Simple Key Loader (SKL) AN/PYQ-10 (C) 1 AGENDA INTRODUCTION/CHARACTERISTICS PHYSICAL FEATURES AND...
-
Upload
shanna-mosley -
Category
Documents
-
view
2.656 -
download
226
Transcript of Simple Key Loader (SKL) AN/PYQ-10 (C) 1 AGENDA INTRODUCTION/CHARACTERISTICS PHYSICAL FEATURES AND...
Simple Key Loader (SKL)
AN/PYQ-10 (C)
AGENDA
• INTRODUCTION/CHARACTERISTICS
• PHYSICAL FEATURES AND CONTROLS
• CALIBRATE/ SET DATE AND TIME
• LOG IN PROCEDURES
• USER APPLICATION SOFTWARE FAMILIARIZATION
• BASIC KEY/LOADSET BREAKDOWN
• ADD EQUIPMENT/ CREATE AND ADD PLATFORM
• TRANSFER/RECIEVE DATABASE FROM SKL TO SKL
• LOAD ASIP RADIO/ LOAD DAGR(SINGLE KEY)
• AUDIT FUNCTION FAMILIARIZATION
• PROPER SHUT DOWN PROCEDURE
• EMERGANCY DISTRUCTION
2
Safety Considerations
THIS LESSON CONTAINS
NO SAFETY CAUTIONS
3
References
• TM 11-5810-410-13&P, 1 July 2007– Operator’s and Field Maintenance Manual
• Quick Reference Guide, 1 NOV 08– Simple Key Loader, AN/PYQ-10(C)
• CSLA,– SKL Training Material and Practical Exercise
• Communication Support Services, INC– SKL User Application Software v3.3 Training Material– SKL Practical Exercise
• NSA Doctrine, Interim Operational Security Doctrine (IDOC) 007-04 Jul 05
4
CLASSIFICATION
THIS COURSE IS
FOR OFFICIAL USE ONLY
ADDITIONALLY, THIS COURSE IS NOT RELEASABLE TO
MILITARYSTUDENTS FROM FOREIGN COUNTRIES IAW DA PAM 25-380-2
5
6
• Ruggedized Handheld Personal Digital Assistant (PDA)
• The Simple Key Loader (SKL) is the replacement for the Data Transfer Device (DTD)
• Interfaces to Local Management Device/Key Processor (LMD/KP), Automated Communications Engineering Software (ACES), DMD, CT3 DTDs
• Handles, Views, Stores and Loads SOI, Key, Electronic Protection (EP) Data
• The SKL is a Controlled Cryptographic Item (CCI) because of the KOV-21 Information Security (INFOSEC) card imbedded in it.
• Authorized up to TS key and Secret Data (SOI)
Introduction
SKL vs. DTD (Data Transfer Device)
SKL Specification DTD
32 bit 400 MHz (300 MHz) Processor 8088(4 KHz)
3.5” Color Display Display 2 lines 24 characters
64 Mg Ram, 64 (32) Mg Flash Mem Storage 512Kb Ram, 256Kb Flash Mem
6 pin RS-232 & 2 Mini USB Interface 6 Pin RS-232
Rechargeable Battery Packs Power 9 volt or 3 ea 2/3A batteries
Key Storage
TEK,KEK 500,000 Traditional 1,000 TEK/KEK
FFK 5,000-8,000 Modern 10-16 FFK
(plus/minus10%)
AN/PYQ-10 (C) AN/CYZ-10
(SDS information)
9
Army Key Management
System (AKMS)
Controls
10
KOV Light
Inductive Stylus Holder
Zeroize Button
Fill Port
Power Button
CIK Access
Inductive Stylus
Brightness Controls
5-Way Control Buttons(Mouse Mode)
4 General Purpose Buttons
ADT SCREEN
Controls
11
1. Open and Close Start Menu2. Open Selected Application (UAS)3. Night Vision Goggle Mode4. Activates 5 Way Direction Buttons
– Mini- A (TOP, read only)
• CIK (one per SKL)• Insert and remove CIK only
while turned off
Controls
SKL0N386180-1
D345.686
PAT. NO.
