Crypto Ignition Key on:
[Wikipedia]
[Google]
[Amazon]
The KSD-64 Crypto Ignition Key (CIK) is an A 30-Year Run for the Parallel Key Line
Datakey, December 4, 2014
The CIK is a small device which can be loaded with a 128·bit sequence which is different for each user. When the device is removed from the machine, that sequence is automatically added (mod 2) to the unique key in the machine, thus leaving it stored in encrypted form. When it is reattached, the unique key in the machine is decrypted, and it is now ready to operate in the normal way. The analogy with an automobile ignition key is close, thus the name. If the key is lost, the user is still safe unless the finder or thief can match it with the user's machine. In case of loss, the user gets a new CIK, effectively changing the lock in the cipher machine, and gets back in business.
The ignition key sequence can be provided in several ways. In the first crypto-equipment to use the idea (the KY-70), the CIK is loaded with its sequence at NSA and supplied to each user like any other item of keying material. Follow-on application (as in the STU-II) use an even more clever scheme. The CIK device is simply an empty register which can be supplied with its unique sequence from the randomizer function of the parent machine itself. Not only that, each time the device is removed and re-inserted, it gets a brand new sequence. The effect of this procedure is to provide high protection against the covert compromise of the CIK wherein a thief acquires the device, copies it, and replaces it unknown to its owner. The next morning (say), when the user inserts the device, it will receive a new sequence and the old copied one will be useless thereafter. If the thief has gotten to his machine during the night, he may be able to act into the net; but when the user attempts to start up in the morning the thief's device will no longer work, thus flagging the fact that penetration has occurred.
This concept appears particularly attractive in office environments where physical structures and guarding arrangements will not be sufficiently rigorous to assure that crypto-equipments cannot be accessed by unauthorized people.https://www.governmentattic.org/18docs/Hist_US_COMSEC_Boak_NSA_1973u.pdf A History of U.S. Communications Security; the David G. Boak Lectures, National Security Agency (NSA), Volumes II 1981, partially released 2008, additional portions declassified October 14, 2015, p.15
Encryption device accessories Key management National Security Agency encryption devices {{crypto-stub
NSA
The National Security Agency (NSA) is a national-level intelligence agency of the United States Department of Defense, under the authority of the Director of National Intelligence (DNI). The NSA is responsible for global monitoring, collectio ...
-developed EEPROM
EEPROM (also called E2PROM) stands for electrically erasable programmable read-only memory and is a type of non-volatile memory used in computers, usually integrated in microcontrollers such as smart cards and remote keyless systems, or as ...
chip packed in a plastic case that looks like a toy key
Key or The Key may refer to:
Common meanings
* Key (cryptography), a piece of information that controls the operation of a cryptography algorithm
* Key (lock), device used to control access to places or facilities restricted by a lock
* Key (ma ...
. The model number is due to its storage capacity — 64 kibibits (65,536bits, or 8 KiB), enough to store multiple encryption keys. Most frequently it was used in key-splitting applications: either the encryption device or the KSD-64 alone is worthless, but together they can be used to make encrypted connections. It was also used alone as a fill device
A fill device or key loader is a module used to load cryptographic keys into electronic encryption machines. Fill devices are usually hand held and electronic ones are battery operated.
Older mechanical encryption systems, such as rotor machi ...
for transfer of key material, as for the initial seed key loading of an STU-III
STU-III (Secure Telephone Unit - third generation) is a family of secure telephones introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephone ...
secure phone.
Newer systems, such as the Secure Terminal Equipment
Secure Terminal Equipment (STE) is the U.S. government's current (), encrypted telephone communications system for wired or "landline" communications. STE is designed to use ISDN telephone lines which offer higher speeds of up to 128 kbit/s ...
, use the Fortezza
Fortezza is an information security system that uses the Fortezza Crypto Card, a PC Card-based security token. It was developed for the U.S. government's Clipper chip project and has been used by the U.S. Government in various applications.
Ea ...
PC card as a security token
A security token is a peripheral device used to gain access to an electronically restricted resource. The token is used in addition to or in place of a password. It acts like an electronic key to access something. Examples of security tokens incl ...
instead of the KSD-64. The KSD-64 was withdrawn from the market in 2014. Over one million were produced in its 30-year life.Datakey, December 4, 2014
Operation
The CIK is a small device which can be loaded with a 128·bit sequence which is different for each user. When the device is removed from the machine, that sequence is automatically added (mod 2) to the unique key in the machine, thus leaving it stored in encrypted form. When it is reattached, the unique key in the machine is decrypted, and it is now ready to operate in the normal way. The analogy with an automobile ignition key is close, thus the name. If the key is lost, the user is still safe unless the finder or thief can match it with the user's machine. In case of loss, the user gets a new CIK, effectively changing the lock in the cipher machine, and gets back in business.
The ignition key sequence can be provided in several ways. In the first crypto-equipment to use the idea (the KY-70), the CIK is loaded with its sequence at NSA and supplied to each user like any other item of keying material. Follow-on application (as in the STU-II) use an even more clever scheme. The CIK device is simply an empty register which can be supplied with its unique sequence from the randomizer function of the parent machine itself. Not only that, each time the device is removed and re-inserted, it gets a brand new sequence. The effect of this procedure is to provide high protection against the covert compromise of the CIK wherein a thief acquires the device, copies it, and replaces it unknown to its owner. The next morning (say), when the user inserts the device, it will receive a new sequence and the old copied one will be useless thereafter. If the thief has gotten to his machine during the night, he may be able to act into the net; but when the user attempts to start up in the morning the thief's device will no longer work, thus flagging the fact that penetration has occurred.
This concept appears particularly attractive in office environments where physical structures and guarding arrangements will not be sufficiently rigorous to assure that crypto-equipments cannot be accessed by unauthorized people.https://www.governmentattic.org/18docs/Hist_US_COMSEC_Boak_NSA_1973u.pdf A History of U.S. Communications Security; the David G. Boak Lectures, National Security Agency (NSA), Volumes II 1981, partially released 2008, additional portions declassified October 14, 2015, p.15
References
External links
Encryption device accessories Key management National Security Agency encryption devices {{crypto-stub