ABERDEEN PROVING GROUND, Md. (Dec. 3, 2015) — Think of it as iTunes for Army communications. But instead of purchasing music, Army units can order cryptographic keys and download them securely over-the-network.
Used to manage encryption services that ensure secure communications on the battlefield, the Army’s Key Management Infrastructure, or KMI, offers a web-based storefront for seamless delivery of keys that protect radios, tactical laptops and other communications systems from enemy interception. The new storefront replaces manual processes and legacy equipment.
“Before, you had to drive the key to the individual units or they had to send someone to get it, even in combat zones,” said Kevin Walsh, product lead for the Army’s Key Management. “Now, the users are able to go to the KMI storefront, order their products and have them delivered to them over the network. So this is a whole new, net-centric approach for key management and distributing key material. It’s simple, easy to use and flexible.”
The Army rolled out its pilot of KMI starting in fiscal 2014 fielding to 20 installations. Now, fielding to the remaining operational Army accounts will begin in second quarter fiscal 2016 and continue through December 2017.
Fort Bragg was one of the first pilot accounts.
“The storefront is very user friendly,” said Master Sgt. Clifton Dockery, a communications security custodian based on Fort Bragg. “The KMI system is more expeditious. We can produce a product to the field much faster than before. And the navigation procedures are easy to understand.”
KMI replaces the existing legacy Electronic Key Management System, or EKMS, limiting requirements for both physical encryption products and manual delivery through user-operated fill devices. It is a modernized way to generate, distribute, account for and store key.
“This provides units with the most secure method to deliver cryptographic products,” Walsh said. “Now, even if their keys become obsolete, the network can deliver new cryptographic products without having to touch a single device.”
KMI not only brings the intuitive storefront, but also the flexibility to adapt to new capabilities within the Army’s tactical network.
Consisting of core nodes that provide database storage, secure routing, key generation and management services centrally located at a National Security Agency, or NSA, location, KMI ensures mission command systems are secure by planning, distributing, managing and accounting for protected “keys” that are used in tactical and strategic communications.
The core nodes function in the background and the Army user has a single direct access point commonly called “the KMI Storefront” to simplify interaction.
The overarching KMI program is led by the NSA, with the Army’s Product Lead Key Management, procuring, fielding and training the capabilities for the Army.
The pilot program began in February 2014 in response to an NSA-issued mandate for the military services and civil agencies to transition all of their legacy EKMS platforms to the new KMI by December 2017. The pilot program ensured the proper processes were in place before taking it live to the remaining Army accounts.