RDa aT Key
– Mini- B(BOTTOM,
disabled) • 2 - USB ports
Battery
13
Battery
• Battery Indicator– Green 100% - 41%– Amber 40% - 11%– Red 10% - 0%
• At 2% Pop up every 30 seconds
• At 1% the SKL will automatically shutdown
• High Capacity: 60 hrs Standard Capacity: 33hrs
• AA Battery Pack: 20 hrs• Recharges <2 hrs
14
Questions
Q: At what percentage will the SKL automatically turn off?
A: 1%
15
10 MINUTE BREAK
16
Power On - Initialization
17
Initial SSO Login
18Active Program ICON
Initial SSO Login
19
Initial SSO Login
20
Initial SSO Login
21
Initial SSO Login
22
Re-initialize
NSA Doctrine, Interim Operational Security Doctrine (IDOC) 007-04 Jul 05
• Upon CIK initialization – LKEK - Local Key Encryption Key– HDPK - Host Data Protection Key
• CIK must be re-initialized annually
23
NSA Doctrine, Interim Operational Security Doctrine (IDOC) 007-04
• 14. (U//FOUO) Local Key Encryption Key (LKEK) and the Host Data Protection Key (HDPK) - The CIK contains two split keys created upon CIK initialization. These keys perform the encryption and decryption for the SDS/SKL. The split keys are the Local Key Encryption Key (LKEK) and the Host Data Protection Key (HDPK). The LKEK is used for the encryption/decryption of keying material, while the HDPK is used for the encryption/decryption of any information or data that a user may need protected by the SDS/SKL.
• a. (U//FOUO) Self-initialization – The SDS/SKL generates a Unique LKEK and HDPK. During initialization, only the splits for the keys are stored on the CIK.
• b. (U/FOUO) Re-Initializing – When re-initializing the CIK to create a new LKEK and HDPK, the keys previously protected by that CIK are unrecoverable unless they have first been moved to another device.
• c. (U//FOUO) Cryptoperiod – The LKEK and HDPK have a cryptoperiod of one year and must be superseded at that time. This can be accomplished by re-initializing the SDS/SKL and its associated CIK yearly.
Calibrate Procedure
25
Program Switching ICONActive Program ICON
Calibrate Stylus
26
Set Card Clock/Date
27
Set date first then timePer QRG and TM
Tools – SSO – Set Card Time/Date
Set Card Clock/Date
28
Tap on month Tap on year
Get Card Clock/Date
29
Yes will set Host to match KOV-21 time
No will display KOV-21 time
When loading time comes from Host, Audit trail uses KOV-21 time
Tools – User - Get Card Time/Date
Questions
• Who can set the KOV-21 time and date?
SSO
• How often does the SKL need re-initialized?
Annually
30
5 MINUTE BREAK
31
User Application Software
• Logging into UAS• SOI Tab • Platform Tab• Equipment Tab• Key Tab
32
User Application Software (UAS)
33
User Application Software (UAS)
34
35
Platforms Equipment
Keys SOI
36
Keys Tab• KEY:
Defines the actual Short Title that is resident on the equipment
• Key Management– View key attributes– Delete keys segments– Delete expired keys – Create key tags
• Loading of single or multiple COMSEC keys
37
Equipment Tab• Equipment:
Defines the actual hardware that is resident on the platform such as: – SINCGARS RADIO– PSC-5C– ARC-220– KY-68 phone– KG-175
• Equipment Management– Add/Edit/Delete/Keys and
EP Data
• Loading of Single or Multiple Fill Locations
38
Platform Tab
• Platform:An assemblage with logical grouping of radios and/or COMSEC equipment such as: – HMMV– SHELTER– BDE TOC– APACHE Helicopter
• Platform Management– Add/Edit/Delete
• Sequential Loading of Multiple assigned equipment
SOI Tab
39
• Signal Operating Instructions
• Displays the selected SOI Edition along with Pyro and Smoke data. It will also display any Quick Reference entries.
