SECTION V
KEY MANAGEMENT

20. KEY MANAGEMENT GUIDELINES

a. Locally Generated Key.


(1) Until the Electronic Key Management System (EKMS) is fully implemented, commanders will follow guidance in the noncrytographic operational general publication (NAG) 16D, TB 380-41, and this pamphlet.

(2) Locally generated key encryption key (KEK) will be used-


(a) When physical delivery in loaded fill-devices is possible and operationally feasible.

(b) For tactical nets or circuits when over-the-air-key distribution (OTAD) is possible and authorized for use with STU-III, tri-service tactical communications (TRI-TAC), and mobile subscriber equipment (MSE) under the provisions of NAG 16D.

___________________________________________________________________________



       DIR USACCSLA FT HUACHUCA AZ//SELCL-KP-OR/SELCL-KP-

       KEY/SELCL-KP-IN//and controlling authorities (as 

       applicable).

 INFO: CDR (Headquarters of your command Inspector)

       (USAREUR major command)

       (Higher headquarters, as directed by unit SOP)

       DIR USACCSLA FT HUACHUCA AZ//SELCL-KP-AU//

       CUSALAO SECKENHEIM GE//AMXLA-E-CCM//

       CINCUSAREUR HEIDELBERG GE//AEAGB-CI-S/AEAIM-CO-SI/AEAGD-

       SM//

       CDR 66TH MI GP AUGSBURG GE//IAPG-SAS//

       DIRNSA FT GEORGE G. MEADE MD//V51A/Y132/V61//

       NCEUR VAIHINGEN GE//F29//

       USATCMO-EUR 11TH SIG DET MANNHEIM GE//AFSE-CLC-

       CMO/5BE001//(others optional, as appropriate)



SUBJECT: Request Closure of COMSEC Account (account number)

___________________________________________________________________________

Figure 4-3. COMSEC Account Closure Message Addresses

(3) Each COMSEC account holding COMSEC key will have a key-management SOP (app E). The SOP will meet the particular mission of each unit. It will contain information on how key will be procured, generated, managed, and destroyed. The SOP will require an (accountability) audit trail for electronic key on a AE Form 380-40C-R (Key Management Worksheet).


b. NSA-Generated STU-III Key.


(1) STU-III key will be issued and signed for on AE Form 380-40B-R (COMSEC Custodian STU-III Key Accountability Record).

(2) The COMSEC custodian will file AE Form 380-40B-R in file number 380-40m according to AR 25-400-2.

21. MANDATORY RECALL OF KEY STORAGE DEVICE-64 (KSD-64)

a. The EKMS central facility (CF) instituted a voluntary recall plan in 1992 that allowed for the return of excess key storage devices-64 (KSD-64s) from COMSEC accounts. The recall is now mandatory. The recall will save money and assure the future availability of the KSD-64A. The procedures for returning excess KSD-64As are in b through d below. These procedures have been revised from the original notification. Any deviation from the procedures in b through d below may result in the CF not being able to use the devices.

b. Although the recall is now mandatory, not every extra KSD-64A must be returned. A number of devices should remain on hand to be used as cryptoignition keys (CIKs). The number of devices will vary based on the number of STU-IIIs serviced by an account. The custodian will determine how many devices should be returned to the CF.

c. The items included in the recall are blank KSD-64As, CIK, and fill devices. Also included are Secure Data Network System (SDNS) keys, broken keys, and any keys from equipment that use the KSD-64A as a fill device. All keys should be removed from their corresponding terminals or zeroized. Any KSD device not used in the STU-III program (for example, KG-195, Caneware) must be zeroized in the STU-III three times. The KSD-64As should be clean, and key or luggage tags should not be attached.

d. All zeroized KSD-64As and CIKs should be returned to the EKMS. Custodians will-


(1) Send a letter (fig 5-1) to the EKMS CF 2 weeks before mailing the keys that list how many devices will be returned.

(2) Return zeroized keys to the EKMS CF (address shown in fig 5-1). Include a copy of the letter ((1) above) with the keys. Return the keys by U.S. Registered Mail. The package should be single-wrapped.

SECTION VI
INSPECTIONS, REVIEWS, AND INVENTORIES

22. COMMAND COMSEC INSPECTIONS
The command COMSEC inspector will conduct command COMSEC inspections for each COMSEC account and subaccount as prescribed in AR 380-40 and USAREUR Regulation 380-40. The unit commander will appoint a command COMSEC inspector.

