the COMSEC Custodian within the 12 hour time frame

  • Failure to do the above may result in a violation



Destruction of key tape segments is authorized by use of the NSA approved disintegrator

  • Destruction of key tape segments is authorized by use of the NSA approved disintegrator



Electronic Key

  • Electronic Key

  • Destruction is done by deleting the key or particular key segment on the DTD and Then Annotating it on Electronic Key Disposition Form



Examples of COMSEC/CRYPTO Violations

  • Examples of COMSEC/CRYPTO Violations

  • COMSEC safe left unsecured

  • Removal of future keying material from its protective packaging

  • Disclosing short title, edition and effective dates of CRYPTO by unsecured means

  • Loss of COMSEC equipment/material

  • Falsification of COMSEC records



Reporting Espionage Attempts

  • Reporting Espionage Attempts

  • Foreign Intelligence Services prize the acquisition of CRYPTO/COMSEC information

  • Extreme measures may be taken to coerce or force persons to divulge CRYPTO/COMSEC info

  • Personal and financial relations with representatives of foreign governments or their interests could make you vulnerable and/or targeted



Why is reporting so important?

  • Why is reporting so important?

  • If COMSEC information or techniques are breached at any point, all classified information protected by the system might be compromised

  • If a security breach is not reported, it may never be detected



Consider for a moment how much traffic passes over that circuit in a week, month, year, or its lifetime and the damage that can cause

  • Consider for a moment how much traffic passes over that circuit in a week, month, year, or its lifetime and the damage that can cause

  • If reported, steps can be taken to lessen an adversaries advantage gained through the compromised information

  • If any incident occurs, contact your COMSEC Custodian immediately







Yüklə 459 b.

Dostları ilə paylaş:




Verilənlər bazası müəlliflik hüququ ilə müdafiə olunur ©muhaz.org 2024
rəhbərliyinə müraciət

gir | qeydiyyatdan keç
    Ana səhifə


yükləyin