Fill device
A fill device is an electronic module used to load cryptographic keys into electronic encryption machines. Fill devices are usually hand held and battery operated.
Older mechanical encryption systems, such as rotor machines, were keyed by setting the positions of wheels and plugs from a printed keying list. Electronic systems required some way to load the necessary cryptovariable data. In the 1950s and 1960s, systems such as the U.S. National Security Agency KW-26 and the Soviet Union's Fialka used punched cards for this purpose. Later NSA encryption systems incorporated a serial port fill connector and developed several common fill devices (CFDs) that could be used with multiple systems. A CFD was plugged in when new keys were to be loaded. Newer NSA systems allow "over the air rekeying" (OTAR), but a master key often must still be loaded using a fill device.
NSA uses two serial protocols for key fill, DS-101 and DS-102. Both employ the same U-229 6-pin connector type used for U.S. military audio handsets, with the DS-101 being the newer of the two serial fill protocols. The DS-101 protocol can also be used to load cryptographic algorithms and software updates for crypto modules.
Besides encryption devices, systems that can require key fill include IFF, GPS and frequency hopping radios such as Have Quick and SINCGARS.
Common fill devices employed by NSA include:
- KYK-13 Electronic Transfer Device
- KYX-15 Net Control Device[1]
- MX-10579 ECCM Fill Device (SINCGARS)[2]
- KOI-18 paper tape reader. The operator pulls 8-level tape through this unit by hand.
- AN/CYZ-10 Data Transfer Device - a small PDA-like unit that can store up to 1000 keys.
- Secure DTD2000 System (SDS) - Named KIK-20, this was the next generation common fill device replacement for the DTD when it started production in 2006. It employs the Windows CE operating system.[3]
- AN/PYQ-10 Simple Key Loader (SKL) - a simpler replacement for the DTD.
- KSD-64 Crypto ignition key (CIK)
- KIK-30, a more recent fill device, is trademarked as the "Really Simple Key Loader" (RASKL) with "single button key-squirt." It supports a wide variety of devices and keys.[4]
The older KYK-13,[5] KYX-15 and MX-10579 are limited to certain key types.
See also
- List of cryptographic key types