What is a typical action included in the key management lifecycle when a crypto device is considered compromised?

• A. Revocation of the key and redistribution of updated keys.
• B. Immediate cessation of all communications permanently.
• C. Replacing the hardware without updating keys.
• D. No action required; continue operation.

Answer: (A)

When a crypto device is compromised, the right move is to revoke the compromised key material and redistribute updated keys to trusted participants. Revoking the keys immediately invalidates any use of the compromised material, preventing an attacker from decrypting or tampering with communications. To restore secure operations, new, fresh keys must be generated and securely delivered to all legitimate nodes, so the entire network can continue exchanging protected data with trusted keys. This fits into the key management lifecycle’s steps of issuance, distribution, use, and, crucially, revocation and re-keying when trust is breached. In the context of Link 16, crypto devices rely on shared cryptographic material; once a compromise is detected, invalidating the affected keys and provisioning new ones across the system is essential to maintain confidentiality and integrity. Simply stopping communications or replacing hardware without updating keys would leave the system vulnerable or ineffective, and doing nothing would fail to address the breach.