The present invention is generally related to secure communications systems, and more specifically related to loading cryptographic keys into equipment containing cryptographic functionality such as secure radio equipment.
As communication systems become more sophisticated with complex communication services and capabilities, it is important to keep information secure. Trends in the communication marketplace have clearly defined the need for security for both commercial and military markets. One way to keep information secure is to encrypt information prior to transmission and decrypt received information. Typically, a common cryptographic key (common to both the transmitter and the receiver) is used to encrypt and decrypt the information. However, in many systems, such as military systems, the key is kept separate from the receiver/transmitter until it is needed to ensure security in the event that the receiver/transmitter is subject to unauthorized access. In these systems, the cryptographic key is loaded (filled) into the receiver/transmitter via a fill device. When the receiver/transmitter is turned off, the cryptographic key may be erased, depending on the design of the system.
Current fill devices suffer many disadvantages. Typical fill devices are bulky, conspicuous, and not particularly suited for tactical, covert environments. The size of a typical fill device can range from approximately the size of several packs of cigarettes to the size of a laptop computer (or even larger). Fill devices for military use are known in the art. Examples include the KYK-13, AN/CYZ-10, KYX-15, and KOI-18. FIG. 1 is an illustration of the AN/CYZ-10 (prior art), also known as the Data Transfer Device.
Large, bulky fill devices are difficult for personnel to carry. This is a particular disadvantage in situations such as military operations requiring personnel to carry fill devices on maneuvers. Also, in situations in which military personnel are trying to remain inconspicuous, such as going through commercial airports during covert operations, large, bulky fill devices are easily spotted by airport security personnel, and may lead to questions being asked that could jeopardize the mission.
Current fill devices require that the fill device be mechanically connected to the transmitter/receiver via an electrical connector, such as bayonet lock connectors and threaded connectors. In the field, or during an operation in which little time is available, connecting and disconnecting the fill device to the transmitter/receiver can take too long, also possibly jeopardizing the mission. Also, these types of connectors are subject to weather conditions which may cause corrosion and interference with the operation of the connector (e.g., dirt in the threads). Furthermore, due to the covert nature of many military operations, the cables connecting the fill device with the transmitter/receiver must be shielded to prevent unauthorized disclosure of the information being transferred, e.g., the encryption key. Shielded cables and connectors tend to be heavy, bulky, stiff, and difficult to quickly connect and disconnect. Current fill devices also are not hermetically sealed due to the mechanical requirements for switches, batteries, connectors, etc. This lack of seal compromises the reliability of the internal electronics in harsh environments.
An improved cryptographic fill system is desired.
In one embodiment, a cryptographic fill system in accordance with the present invention includes a fill device configured to store one or more cryptographic keys, a host portion configured to be coupled to a host processor, and wireless communications means for providing communications between the fill device and the host portion.
In another embodiment, wherein the cryptographic fill system includes a fill device and a host portion, and the host portion is configured to be coupled to the host processor, a method for wirelessly providing a cryptographic key from a cryptographic fill device to a host processor includes positioning the fill device proximate the host portion, activating at least one of the fill device and the host portion for starting wireless communications between the fill device and the host portion, and wirelessly providing the cryptographic key to the host processor.