WIXLIB

EKMS-1BAMD 9NAVAL COMMUNICATIONS SECURITY MATERIAL SYSTEM1560 Colorado AvenueAndrews AFB, MD 20762-6108EKMS-1BELECTRONIC KEY MANAGEMENT SYSTEM(EKMS) POLICY AND PROCEDURES FORNAVY EKMS TIERS 2 & 3

EKMS-1BAMD 92250Ser N5/05 Apr 2010Article I.LETTER OF PROMULGATION1. PURPOSE. EKMS-1B prescribes the minimum policies forissuing, accounting, handling, safeguarding, and disposing ofCOMSEC (Communications Security) material. Also included arepolicies for cryptographic and physical security involvingCOMSEC material and facilities. This document is not designedto be read from cover-to-cover. It is meant as a readyreference for supervisors and managers involved in themanagement, use and accounting of COMSEC material. Readers canfind many immediately useful sections: a glossary of EKMS terms,a section on how to stand up an EKMS account, a section on howto conduct a semi-annual account inventory, etc.2. BACKGROUND. The Electronic Key Management System (EKMS)which operates through the use of a Local Management Device/KeyProcessor (LMD/KP) provides the capability for the automatedgeneration, accounting, distribution, destruction, andmanagement of electronic keys, as well as management of physicalkey and non-key COMSEC related items. Key management continuesto evolve. These technologies are governed by both National andNavy policy. The goal of this policy is to balance timelyCOMSEC support to a global user community while enhancingsecurity and minimizing costs.3.APPLICABILITY.a. EKMS-1B policies apply to COMSEC materials held by U.S.Navy, U.S. Marine Corps, U.S. Coast Guard, and Military SealiftCommand EKMS-numbered accounts. These provisions apply to allwho require access to or the use of COMSEC material within EKMS.All such personnel must be aware that non-compliance ordeviation from the prescribed procedures can jeopardize thesecurity of the United States and could result in prosecution ofthe parties concerned under the espionage laws, Title 18.U.S.C., Sections 793, 794, and 798.b. Commands whose holdings include Two-Person Controlled(TPC) Sealed Authentication System (SAS) keying material areadvised of the following: The policies governing the handling,safeguarding, and use of TPC SAS material are not in this manualbut can be found in CJCSI 3260.01(series), a required directivei

EKMS-1BAMD 9for all commands with TPC SAS material holdings. See Article 721for contact information to obtain a copy of the document, ifrequired. Requests for disposition of SAS/TPC material must beaddressed to the Controlling Authority per CJCSI3260.01(series), info the COR. The COR is not authorized toprovide disposition instructions for this material.4. SCOPE. The policies in this manual have been derived fromthose set forth in NSA, OPNAV, SECNAV and other National andNavy-level COMSEC policy manuals. This guidance supplements butin no way alters or amends the provisions of SECNAV M5510.30(series), SECNAV M5510.36 (series) or U.S. Navy regulations.5. ACTION. EKMS-1B is effective upon receipt and supersedesEKMS-1A (March 2007).6. REPRODUCTION. EKMS 1B is authorized for reproduction,distribution and use in any operational environment and isavailable via the NCMS SIPRNET Collaboration at-Sea (CAS)website located /site.nsf.This manual is also available via NIPR on the INFOSEC websitelocated at: https://infosec.navy.mil7. COMMENTS. Submit comments, recommendations, and suggestionsfor changes to Naval Communications Security Material ly signed by CORREIA.JOAQUIN.S.1174903790DN: c US, o U.S. Government, ou DoD, ou PKI,ou USN, cn CORREIA.JOAQUIN.S.1174903790Date: 2015.02.10 09:42:50 -05'00'S. CORREIAii

EKMS-1BOriginalRECORD OF AMENDMENTSAMEND NUMBER/IDENTIFICATIONDATE ENTERED(YYMMDD)ENTERED BY (Signature,Rank/Rate, Command Title)AMD 1 (ALCOM 108/10)2010/07/06M. J. PHILLIPS, IA-04, NCMSAMD 2 (ALCOM 161/10)2010/10/29M. J. PHILLIPS, IA-04, NCMSAMD 3 (ALCOM 020/11)2011/01/29M. J. PHILLIPS, IA-04, NCMSAMD 4 (ALCOM 085/11)2011/04/30M. J. PHILLIPS, IA-04, NCMSAMD 5 (ALCOM 213/11)2011/12/29M. J. PHILLIPS, IA-04, NCMSAMD 6 (ALCOM 111/12)2012/06/29M. J. PHILLIPS, GG-13, NCMSAMD 7 (ALCOM 079/13)2013/04/23M. J. PHILLIPS, GG-13, NCMSAMD 8 (ALCOM 152/14)2014/10/17C. W. BENKO, LT, NCMSAMD 9 (ALCOM 030/15)2015/02/06C. W. BENKO, LT, NCMSiii

EKMS 1BOriginalRECORD OF PAGE CHECKSDATECHECKEDCHECKED BY (SIGNATURE,RANK/RATE, COMMANDTITLE)DATECHECKEDivCHECKED BY (SIGNATURE,RANK/RATE, COMMAND TITLE)