Key Knowledge
40
Basic Key Break down:
USED ETD 01 5AT068
US: Release prefix “US” constitutes Non releasable to foreign nationals.ED: Functional Relationships “ED” indicates Electronic Distribution.
ETD: Indicates if it is a training or operationalKey.
01 is the numerical sequence this key was Generated.
5AT068: Indicates the COMSEC Account that Generated The key.
Key Knowledge
Short Title
Edition
Key
Keys Tab
42
• KEY TAG - Key variable is needed
• YELLOW KEY - Key variable stored
• EXPIRED TAG - Segment date has expired
• RED KEY - Key variable date has expired
View Key Information
43
Delete Selected Segments
44
Destroy Expired Keys
45View – Key – Expired Keys
Destroy Expired Keys
46
FM LOADSET BREAKDOWN
FRKSSINGARS
LOADSETS ARE GENERATED BY THE UNITS FREQUENCY MANAGER ON THE ACES/JACSSYSTEM. WITH LIMITED USER INTERACTION.
A LOADSET CONSISTS OF 6 ESETS, TSK, 6 CRYPTO-VARIABLE KEYS. THE CRYPTO-VARIABLE KEYS ARE GENERATED BY THE UNITS COMSEC CUSTODIAN.
THE LOADSET IS COMMONLY LOCATED UNDERTHE PLATs TAB.
Associating Crypto Key(s)to a LOADSET
-FRKS -SINCGARS - C1
- USED 1 TEK - AB -1 - C6 -USED 2 KEK
-AB -1
- H0 - H1 - H2 - H3 - H4 - H5
Assign Key to LOADSET
49
Assign Key to LOADSET
50
LUNCH BREAK
51
Add Equipment
52
Assign Key to Equipment
53
Add Platform
54
Platform Tab
-Add Platform
-Other options- Delete Platform- Edit Platform
Add Platform
55
Bussed – The SKL will be connected to a Fill Port that is in the Platform but not part of the equipment.
Non-Bussed – The SKL will be connected to equipment Fill Port and no Fill Location wakeup or handshake is required.
CMD VEH
Assign Equipment to Platform
56
Assign Equipment to Platform
57
Questions
• Can a key tag be assigned to a piece of equipment?
Yes
• Can you assign multiple pieces of equipment to one platform?
• Yes
58
TRANSFERING DATABASE SKL TO
SKL• From the Core Library desktop select File from the menu bar at the top of the screen.
• Select Transmit • Select Database• On the Database Transmit Wizard screen you can
select to transmit ALL or Part of a database. Select All
• Under Transfer Mode Screen Select SKL• Select Next• SKL will instruct to press transmit to transmit
database(s) selected. BEFORE YOU PRESS TRANSMIT Set up Receiving SKL.
• Press Transmit SKL will build databases and begin to send data automatically.
• Operation Successful dialog box will display when SKL is finished sending.
• Select OK. SKL will return to the UAS desktop.• Disconnect SKLs.
• From the Core Library desktop select File from the menu bar at the top of the screen.
• Select Receive• Select Database• On the Receive Database Screen Select Source :
SKL• Profile box will instruct you to connect SKL to SKL. • Select Receive• SKL will display Status Screen you will see the
information being transferred in.• When the Database is received a Save Database
now? dialog box will popup. Select Yes.• SKL will save database and will display a Operation
Successful dialog box when completed.• Select OK. SKL will return to the Received
Database screen. If you do not need any more data select Close.
• SKL will return to the UAS desktop and you will see the new Database.