___________________________________________________________________________



                            MEMORANDUM OF AGREEMENT



                                    BETWEEN



                              (Supported Activity)



                                      AND



                              (Supporting Activity)



                       COMSEC MATERIAL HAND-RECEIPT SUPPORT





1. PURPOSE. This memorandum of agreement (MOA) establishes an agreement 

between the (supported activity) and the (supporting activity), identifies 

resources involved, and delineates responsibilities of each signatory for 

communications security (COMSEC) material hand-receipt support. This MOA is 

a mutual commitment to ensure COMSEC material is issued by (supporting 

activity) as COMSEC custodian on hand-receipt to the (supported activity) 

and, once received, the COMSEC material is used properly, stored (when not 

is use by appropriately cleared authorized persons), and accounted for as 

prescribed in policy and procedures applicable to the material involved.



2. REFERENCES.



   a. AR 380-40, Policy for Safeguarding and Controlling Communications 

Security (COMSEC) Material, 1 September 1994.



   b. DA Pam 25-16, Security Procedures for the Secure Telephone Unit, 

Third Generation (STU-III), 1 April 1993.



   c. DA Pam 25-380-2, Security Procedures for Controlled Cryptographic 

Items, 10 January 1991.



   d. TB 380-41, Procedures for Safeguarding, Accounting, and Supply 

Control of COMSEC Material, 29 September 1995.



   e. USAREUR Regulation 380-40, Safeguarding and Controlling 

Communications Security Material, 2 May 1996.



   f. Publications identified in AR 380-40, appendix A, that are relevant 

to material being hand-receipted.



   g. Other: (add appropriate references)



3. BACKGROUND.



   a. Army elements authorized COMSEC material normally obtain direct 

support by establishing a COMSEC account, according to TB 380-41. When 

establishing a COMSEC account, the commander must select and appoint a 

COMSEC custodian and at least one alternate custodian. Once appointed, the 

custodian is responsible for the safeguarding, controlling, and accounting 

for COMSEC material. COMSEC accounts are subject to various inspections, 

audits, and inventories.



   b. The amount and type of COMSEC support required and personnel 

resources available may make establishing a COMSEC account impractical or 

economically impossible. An alternative to establishing a COMSEC account is 

to obtain required COMSEC material on hand-receipt from an established 

COMSEC account, preferably one within the same chain of command. Hand-

receipt holders must safeguard, control, and account for COMSEC material 

in their care. Hand-receipt holders of COMSEC material have fewer and less 

time-consuming responsibilities than a COMSEC custodian.



   c. Timely compliance with established policy and procedures and 

cooperation between the custodian and the hand-receipt holder are essential 

for long-term support.



4. SCOPE. This MOA implements the agreement for (supporting activity) to 

issue COMSEC material to the (supported activity).



5. RESPONSIBILITIES.



   a. The (supporting activity) will-



     (1) Provide COMSEC material support for hand-receipt holders upon 

request.



     (2) Conduct oversight visits to the (supported activity) as required 

to ensure the hand-receipt holder is properly using, safeguarding, 

controlling, and accounting for COMSEC material according to AR 380-40, TB 

380-41, and USAREUR Regulation 380-40.



     (3) Issue guidance (including SOP) and provide advice and assistance 

as required to the hand-receipt holder.



     (4) Hand-receipt COMSEC material only to persons designated by the 

supported commander or responsible official.



     (5) Notify the supported commander or other responsible official at 

the supported command when conditions or circumstances require attention.



     (6) Provide the supported commander written notification a minimum of 

60 days before termination of hand-receipt.



   b. The (supported activity) will-



     (1) Provide (supporting activity) a current listing of required COMSEC 

material.



     (2) Comply with Army policies and procedures and (supporting activity) 

SOP applicable to using, safeguarding, controlling, and accounting for 

COMSEC material.



     (3) Provide (supporting activity) a list of cleared personnel 

authorized to sign for COMSEC material under this MOA and update this list 

as required to ensure it is current.



     (4) Establish written procedures to ensure hand-receipt holders clear 

their hand-receipts with (supporting activity) before permanent change of 

station or reassignment to other duties.