EKMS-1BAMD 9“SNAPSHOT” of EKMS 1BELECTRONIC KEY MANAGEMENT SYSTEM (EKMS) POLICY & PROCEDURES MANUALiiiiivvviiLetter of PromulgationRecord of AmendmentsRecord of Page checksSNAPSHOT of EKMS 1BTable of ContentsChapter 1-Chapter 2Chapter 3Chapter 4-Chapter 5Chapter 6Chapter s Security Material Control System(CMCS)Introduction to COMSEC MaterialCMS Education, Training and AuditsEstablishment and Maintenance of an EKMS Accountand Associated ResponsibilitiesSafeguarding COMSEC Material and FacilitiesMaintaining COMSEC Material AllowanceControl and Documentation Requirements for COMSECMaterialDisestablishment of an EKMS AccountCOMSEC Incident ReportingPractices Dangerous to SecurityManagement of Electronic KeyANNEXESABCDEFGHIJKLMNOP-Q R S -GlossaryCommonly Used Abbreviations and AcronymsControlling Authorities for COMSEC MaterialHelpful Uniform Resource Locators URLsStatus of COMSEC Material Report (SCMR)Accountable Items (A/I) SummaryEKMS Account Establishment RequestCMS Form 1USTRANSCOM Form 10EKMS Manager or LE (Issuing) Appointment Letter/MemorandumSD Form 572Sample Letter /Memorandum of AgreementEmergency Protection of COMSEC MaterialConstruction Specifications for Storage VaultsConstruction Specifications for Fixed COMSEC Facilities“Special” Physical Security Safeguards for DOD Black-BulkFacilitiesGenerating Station OTAR and OTAT LogsRelaying/Receiving Station OTAT LogCOMSEC Points of Contact Listingv

EKMS-1BAMD 9T U V WXYZAAABACAD-AEAFAGAHAIAJ-Retention Periods for COMSEC Files, Records, and LogsCompleting Locally-Prepared SF-153 COMSEC MaterialAccounting ReportsReporting Page Check Discrepancies in COMSECMaterial/Related Devices and CCIMinimum Page Check Requirements for COMSEC MaterialEKMS SuiteAssuming the Duties of EKMS ManagerAN/CYZ-10 or Data Transfer Device (DTD)Message Advising NCMS of Navy EKMS AccreditationChecklist for Secure Telemetry Missile FiringsTALON Cryptographic Token (TCT)Secure Terminal Equipment (STE)/Associated KSV-21 CARD/Iridium Secure Module (ISM)Management of Modern KeyAN/PYQ-10 Simple Key Loader (SKL)LCMS System Failure and Recovery ProceduresCOMSEC Management Workstation (CMWS)/Data ManagementDevice Power Station (DMD/PS)OMNI TerminalsInventory Reconciliation (Processes and Procedures)vi

EKMS 1BAMD 9TABLE OF CONTENTSCHAPTER 1 -- COMMUNICATIONS SECURITY (COMSEC) MATERIAL CONTROLSYSTEM (CMCS)101. INTRODUCTION TO THE COMSEC MATERIAL CONTROL SYSTEM(CMCS).1-3105. INTRODUCTION TO THE ELECTRONIC KEY MANAGEMENT SYSTEM(EKMS).1-3a.b.c.d.TIER 0TIER 1, the Common Tier 1 (CT1), and Primary Tier 1Segment (PT1S)TIER 2TIER 3110. NATIONAL SECURITY AGENCY (NSA).1-4115. ELECTRONIC KEY MANAGEMENT SYSTEM (EKMS) CENTRALFACILITY (CF).1-4120. DEPARTMENT OF THE NAVY (DON).1-5a.b.c.d.e.f.Chief of Naval Operations (CNO)Headquarters Marine Corps (C4 CY)Commander, Coast Guard C4IT Service Center (COGARDC4ITSC)Naval Communications Security Material System (NCMS)COMSEC Material Issuing Office (CMIO)United States National Distribution Authority (USNDA)125. CONTROLLING AUTHORITY (CONAUTH).1-8126. SERVICE AUTHORITY.1-8130. IMMEDIATE SUPERIOR IN COMMAND (ISIC).1-8135. STAFF CMS RESPONSIBILITY OFFICER (SCMSRO).1-9140. COMMANDING OFFICER (CO).1-9145. EKMS ACCOUNT.1-9150. LCMS SYSTEM ADMINISTRATOR.1-9vii