Receive Database
60
Transmit Database
61
Transmit Database
62
Transmit Database
63
COMSEC PROCEDURES FOR LOADING RTs WITH THE SIMPLE KEY LOADER (SKL)
TURN ON SKL Double Click ON CORE LIBRARYLOG IN USING LOG IN AND PASSWORDSELECT LAUNCH FROM THE TOOL BAR CLICK OK ON SKL
PLEASE WAIT CHECKING AND DECRYPTING DATA BASE IN PROGRESS
CLICK OK ON THE START UP INFORMTIONSELECT THE PLATS(PLATFORM) TAB (YOU WILL FIND THE APPROPRATE LOADSET HERE)HIGHLIGHT THE LOADSET YOU WISH TO TRANSMIT.IN THE UPPER RIGHT HAND CORNER DC ON THE LOAD ICON
GATHERING DATASINCGARS MODE SELECT TRANSFER TYPE
ICOM***Place a check in the block for send time.****
SELECT OKLOAD ECU WIZARD SCREEN IS DISPLAYEDVERIFY EQUIPMENT IS RIGHT SELECT NEXTFOLLOW THE INSTRUCTIONS ON THE SCREEN (THIS PRETAINS TO THE RT)
CONNECT CABLE TO THE AUD/FILL PORTSET FUNCT SWITCH TO LDSET COMSEC SWITCH TO FHSET CHAN TO MANDEPRESS TWICE HANDSET TO CLEAR ALARM (THIS WILL NOT BE NESSESSARY WHEN USING ASIP)
SELECT SEND WHEN YOU HAVE COMPLETED THE SCREENSCREEN DISPLAYS PRESS LOAD (PRESS LOAD ON RT)Transfer successful (RT will display done)
COMSEC PROCEDURES FOR LOADING DAGR
WITH THE SIMPLE KEY LOADER (SKL)
SKLHOOK CABLE FROM DAGR TO SKLGO TO FILETRANSMITLOAD SELECTED KEYSPLACE CHECKS NEXT TO USKAD 103040 AND USKAD 101040HIGHLIGHT USKAD 103040 USING “UP” BUTTON MOVE 103040 ABOVE 101040 THIS ENSURES PROPER LOADING OF KEYS. BEFORE SELECTING OK DOUBLE CHECK TO MAKE SURE THAT KEYS 103040 AND 101040 STILL ARE SELECTED. SELECT OK, PROTOCOL IS DS 102,ACTIVATE MODE IS KYK-13SELECT OKTRANSMIT ONE KEYONCE TRANSMITTED SKL WILL REPEAT PRIOR STEPS FOR SECOND KEY.
DGRCONNECT FILL CABLE TO J1START UPMAIN MENUCOMMUNICATION CRYPTOFILLHIGHLIGHT DS 101 ENTERENTER TO CHANGE TO DS 102ENTER WAIT
10 Minute BREAK
66
Audit Trail
• When the Audit Trail was initialized• When accounts are created/deleted• When accounts are logged on/off• Any unsuccessful logon attempts• When an account password is changed• When and what key was received• What device was used to receive the key• When and what key was transmitted• When a key file was transmitted• When a key was zeroized• When the KOV-21 INFOSEC card was zeroized• When and what kind of device the SKL was connected to.• When the date and time were changed• Any alarm codes
67
Audit Trail
68
Must be logged in as SSO to performany Audit Functions
Tools - SSO - Audit Functions
Audit Trail
69
Audit Trail / Summary Status
70
Audit Trail / Summary Status
71
Audit Trail
• IDOC 007-04, 22 (U) Audits– “Audit information must be uploaded and reviewed, at a
minimum, on a semi-annual basis.”
• IDOC 007-04 22.d (U/FOUO) Deleting– After any audit data has been uploaded or physically recorded,
the SSO shall delete the existing audit data from the SDS/SKL
• TB 380-41, 6.16.2 a (U) Electronic Key Destruction– 100% accountability from generation until destruction,
Custodians and users must document a positive and uninterrupted audit trail.
– 6.16.2.a.3. “…any uploaded DTD Audit Trails will be maintained in desktop folders as supporting documentation”
72
Power Down
73
Logout
• Logout
• Wait for the green KOV-21 light to turn off
74
KOV Light
Power Down
75
Questions
• What is the order to Power Down?• Exit UAS, Logout, Power Button
76
79
● Warranty Service Contract
● CSLA Item Manager: Kim Dorman
Commercial: 520-538-8342
DSN: 879-8342
Email: [email protected]
Warranty Information
Questions?
80