     (5) Promptly notify (supporting activity) when COMSEC material is 

lost, out of control, misused, or otherwise subjected to a possible 

insecurity.



     (6) Be prepared to establish an organic COMSEC account, or to begin 

receiving COMSEC support from an alternate source, within 60 days of 

written notification by (supporting activity) that COMSEC hand-receipt 

support under this MOA will be terminated.



6. REVIEW AND REVISION.



   a. This agreement will be reviewed yearly. Review will be initiated by 

(supporting activity) within 90 days of the first anniversary date.



   b. Either agency may propose revision of this MOA at any time. 

Additionally, the MOA will be amended, as necessary, to comply with 

regulatory changes or changes in mission needs of either party.



7. EFFECTIVE DATE AND TERMINATION. This agreement will become effective on 

signature by the Commander, (supporting activity), and the Commander, 

(supported activity), and remain in effect for 3 years, unless extended or 

terminated.





X_________________________          X_________________________

(Signature)                          (Signature)



SIGNATURE BLOCK	                      SIGNATURE BLOCK

CDR, (supporting activity)           CDR, (supported activity)



___________________                  __________________

(date)                               (date)

___________________________________________________________________________

Figure 4-4. Sample MOA for COMSEC Hand-Receipt Support

___________________________________________________________________________



To:     EKMS Central Facility

ATTN:   Custodian CA 880103

        P.O. Box 718

        Finksburg, MD 21048-0718



From:   CDR, 181st Signal Company

ATTN:   CA 999999

        CMR 420

        APO AE 09014



       Total number of excess devices returned from my account: 

____________________. These keys have been removed from their terminals or 

zeroized. If not used in the STU-III program, the keys have been zeroized 

three times each.



FOR THE COMMANDER:







                                JOHN Q. PUBLIC

                                Staff Sergeant

                                Custodian CA 999999

___________________________________________________________________________

Figure 5-1. Format for Returning Zeroized Key

a. Policy and procedures for command COMSEC inspections are in AR 380-40 and TB 380-41. USAREUR units can use the guidance in this pamphlet, appendix F to prepare for USAREUR command COMSEC inspections. USAREUR command COMSEC inspections will include the special interest items listed in (1) through (11) below. The inspections will include verification that-


(1) The CONAUTH conducts annual reviews and sends a Cryptonet Systems Evaluation Report (CER) RCS: CSGID-131, to the USACCSLA according to TB 380-41. The CONAUTH also sends a summary of each review to the USACCSLA. A copy should be in the COMSEC account files.

(2) The property-book officer (PBO) and user (hand-receipt holder) CCI records were inspected within the past 24 months. The records must comply with DA Pamphlet 25-380-2 and AR 710-2).

(3) The COMSEC custodian and alternate custodians are appointed according to AR 380-40 and this pamphlet.


(a) Appointees should receive on-the-job training before attending the U.S. Standardized COMSEC Custodian Course, INTEL 34 (app G).

(b) A commander must have approval from the course proponent (Commander in Chief, USAREUR, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014) before appointing an individual who has not had the standardized COMSEC Custodian Course as a COMSEC custodian.


(4) Information on DA Form 2012 (COMSEC Account Data) is current according to TB 380-41, paragraph 2.12.4 (fig 4-2).

(5) DA Form 2012 with original signatures is on file, and copies are sent to the following addresses:


(a) Office of Record (USACCSLA) or the COMSEC Material Direct Support Activity (CMDSA), as applicable.

(b) USAREUR COMSEC Inspector (Commander in Chief, USAREUR, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014).

(c) Commander, USATCMO-E, 11th Signal Detachment, ATTN: AFSE-CLC-CMO/5BE001, Unit 29802, APO AE 09058.

(d) Chief, United States Army Logistics Assistance Office-Europe (USALAO-E), ATTN: AMXLA-E-CCM, Unit 29331, APO AE 09266.

(e) Other command-channel addresses, as appropriate. Appendix H is a list of COMSEC addresses.


(6) DA Form 1999-R (Restricted Area Visitor Register (LRA) is closed out following the last entry for the calendar year as follows:

---------CLOSED OUT---------(Signature)---------(Date)-------

(7) DD Form 1999-R is filed according to AR 25-400-2 under-


(a) File No: 380-40e.

(b) Disposition: Destroy after 1 year.

