A hardware cryptosystem developed by the National Security Agency as part of the US Government's failed attempts at imposing nationwide key escrow, along with the Clipper chip. It incorporated the NSA-designed Skipjack block cipher, the NIST Secure Hash Standard, a key exchange algorithm that incorporated the key escrow feature (basically a modified Diffie-Hellman), circuitry that implemented the NIST Digital Signature Standard, and a hardware random number generator. The first application of Capstone was in the Fortezza PCMCIA cards. Capstone itself was supposed to be a tamperproof VLSI chip with power ratings suitable for battery-operated hand-held devices (initial announcements said 5 Vdc at 3.5 mA/MHz).
All of the internals of the Capstone chip were classified until 1998, when the NSA decided to publish some of the details. Bruce Schneier suggests they decided to do this because they couldn't install Fortezza cards fast enough; either they couldn't make the cards quickly enough or they couldn't soon enough install the extra hardware (PCMCIA readers etc.). It seems that they counted on PCMCIA card readers being common (as of this writing they never have been, and it looks like they'll stay that way forever). So the only solution the NSA had was to implement the Fortezza algorithms in software, and of course they knew that if they did that they might as well just declassify the algorithms.
The US Government's key escrow plans embodied by Capstone and Clipper eventually didn't succeed because it depended on there being no strong cryptography widely available, but at the time PGP was already widely available, and many other free tools as well.