Editing Communications security

{{Short description|Discipline of telecommunications}}
{{Multiple issues|
{{Globalize|article|USA|2name=the United States|date=March 2014}}
{{More citations needed|date=May 2023}}
}}

[[File:SE-227 mit SVZ-B IMG 1400.JPG|thumb|[[AN/PRC-77 Portable Transceiver|PRC-77 VHF radio]] with digital [[voice encryption]] device]]

'''[[Communication protocol|Communications]] security''' is the discipline of preventing unauthorized interceptors from accessing [[telecommunications]]<ref name=":0" /> in an intelligible form, while still delivering content to the intended recipients.

In the [[North Atlantic Treaty Organization]] culture, including United States Department of Defense culture, it is often referred to by the abbreviation '''COMSEC'''.  The field includes cryptographic security, [[Glossary of cryptographic keys|transmission security]], emissions security and [[physical security]] of COMSEC equipment and associated keying material.

COMSEC is used to protect both [[Classified information|classified]] and [[unclassified]] traffic on [[military communications]] networks, including voice, video, and data.  It is used for both analog and digital applications, and both wired and wireless links.

Voice over secure internet protocol [[VOSIP]] has become the de facto standard for securing voice communication, replacing the need for [[Secure Terminal Equipment]] (STE) in much of NATO, including the U.S.A. [[USCENTCOM]] moved entirely to VOSIP in 2008.<ref>USCENTCOM PL 117-02-1.</ref>

== Specialties ==
* '''Cryptographic security''': The component of communications security that results from the provision of technically sound [[cryptography|cryptosystems]] and their proper use.  This includes ensuring message confidentiality and authenticity.
* '''[[Tempest (codename)|Emission security]] (EMSEC)''': The protection resulting from all measures taken to deny unauthorized persons information of value that might be derived from communications systems and cryptographic equipment intercepts and the interception and analysis of compromising emanations from cryptographic equipment, information systems, and telecommunications systems.<ref name=":0">{{cite web |url=http://static.e-publishing.af.mil/production/1/afisra/publication/afisrai33-203/afisrai33-203.pdf |title=AIR FORCE AIR INTELLIGENCE, SURVEILLANCE AND RECONNAISSANCE AGENCY INSTRUCTION 33-203 |date=May 25, 2011 |work=The Air Force ISR Agency Tempest and Emission Security Program |publisher=[[Air Force Intelligence, Surveillance and Reconnaissance Agency]] |archive-url=https://web.archive.org/web/20131020063028/http://static.e-publishing.af.mil/production/1/afisra/publication/afisrai33-203/afisrai33-203.pdf |archive-date=October 20, 2013 |url-status=dead |access-date=October 3, 2015 }}</ref>
* '''[[Transmission security]] (TRANSEC)''': The component of communications security that results from the application of measures designed to protect transmissions from interception and exploitation by means other than [[cryptanalysis]] (e.g. [[frequency hopping]] and [[spread spectrum]]).
* '''Physical security''': The component of communications security that results from all [[physical security|physical measures]] necessary to safeguard classified equipment, material, and documents from [[Access control|access]] thereto or observation thereof by unauthorized persons.

== Related terms ==
* AKMS – the Army Key Management System
* AEK – Algorithmic Encryption Key
* CT3 – Common Tier 3
* CCI – [[Controlled Cryptographic Item]] - equipment which contains COMSEC embedded devices
* ACES – Automated Communications Engineering Software
* DTD – [[AN/CYZ-10|Data Transfer Device]]
* ICOM – Integrated COMSEC, e.g. a radio with built in encryption
* TEK – Traffic [[Encryption]] Key
* TED – Trunk Encryption Device such as the WALBURN/KG family 
* KEK – Key Encryption Key
* KPK – Key production key
* OWK – Over the Wire Key
* OTAR – [[Over the Air Rekeying]]
* LCMS – Local COMSEC Management Software
* [[KYK-13]] – Electronic Transfer Device
* [[KOI-18]] – Tape Reader General Purpose
* KYX-15 – Electronic Transfer Device
* KG-30 – family of COMSEC equipment
* TSEC – Telecommunications Security (sometimes referred to in error transmission security or TRANSEC)
* SOI – [[Signal operating instructions]]
* SKL – [[AN/PYQ-10|Simple Key Loader]]
* TPI – [[Two person integrity]]
* [[STU-III]] – (obsolete secure phone, replaced by STE)
* STE – [[Secure Terminal Equipment]] (secure phone)

Types of COMSEC equipment:
* Crypto equipment: Any equipment that embodies [[cryptographic]] logic or performs one or more cryptographic functions (key generation, encryption, and authentication).
* Crypto-ancillary equipment: Equipment designed specifically to facilitate efficient or reliable operation of crypto-equipment, without performing cryptographic functions itself.<ref>INFOSEC-99</ref>
* Crypto-production equipment: Equipment used to produce or load keying material
* Authentication equipment:

== DoD Electronic Key Management System ==
The [[Electronic Key Management System]] (EKMS) is a [[United States Department of Defense]] (DoD) key management, COMSEC material distribution, and logistics support system. The [[National Security Agency]] (NSA) established the EKMS program to supply electronic key to COMSEC devices in securely and timely manner, and to provide COMSEC managers with an automated system capable of ordering, generation, production, distribution, storage, security accounting, and access control.

