MPM-1000A Operator Manual
1000-7075 Rev E
15-5
The Future Passphrase, if stored, will perish along with the Current Passphrase and all
MEKs when the Terminal is powered down. Upon the subsequent Terminal start up, the
Terminal will repost the persistent display if a Future MSK and changeover date/time is
stored in non-volatile memory.
Note that a Terminal need not receive the Future MSK over-the-air. The Future MSK
may be manually loaded at the Terminal. In this case, there will be no changeover
date/time information, and the Term
inal will display: “Future MSK stored, enter Future
Passphrase
” when the MSK is loaded.
15.7 Passphrase Format
The TRANSEC Passphrase is not case-sensitive. Lower case alpha characters will be
automatically converted to upper case by the Modem Terminal.
15.8 Recovery
The split-knowledge key establishment method used for MEK generation allows for a
degree of flexibility in the approach to compromise recovery. The NCW Over-The-Air
Zeroize function is a key to compromise recovery.
15.9 Over-The-Air-Zeroize (OTAZ)
The NCW network includes one NC and a number of NM Terminals. The NC manages
the network via the transmission of Forward Orderwire (FOW) messages. NM Terminals
take commands from the FOW, and communicate with the NC via Return Orderwire
(ROW) messages.
The Terminal that will perform the function of NC is not fixed. Any Terminal (that is NC
capable) may become the NC. In general, the first Terminal to begin operation assumes
the role of NC.
This presents a problem; that is, it cannot be assumed that the NC will be in a physically
secure location. Therefore, compromise of the NC Terminal must be considered as
likely as the compromise of any Terminal operating within the network. The NCW
compromise recovery plan takes this into special consideration.
Any Terminal operating within a NCW network is capable of initiating an Over-The-Air
Zeroization (OTAZ) of any other Terminal, including the current NC. OTAZ of a
compromised node is initiated by an operator command entered at the Modem control
computer. Once commanded, the network executes the compromise recovery protocols
described in 15.10 and 15.11 below.