NOTE: A DD Form 1999-R needed by investigators for an incident report or investigation will become part of the report or investigation. These forms will have the same disposition as the report or investigation.

(8) DD Form 1435 (COMSEC Maintenance Training and Experience Record) is updated annually (AR 25-12, para 4-4).

(9) COMSEC account has an internal, external, and key management SOP, as applicable.

(10) The COMSEC emergency plan was coordinated with other units and directorates on the installation to include the provost marshal, safety officer, and fire marshal. Coordination is on file.

(11) Documented proof (for example, the signatures of participating personnel including disinterested witnesses of the practice) is on file.


b. Individuals appointed as command COMSEC inspectors will--


(1) Meet the unwaived requirements for COMSEC custodians and have written appointments according to AR 380-40.

(2) Be familiar with COMSEC policy and procedures in AR 380-5, AR 380-40, TB 380-41, USAREUR Regulation 380-40, and this pamphlet.

(3) Be a graduate of the Standardized COMSEC Custodian Course (SCCC).


c. The command COMSEC inspector will send inspection reports to the inspected unit within 20 workdays after the inspection. The inspected unit has 45 calendar days to reply with corrective actions taken. When discrepancies cannot be adjusted within 45 days, an interim reply is required. The inspected unit will send a copy of the basic report and reply to the inspecting unit or investigator by the suspense date. The inspected unit will send a copy of the report and the reply to the commander of the next higher headquarters for review. The next-higher headquarters above the inspected unit will ensure that the corrective action will be completed or in progress before they endorse the reply through command channels to the inspecting office.

23. REVIEWS AND INVENTORIES
Periodic reviews will be according to AR 380-40 and TB 380-41.

SECTION VII
SURVEILLANCE

24. COMSEC INCIDENT REPORTING
COMSEC custodians will report COMSEC incidents according to AR 380-40, TB 380-41, USAREUR Regulation 380-40, and this pamphlet.

a. COMSEC incidents unique to STU-IIIs will be reported according to DA Pamphlet 25-16 and DA Pamphlet 25-380-2. The format for the report is in this pamphlet, appendix I. STU-III-incident messages will be addressed to DIRNSACCSLA FT HUACHUCA AZ//SELCL-KP-IN// and the CONAUTH (if key is involved) for action. DIRNSA FT GEORGE G. MEADE MD//V51A/S213/Y183// will be listed as an information addressee along with other info addressees listed in USAREUR Regulation 380-40, paragraph 10.

b. CCI incidents for keyed and unkeyed CCI will be processed according to USAREUR Regulation 380-40, paragraph 10d.

c. COMSEC incidents involving NATO material will be reported according to applicable Allied Command, Europe (ACE), directives.

d. COMSEC incidents involving both NATO material and U.S. material will be reported separately according to ACE directives and this pamphlet, appendix I.

e. COMSEC incidents involving positive-controlled material will be reported to USCINCEUR, VAIHINGEN, GE//ECJ36(PMCT)// according to CJCSI-3260.01.

25. ROUTING OF REPORTS

a. COMSEC custodians will send COMSEC incident reports as to the addresses as prescribed in USAREUR Regulation 380-40, paragraph 10.

NOTE: While all violations of AR 380-40 are serious incidents and may jeopardize the integrity of the COMSEC material involved, not all violations need to be assigned a COMSEC-incident case-number from the USACCSLA.

b. The COMSEC incident error most often reported is premature or late destruction of COMSEC key. Addressees for COMSEC incidents described in AR 380-40 are listed in USAREUR Regulation 380-40, paragraph 10. CCI incidents will be reported according to DA Pamphlet 25-380-2 and USAREUR Regulation 380-40.

26. REPORT PRECEDENCE AND TIMELINESS

a. Message precedence for addressees and report-submission times are in AR 380-40.

b. COMSEC incident reports will not be sent to a higher headquarters for evaluation before the incident is reported to the appropriate addressees in USAREUR Regulation 380-40 and this pamphlet, appendix I. Incorrect routing delays evaluation and may damage the COMSEC capability of the cryptonet.

27. SIGNAL OPERATION INSTRUCTIONS
Incidents involving signal operating instructions (SOI ) material will be reported according to AR 380-5 as a loss-of-classified information.

