The UK has finally taken “full over-the-network” cryptographic key distribution capabilities live, the NCSC said today – without specifying how widespread this capability is for HMG.

The announcement comes amid long-running efforts to move away from punched tape and other physical tokens for "crypt-key" distribution across the national security estate.

Cryptography is one of the areas where the UK retains sovereign capabilities; a cluster of commercial partners helps to deliver secure hardware for MOD and partners. 

Particularly across military systems that require robust symmetric encryption, and where hardware refresh cycles are not blisteringly fast, the use of hard crypt-keys is endemic. 

In the NCSC’s annual review, published October 14, said: “The approval of the first Secure Key Management (SKM) component marks a major milestone. For the first time, the UK has full over-the-network keying capability, dramatically enhancing operational flexibility and resilience. 

It added: “This growth reflects a strategic focus on high-tech investment, sovereign capability, and the ‘edge’ of the UK’s domestic cyber ecosystem that leads on the global stage.”

See also: National Reconnaissance Office ramps up commercial partnerships, warns over satellite weapons

“The NCSC now partners with four specialist UK suppliers to develop the next generation of network cryptographic devices. These technologies are not only securing classified UK networks, they’re being adopted by friendly governments, turning Crypt-Key into a quiet export success story…”

(Industry leaders in this space told The Stack’s founder some years ago that “The issue with the UK market is that it is profitable, but it’s unpredictable; it’s non-linear. At the moment it is pretty much a managed market. There are opportunities to bolster that by selling devices into overseas markets: we’ve been quite successful at selling into Australia and Canada, and much smaller amounts to some of our close friends in Scandinavia.”)

Thousands of crypt-keys are still physically delivered across the UK via punched tape as well as CD.  (The US’s NSA rolled its last punched tape key off its machines on October 2, 2019.)

As another crypt-key specialist told us some years ago, “The authority [NCSC] has a huge challenge to produce all those keys and then it’s got a challenge to distribute and install them all. That’s not insignificant by the way. I won’t describe what happens. But if Joe Public knew, you would think this was all a bit 1960s…”

Previous efforts to digitalise this space for network-based crypt-key distribution have been fraught. (Doing this at national scale would remove “the need for central key generation and physical key distribution/ installation,” says the NCSC.)

The report suggests some progress and further, “in 2025, the NCSC led a landmark demonstration of secure interoperability between approximately 20 secure voice crypto devices from eight NATO nations,” the agency added in its 2025 annual review.

Work in the industry? Like to talk about the state of crypt-key modernisation? Signal @Targett.11 or pop us an email

The link has been copied!