Presentation is loading. Please wait.

Presentation is loading. Please wait.

CRYPTO Users Briefing.

Published byIrea Edger Modified over 9 years ago

Similar presentations

Presentation on theme: "CRYPTO Users Briefing."— Presentation transcript:

1 CRYPTO Users Briefing

2 OVERVIEW What is COMSEC/CRYPTO? Devices/CRYPTO Access Safeguarding
Reproduction Destruction Reporting Requirements

3 WHAT IS COMSEC? COMSEC (Communications Security) – Broad term used to describe the measures and controls taken to deny unauthorized persons information derived from telecommunications and ensure the authenticity of such telecommunications.

4 WHAT IS CRYPTO? CRYPTO – Marking or designator identifying all COMSEC key material used to secure or authenticate classified telecommunications Key Material – Sequence of random binary digits used to set up, and periodically change, operations performed by crypto equipment to encrypt, decrypt, and authenticate electronic telecommunications (When written in all capital letters, CRYPTO has the meaning defined above. When written in lower case letters it’s an abbreviation for cryptographic)

5 What is COMSEC? Handled in 2 separate channels: 1. COMSEC channel – is used to distribute items that are accountable by the COMSEC Custodian to the National Security Agency (NSA) 2. Administrative channels – are used to distribute other COMSEC information and material not accountable by the COMSEC Custodian but rather through the site’s Document Control system When in doubt, contact the COMSEC Custodian

6 WHAT IS COMSEC? For purposes of this briefing, we’re concerned with the 1st channel: items that are accountable by the COMSEC Custodian to the NSA These items can be further categorized into: Controlled Cryptographic Items (CCI) Classified devices Cryptographic key material (CRYPTO)

7 DEVICES CONTROLLED CRYPTOGRAPHIC ITEM
Unclassified cryptographic device Protected as high value property Accountable to NSA Examples: STE Data Transfer Device (DTD) KIV 7

8 DEVICES CCI STE Secure point-to point voice/data communications up to Top Secret Unclassified without the Crypto Ignition Key (CIK) or it is zeroized

9 DEVICES CCI Data Transfer Device (DTD)
Used to store electronic keys then load into crypto equipment Unclassified without key material or CIK

10 DEVICES CCI KIV 7 Provides secure Line of Site Communications
Unclassified without classified keying material loaded into device

11 CRYPTO Cryptographic key material (CRYPTO) Unclassified to Top Secret
Requires higher degree of protection than other classified Comes in various forms; key tape within plastic canister, floppy disk, electronic, algorithms on paper, PROMS

12 CRYPTO Key Tape Issued by canister Contains multiple segments
Each canister unique

13 ACCESS The following minimum conditions must be met prior to granting access to CRYPTO: Final Secret clearance or interim Top Secret Need-to-Know determination Receive Cryptographic Access Briefing from COMSEC Custodian, Alternate, or their written designated representative and input into EPSS

14 ACCESS As a condition of access you must acknowledge: - that you may be subject to a non-lifestyle, counterintelligence scope polygraph exam only encompassing questions concerning espionage, sabotage, or unauthorized disclosure of classified information -this examination will be administered in accordance with DoD Directive and applicable laws

15 SAFEGUARDING CRYPTO Storage
All CRYPTO must be stored in a GSA approved safe that is either; 1. inside a Closed Area and 2. Under IDS control or covered by guard patrols every 4 hours Do not use lockbar containers for storing CRYPTO

16 SAFEGUARDING Keyed CCI & Classified Hardware Storage Requirements:
If being used, must be located in a Closed Area If not being used, must be stored in a GSA safe Storage of unkeyed CCI May be stored like a high value item (e.g. within locked cabinet or storage room) but regularly sighted. For STE, see COMSEC Custodian for briefing

17 SAFEGUARDING Do NOT: store COMSEC safe combinations electronically (not even on a classified computing system) place CRYPTO on any computer system (not even if the system is approved for it) until you’ve received written permission from the COMSEC Custodian move any COMSEC equipment or CRYPTO (not even temporarily) to another location without the COMSEC Custodian’s prior written permission

18 SAFEGUARDING Hand Receipt Items
Items Hand Receipted to you by the COMSEC Custodian become your personal responsibility and may never be transferred by you to another person or organization To initiate transfer for any of your items, you must contact the COMSEC Custodian Another properly cleared and briefed person may use your items but this does not relieve you of its responsibility

19 SAFEGUARDING Key Disposition Record Completed by users as they load key material to ensure a continuous chain of accountability (Records are classified at least CONFIDENTIAL for CONFIDENTAL key and above. Unclassified key disposition Records are marked Unclassified/FOUO) The following are the only disposition records you might have to use: Electronic Key Disposition Record or Key Tape Disposition Record Electronic Key loader Disposition Forms The COMSEC custodian will provide you with the required disposition form and instructions.

20 REPRODUCTION Reproduction of CRYPTO NOT Authorized unless:
COMSEC Custodian receives written approval from key material Controlling Authority and COMSEC Custodian provides you written permission Permission does have to formal and in writing from the controlling authority.

