Description
The TKMD is a small form factor key management facility with the capability to support smaller tactical teams/subscribers, up to 3,000 radios (much more with a secure file server). The TKMD is a low-cost P25 centralized or portable solution that increases efficiencies and reduces cost. Utilizing P25 Over the Air Rekeying (OTAR) protocols, the ACG TKMD can use a donor radio via direct cable or a Quantar™, GTR8000™, or Icom Eclipse2 repeater via direct connect or via IP. The TKMD only requires the use of a laptop with a browser as the Key Manager for radio ID authentication and donor radio/repeater messaging. When paired with the TKMD, this configuration is highly portable, has a quick setup time, and delivers a locally controlled, fully functional key management facility. This concept of operation lowers lead and preparation time for missions and eliminates the “service center” concept of key management. The TKMD also significantly reduces the management overhead of a KVL-only approach for small missions.
CENTRALIZED OR PORTABLE KEY MANAGEMENT
The user-friendly TKMD brings the management of your P25 encryption into one central location or easily portable, making it easier to manage and update the encryption keys used across your organization. The TKMD is an ideal encryption management tool for networks that are geographically dispersed and/or have multiple terminals.
KEYS
The TKMD can generate both AES-256 and DES-OFB keys using an internal Random Number Generator that is FIPS 140-2 compliant.
INTERFACES
The TKMD can interface and accept key material from a KVL-3000+ Key Fill Device (KFD) as well as a KVL-4000. The TKMD can also export locally generated key material to both devices.
SUPPORT
Stores up to 3,000 subscribers The TKMD is designed as a distributed Key Management System with the TKMD located (or at least IP connected to) each OTAR Base Station. TKMDs can exchange encrypted files over an IP network to distribute subscriber radio and/or key material throughout the Key Management System.
CENTRAL SERVER
The TKMD can also function with a central server that will send the subscriber information including key material (if desired) for any unknown subscriber that appears on the OTAR channel serviced by a TKMD. If the local TKMD is working with a central server the ability to handle multiple subscribers is essentially unlimited.
ADMINISTRATIVE BENEFITS
Dashboard supplies radio status by device or group, with visual indication of key updates, and common key references
FUNCTIONALITY
The TKMD supports Hello, Zeroize, Keyset Change, Warm Start, Key Modify, Key Delete.
COMPATIBILITY
The TKMD has been tested successfully with nearly all Project 25 OTAR-capable radios, including: Motorola XTS-5000, Motorola APX, Relm KNG, Harris, ICOM, EF Johnson and Midland Radio. The TKMD has been extensively tested using either the Motorola Quantar or the ICOM Eclipse 2 as a base station.
FIPS140-2 Certified