EKMS 1BAMD 9155. EKMS MANAGER.1-9160. ALTERNATE EKMS MANAGER.1-10165. LOCAL ELEMENT (LE).1-10166. LOCAL ELEMENT (LE) IN-TRANSIT.1-11167. LMD-ONLY ACCOUNT.1-11170. EKMS CLERK.1-12175. EKMS WITNESS.1-12180. KEY MANAGEMENT ENTITIES (KME).1-12182. PRIVILEGE CERTIFICATE MANAGER (PCM).1-12183. FIREFLY POINT OF CONTACT.1-12184. COMMAND AUTHORITY (CMDAUTH).1-12186. USER REPRESENTATIVE (UR).1-13188. ORDERING PRIVILEGE MANAGER (OPM).1-13190. SHORT TITLE ASSIGNMENT REQUESTOR (STAR).1-13192. AUTHORIZED ID.1-13194. FIREFLY CREDENTIALS MANAGER.1-13CHAPTER 2 -- INTRODUCTION TO COMSEC MATERIAL201. GENERAL.2-3205. APPLICATION OF PROCEDURES.2-3210. LIMITATIONS.2-3215. CONTROL AND REPORTING.2-3220. COMSEC MATERIAL CLASSIFICATION.2-4225. COMSEC MATERIAL IDENTIFICATION.2-4viii

EKMS 1BAMD 9a.b.Short TitleAccounting (serial/register) Number230. ACCOUNTABILITY LEGEND (AL) CODES.2-5235. ID AND AL CODE ASSIGNMENTS FOR ELECTRONIC KEYSCONVERTED FROM PHYSICAL KEYS.2-6236. CRYPTO MARKING/DESIGNATION.2-7237. ID AND AL CODE ASSIGNMENTS FOR REMOVABLEMEDIA STORING ELECTRONIC KEYS.2-7238. SYSTEM KEYS FOR LCMS.2-7a.b.c.d.EKMS Message KeysKP Internal KeysUser KeysKG Rules240. CONTROLLED CRYPTOGRAPHIC ITEM (CCI).2-10245. STATUS OF COMSEC MATERIAL.2-10250. COMSEC MATERIAL 5. SOURCES OF SUPERSESSION INFORMATION.2-11a.b.c.d.e.f.g.h.Status of COMSEC Material Report (SCMR)AMSG-600Joint COMSEC Management Office Mac Dill AFB, FLCJCSI 3260.01(series)General Message from CONAUTHCommander, Coast Guard TISCOM (TIS-332) ControlledJoint Inter-Agency Counternarcotic/Counterdrug (CN/CD)COMSEC Keying Material Package Monthly Status MessageCOMSEC Publications and ManualsAL Code 6 and 7 COMSEC Material260. CATEGORIES OF COMSEC MATERIAL.2-14a.Keying Materialix

EKMS 1BAMD 9b.c.FIGURES:COMSEC EquipmentCOMSEC Aids (otherwise known as COMSEC-RelatedInformation)2-12-2DIGRAPH CODES ASSIGNED TO U.S. PRODUCEDKEY.2-18DIGRAPH CODES ASSIGNED TO BRITISHPRODUCED KEY.2-19CHAPTER 3 -- CMS EDUCATION, TRAINING, AND AUDITS301. GENERAL.3-2305. NAVY EKMS MANAGER COURSE OF INSTRUCTION(COI) ool House Addresses/Telephone NumbersCriteria for Attending312. PERSONNEL QUALIFICATION STANDARDS (PQS).3-6a.Requirements315. PRE-AUDIT TRAINING VISITS AND COR AUDITS.3-7a.b.Pre-Audit Training VisitsCOR Audits320. COR AUDIT TEAMS.3-7325. COR AUDIT TEAM SERVICES.3-8a.b.c.GeneralRequest for ServiceTypes of Services330. AREAS OF RESPONSIBILITY FOR COR AUDIT TEAMS.3-10a.b.c.Atlantic RegionPacific RegionEuropean RegionCHAPTER 4 – ESTABLISHMENT AND MAINTENANCE OF AN EKMS ACCOUNT ANDx

EKMS 1BAMD 9RESPONSIBILITIES401. REQUIREMENT FOR AN EKMS ACCOUNT.4-3405. ESTABLISHING AN EKMS ACCOUNT.4-3a.b.c.d.e.f.g.h.PreparationValidation of Authorized HoldingsLead Time to EstablishRequest to EstablishIdentification of Required MaterialNCMS ActionSteps Required to Establish an EKMS AccountActions Required to Ensure Receipt of COMSECMaterial410. SELECTION OF EKMS PERSONNEL.4-7412. DESIGNATION REQUIREMENTS FOR EKMS MANAGERS ANDALTERNATE(S).4-8a.b.c.d.e.f.Minimum PersonnelGrade and Length of Service Requirements (EKMSManagers)Grade and Length of Service Requirements (AlternateEKMS Managers)Security and Access RequirementsLength of AppointmentTraining Requirements for EKMS Managers and Alternates414. DESIGNATION REQUIREMENTS FOR LOCAL ELEMENT (LE) ISSUINGAND EKMS CLERKS.4-11a.b.c.Minimum PersonnelGrade and Length of Service Requirements for LEIssuingSecurity and Access Requirements416. DESIGNATION REQUIREMENTS FOR LOCAL ELEMENT (USING)AND EKMS WITNESSES.4-13a.b.General RequirementsAdditional Training Requirements418. APPOINTMENT LETTER/MEMORANDUM.4-14420. WAIVERS.4-14xi