NOTE: Once SOI material containing either ALC 3 or category-2 ALC 4 has been permanently issued to a user (hand-receipt holder), the COMSEC custodian is no longer accountable or responsible for the SOI material. Custodians will not issue or hand-receipt SOIs to themselves.

28. ASSESSMENTS, EVALUATIONS, AND INVESTIGATIONS

a. USAREUR commanders will examine reportable COMSEC incidents to determine the likelihood of foreign intelligence service (FIS) involvement (AR 380-40 and TB 380-41).


(1) If FIS involvement is not suspected, it will be reported as a COMSEC incident as prescribed in this pamphlet, appendix I.

(2) Any evidence, indication, or suspicion of FIS involvement must be reported according to AR 381-12, as a Subversion and Espionage Directed Against the U.S. Army (SAEDA) incident.


b. Reported COMSEC incidents will be examined by the USAREUR subcontrol office (SCO) (66th Military Intelligence Group (66th MI GP) (IAPG-SAS)) for indicators of FIS involvement. The USAREUR SCO will-


(1) Task the appropriate counterintelligence unit with action if FIS involvement is detected or suspected.

(2) Examine each SAEDA report involving COMSEC key. When appropriate, the SCO will pass information to the cryptonet CONAUTH through the Deputy Chief of Staff, Intelligence (DCSINT), HQ USAREUR/7A. The SCO will make the decision on supersession of the key.


c. A preliminary inquiry will be conducted according to AR 380-5 to determine the circumstances in a COMSEC incident. A COMSEC incident (for example, loss, theft, sabotage, espionage) may require a formal investigation according to the provisions of AR 15-6.

29. EVALUATING COMSEC INCIDENTS
CONAUTHs will evaluate COMSEC incidents according to AR 380-40.

SECTION VIII
CONTROLLED CRYPTOGRAPHIC ITEMS

30. GENERAL
Although the PBO maintains property accountability records for a CCI, once issued on a hand-receipt, accountability of the CCI becomes the responsibility of the user to provide security control and accountability through monthly inventory. A CCI will be controlled according to AR 380-40, DA Pamphlet 25-16, and DA Pamphlet 25-380-2. A CCI is sensitive and will be protected for the same reasons other unclassified but sensitive equipment (such as, night vision devices, weapons, M1 tank technology) is protected.

31. CCI REFERENCES

a. DA Pamphlet 25-16 prescribes security procedures for the STU-III.

b. DA Pamphlet 25-380-2 prescribes security procedures for CCIs.

c. The unit supply update (AR 710-2 series of regulations and DA pamphlets) provides policy on supply operations below the wholesale level, including CCIs in the standard logistic system.

d. AR 710-3 establishes policy and assigns responsibilities for operation and maintenance of DA asset-and-transaction reporting systems (including serial-number reporting of DOD CCIs).

32. CCI INCIDENT REPORTING
USAREUR Regulation 380-40 and this pamphlet gives guidance for reporting CCI incidents in USAREUR.

33. EXCEPTIONS
Requests for exception to DA policy on CCIs will be sent through command channels to the Commander in Chief, USAREUR, ATTN: AEAGB-CI-S, Unit 29351, APO AE 09014.

34. STU-III INSTALLATION IN PRIVATE RESIDENCES

a. The DCSINT is the only approval authority in USAREUR for STU-III installation in private residences.

b. Requests for STU-III installation in a private residence will follow the guidance in USAREUR Regulation 380-40, paragraph 11 and appendix B.

35. FOREIGN ACCESS
Access to a keyed CCI will follow the guidance in USAREUR Regulation 380-40, paragraph 12.

SECTION IX
DEPARTMENT OF THE ARMY CRYPTOGRAPHIC ACCESS PROGRAM

36. QUALIFYING POSITIONS AND UNITS
Guidance for the Department of the Army Cryptographic Access Program (DACAP) in USAREUR is in AR 380-40, USAREUR Regulation 380-40, and this pamphlet.

a. Commanders will ensure that, if selected, personnel in qualified positions (those who require access according to AR 380-40) are briefed and debriefed, have signed briefing and termination certificates, and are available for a counter-intelligence scope polygraph.

b. USAREUR units qualified under provisions of AR 380-40 will appoint a DACAP point of contact (POC).

37. REPORTING CHANGES TO DATABASE
The DACAP POC will report changes in the DACAP database according to AR 380-40 and USAREUR Regulation 380-40, paragraph 13.