Module Name
Tactical Key Management Device (TKMD)
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The TKMD is a low-cost single unit that implements the TIA Project 25 Over-the-Air Rekey standard to provide a Key Management Facility (KMF) for 500 and up to 3000 Subscriber Radios. The TKMD can be utilized as a stand-alone KMF for use in a campus environment or can be utilized in a network environment where Subscriber Radio configurations can be securely shared between TKMDs. The networked TKMDs can also securely share collections of Cryptographic keys to allow periodic updating of Cryptographic keys. Control of the TKMD is accomplished with a secure (https) connection to a web browser.
Approved Algorithms
|
|
AES |
Cert. #C1775 |
CKG |
vendor affirmed |
CVL |
Cert. #C1775 |
DRBG |
Cert. #C1775 |
ECDSA |
Cert. #A881 |
HMAC |
Cert. #C1775 |
KAS-SSC |
vendor affirmed |
KBKDF |
Cert. #A862 |
KTS |
AES Cert. #C1775; key establishment methodology provides 256 bits of encryption strength |
RSA |
Certs. #C1775 |
SHS |
Certs. #C1775 |
Allowed Algorithms
AES MAC (AES Cert. #C1775, vendor affirmed; P25 AES OTAR); NDRNG
Hardware Versions
TKMD Spin 3
Firmware Versions
TKMD_FIPS_FINAL_11_01_20