The Army's platform in the four-tiered EKMS, AKMS, automates frequency management and COMSEC management operations. It eliminates paper keying material, hardcopy [[Signal operating instructions]] (SOI) and saves the time and resources required for courier distribution. It has 4 components:
* LCMS provides automation for the detailed accounting required for every COMSEC account, and electronic key generation and distribution capability.
* ACES is the [[Spectrum management|frequency management]] portion of AKMS. ACES has been designated by the Military Communications Electronics Board as the joint standard for use by all services in development of frequency management and crypto-net planning.
* CT3 with DTD software is in a fielded, ruggedized hand-held device that handles, views, stores, and loads SOI, Key, and electronic protection data.  DTD provides an improved net-control device to automate crypto-net control operations for communications networks employing electronically keyed COMSEC equipment.
* SKL is a hand-held PDA that handles, views, stores, and loads SOI, Key, and electronic protection data.

== Key Management Infrastructure (KMI) Program ==
KMI is intended to replace the legacy Electronic Key Management System to provide a means for securely ordering, generating, producing, distributing, managing, and auditing cryptographic products (e.g., asymmetric keys, symmetric keys, manual cryptographic systems, and cryptographic applications).<ref>{{cite web|url=https://www.dote.osd.mil/Portals/97/pub/reports/FY2020/dod/2020kmi.pdf |title=FY20 DOD PROGRAMS – Key Management Infrastructure (KMI) | access-date=2023-08-21}}</ref> This system is currently being fielded by Major Commands and variants will be required for non-DoD Agencies with a COMSEC Mission.<ref>{{Cite web |url=http://www.dote.osd.mil/pub/reports/FY2013/pdf/dod/2013kmi.pdf |title=Archived copy |access-date=2016-09-16 |archive-date=2016-09-17 |archive-url=https://web.archive.org/web/20160917081345/http://www.dote.osd.mil/pub/reports/FY2013/pdf/dod/2013kmi.pdf |url-status=dead }}</ref>

== See also ==
* [[Dynamic secrets]]
* [[Electronics technician (United States Navy)]]
* [[Information security]]
* [[Information warfare]]
* [[List of telecommunications encryption terms]]
* [[NSA encryption systems]]
* [[NSA product types]]
* [[Operations security]]
* [[Secure communication]]
* [[Signals intelligence]]
* [[Traffic analysis]]

== References ==
<references />

== External links ==
{{More footnotes needed|date=July 2010}}
* {{FS1037C MS188}}
* [[National Information Systems Security Glossary]]
* {{DODDIC}}
* {{cite web |archive-url=https://web.archive.org/web/20120916173800/http://www.dtic.mil/doctrine/jel/cjcsd/cjcsi/6511_01.pdf |archive-date=September 16, 2012 |url-status=dead |url=http://www.dtic.mil/doctrine/jel/cjcsd/cjcsi/6511_01.pdf |title=INFORMATION SECURITY GUIDELINES FOR THE DEPLOYMENT OF DEPLOYABLE SWITCHED SYSTEMS |date=February 1, 2001 |publisher=Joint Staff}}
* {{cite web|archive-url=https://web.archive.org/web/20090330142550/http://www.gordon.army.mil/sigbde15/Schools/25L/c03lp1.html|archive-date=March 30, 2009|url-status=dead|url=http://www.gordon.army.mil/sigbde15/Schools/25L/c03lp1.html|title=Communications Security (COMSEC) awareness training|date=April 17, 2000|publisher=U.S. ARMY SIGNAL CENTER AND FORT GORDON}}
* https://web.archive.org/web/20121002192433/http://www.dtic.mil/whs/directives/corres/pdf/466002p.pdf 
* {{cite web |archive-url=https://web.archive.org/web/20100930082920/http://peoc3t.monmouth.army.mil/netops/akms.html |archive-date=September 30, 2010 |url-status=dead |url=http://peoc3t.monmouth.army.mil/netops/akms.html |title=Army Key Management Systems (AKMS) |publisher=Project Manager NETOPS Current Force}}
* [http://www.jproc.ca/crypto/menu.html Cryptography machines]

[[Category:Cryptography]]
[[Category:Military communications]]
[[Category:Military radio systems]]
[[Category:Encryption devices]]