21 DESTRUCTION Destruction of CRYPTO Requires 2 persons both being;
1. appropriately cleared, 2. CRYPTO briefed and 3. knowledgeable of destruction procedures 4. fully trained and knowledgeable on Status messages and usage factors One person performs destruction while the other serves as witness Never sign the record without personally sighting the destruction

22 DESTRUCTION If you have no approved destruction method available to you, return the superceded key material to the COMSEC Custodian within the 12 hour time frame Failure to do the above may result in a violation

23 DESTRUCTION Destruction of key tape segments is authorized by use of the NSA approved disintegrator

24 DESTRUCTION Electronic Key
Destruction is done by deleting the key or particular key segment on the DTD and Then Annotating it on Electronic Key Disposition Form

25 REPORTING REQUIREMENT
Examples of COMSEC/CRYPTO Violations COMSEC safe left unsecured Removal of future keying material from its protective packaging Disclosing short title, edition and effective dates of CRYPTO by unsecured means Loss of COMSEC equipment/material Falsification of COMSEC records

26 REPORTING REQUIREMENT
Reporting Espionage Attempts Foreign Intelligence Services prize the acquisition of CRYPTO/COMSEC information Extreme measures may be taken to coerce or force persons to divulge CRYPTO/COMSEC info Personal and financial relations with representatives of foreign governments or their interests could make you vulnerable and/or targeted

27 REPORTING REQUIREMENT
Why is reporting so important? If COMSEC information or techniques are breached at any point, all classified information protected by the system might be compromised If a security breach is not reported, it may never be detected

28 REPORTING REQUIREMENT
Consider for a moment how much traffic passes over that circuit in a week, month, year, or its lifetime and the damage that can cause If reported, steps can be taken to lessen an adversaries advantage gained through the compromised information If any incident occurs, contact your COMSEC Custodian immediately

29 CONTACTS

30 QUESTIONS?

Download ppt "CRYPTO Users Briefing."

Similar presentations

Using Matrices in Real Life

Using Matrices in Real Life
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 14-1 Chapter Fourteen Auditing Financing Process: Prepaid Expenses.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 14-1 Chapter Fourteen Auditing Financing Process: Prepaid Expenses.
Chapter 1 The Study of Body Function Image PowerPoint

Chapter 1 The Study of Body Function Image PowerPoint
1 Writing Assessment 2008. 2 The Scope of the Law T.C.A. 49-1-607 states: Any person found not to have followed security guidelines… placed on immediate.

1 Writing Assessment The Scope of the Law T.C.A states: Any person found not to have followed security guidelines… placed on immediate.
1 Balloting/Handling Negative Votes September 11, 2006 ASTM Training Session Bob Morgan Brynn Iwanowski.

1 Balloting/Handling Negative Votes September 11, 2006 ASTM Training Session Bob Morgan Brynn Iwanowski.
1 Balloting/Handling Negative Votes September 22 nd and 24 th, 2009 ASTM Virtual Training Session Christine DeJong Joe Koury.

1 Balloting/Handling Negative Votes September 22 nd and 24 th, 2009 ASTM Virtual Training Session Christine DeJong Joe Koury.
RECORD KEEPING Cooperative Development of Operational

RECORD KEEPING Cooperative Development of Operational
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
HIV Drug Resistance Training

HIV Drug Resistance Training
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13

Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
1 CREATING AN ADMINISTRATIVE DRAW REQUEST (OCC) Complete a Checklist for Administrative Draw Requests (Form 16.08). Draw Requests amount must agree with.

1 CREATING AN ADMINISTRATIVE DRAW REQUEST (OCC) Complete a Checklist for Administrative Draw Requests (Form 16.08). Draw Requests amount must agree with.
Threshold System Presented by Jan Stanley, State Title I Director Office of Assessment and Accountability Fall Title I Directors Conference October 23-25,

Threshold System Presented by Jan Stanley, State Title I Director Office of Assessment and Accountability Fall Title I Directors Conference October 23-25,
1 RWM SBA (Grades 3-9) Science SBA (Grades 4 8, & 10) Test Administrator Duties and Responsibilities.

1 RWM SBA (Grades 3-9) Science SBA (Grades 4 8, & 10) Test Administrator Duties and Responsibilities.
2 HOME DELIVERED MEALS Waiver Workshop Presented by: Regional and Local Services (RLS) Access and Intake /Area Agency on Aging (A&I/AAA) May 27-28, 2009.

2 HOME DELIVERED MEALS Waiver Workshop Presented by: Regional and Local Services (RLS) Access and Intake /Area Agency on Aging (A&I/AAA) May 27-28, 2009.
FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.

FACTORING ax2 + bx + c Think “unfoil” Work down, Show all steps.
Accounting and Financial Reporting

Accounting and Financial Reporting
1 Term 2, 2004, Lecture 9, Distributed DatabasesMarian Ursu, Department of Computing, Goldsmiths College Distributed databases 3.

1 Term 2, 2004, Lecture 9, Distributed DatabasesMarian Ursu, Department of Computing, Goldsmiths College Distributed databases 3.
So far Binary numbers Logic gates Digital circuits process data using gates – Half and full adder Data storage – Electronic memory – Magnetic memory –

So far Binary numbers Logic gates Digital circuits process data using gates – Half and full adder Data storage – Electronic memory – Magnetic memory –
Rowland Unified School District (Slides from ETS) CAHSEE 2013-2014 Test Site Coordinator Information.

Rowland Unified School District (Slides from ETS) CAHSEE Test Site Coordinator Information.

Similar presentations

Ads by Google