The following information is based on a google search for NSA EKMS.

The EKMS Central Facility, also known as Tier 0, is the foundational element of the U.S. National Security Agency’s Electronic Key Management System, responsible for the generation, distribution, and management of electronic key material for secure communications.

It is located in an underground building in Finksburg, Maryland, and manages both physical and electronic keys for systems like STU-III, STE, and SDNS. The facility supports key generation, over-the-air rekeying, and maintains compromise recovery for key material.

It is part of a larger system that includes Tier 1 (service-level systems), Tier 2 (Local Management Devices), and Tier 3 (end-user devices and key loaders).

The EKMS system was developed to address security and logistical challenges of previous systems like the COMSEC Material Control System (CMCS), particularly the human threat associated with paper-based keys.

The EKMS is being replaced by the Key Management Infrastructure (KMI).

I’m fairly certain paper-based keys aren’t used any more.

I think this domain may have been used to host malware, but I’m not attributing that to the NSA.

While the domain was used for EKMS, I think Booz Allen Hamilton was involved.

Here is historical whois information for this domain in JSON.

Thanks for visiting! Server Configuration hints are availabe via the TLS Config section of this site.

This site is a quick consolidation of TLS termination for the various keysupport.* domain hosts supporting HTTP.

I’m also working to make various API prototypes available via this configuration as a survailence mechanism for common traffic and Post Quantum chryptograpic support.