LEADING THE COMSEC REVOLUTION
Document Type:
Collection:
Document Number (FOIA) /ESDN (CREST):
CIA-RDP90-00530R000701710002-9
Release Decision:
RIFPUB
Original Classification:
K
Document Page Count:
3
Document Creation Date:
December 27, 2016
Document Release Date:
October 26, 2012
Sequence Number:
2
Case Number:
Publication Date:
January 1, 1986
Content Type:
OPEN SOURCE
File:
Attachment | Size |
---|---|
CIA-RDP90-00530R000701710002-9.pdf | 346.02 KB |
Body:
Declassified and Approved For Release 2012/10/26: CIA-RDP90-0053OR000701710002-9
FEATURE ARTICLE
Leading the COMSEC
Revolution
The STU-III Secure Telephone
A quiet revolution has be-
gun in US telecommuni-
cations, one that will dra-
matically change how we secure
our classified and sensitive com-
munications from potential ad-
versaries. The ultimate result will
be better and considerably less
expensive communications secu-
rity, readily available at an af-
fordable price to anyone in- the
US who needs it.
Leading the revolution is the
STU-III Program. Known as the
Future Secure Voice System pro-
ject, the National Security Agen-
cy sponsored this major initiative
in partnership with the telecom-
munications industry to develop
and deploy a new family of tele-
phone security equipment which
went far beyond the capabilities
of anything previously available.
For the first time, a secure tel-
ephone that looks and operates
just like a regular telephone can
be installed by the user in min-
utes. The new secure telephone
replaces the standard unit and
does not need to be locked in a
vault for the night. In its basic
form, it will be available at a price
under $2,000 and even a choice of
colors. Most important, the real-
ization of this new secure phone
is anticipated within a timeframe
previously unheard of for Gov-
ernment communications securi-
ty equipment.
INCEPTION OF THE STU-III
In 1983, the National Security
Agency began to take a hard look
at US COMSEC in general and
at telephone security in particu-
lar. NSA assessed the situation
in one word, "dismal." The exist-
ing secure telephone system for
the US Government was the ag-
ing AUTOSEVOCOM system
which used equipment built in
the 1950s and 1960s and relied on
expensive leased circuits. Fur-
thermore, AUTOSEVOCOM
served only a very limited num-
ber of users, a number that was
actually shrinking because of the
obsolescence and expense of the
system.
Although development of the
STU-II secure telephone had be-
gun in 1975, delivery of the equip-
ment was just beginning in 1983.
The price of the STU-II was on
the order of $12,000, and installa-
tion and maintenance costs were
considerable. Also, the STU-II
was designed for a projected user
population of only 10,000. A
quick analysis of the require-
ments for secure telephones for
the mid-1980s put the figure for
the Federal Government and for
related users closer to half a mil-
lion.
In addition, NSA and other key
planners were beginning to
realize that a solution for tele-
phone security could not just ad-
dress the traditional Govern-
ment community of COMSEC us-
ers. Many areas of the private
sector deal with sensitive infor-
mation which can affect our na-
tional well-being in both the
short and long term.
As a hypothetical example,
consider a telephone call between
the president of a large US oil
company and one of its officials
in a Middle East country, in
which they discuss 'sensitive ne-
gotiations being conducted to
avert a potential embargo of
crude oil shipments to the US. An
eavesdropper with hostile inten-
tions towards the US could ex-
ploit this information to the det-
riment of our national interests.
It quickly became obvious that
a whole new initiative was need-
ed in telephone security - one
that would address the entire
spectrum of needs, and at an af-
fordable cost. Moreover, the solu-
tion was needed quickly. A trad-
itional acquisition program, with
a long development and test cy-
cle, was out of the question. With
this perspective, a radically dif-
ferent approach began to take
shape.
THE PROGRAM STRATEGY
It became clear that to do what
was needed, NSA was going to
have to use the same kind of ap-
proach industry would use in
bringing a product to the com-
mercial marketplace. This ap-
proach would have to provide
considerable incentive to the de-
velopers of the secure telephone
and create competition among a
number of suppliers to insure get-
ting the best product at the best
price.
At the same time, NSA recog-
nized that there were unique re-
quirements for secure telephones
for specialized uses, such as com-
mand and control. It was not ne-
cessary or economical to provide
these features in every secure tel-
ephone. The majority of secure
telephone users simply do not
need them. Thus, the STU-III
was conceived as a family of
equipment: The STU-III/Low
Cost Terminal would be designed
for the regular users, with low
price of ownership being a pri-
mary goal. The STU-III/Com-
mand and Control (C2) Terminal
would provide flexible multifunc-
tion capabilities with unique fea-
tures for special applications.
NSA was already developing a
compact version of the STU-II for
mobile radio telephone applica-
tions. After careful examination,
it was decided that this equip-
ment could serve as the basis for
the STU-III/C2. It was an ap-
proach which capitalized on ex-
isting development with the
[Continued on page 20]
18 Declassified and Approved For Release 2012/10/26: CIA-RDP90-0053OR000701710002-9 -RY ?8s
Declassified and Approved For Release 2012/10/26: CIA-RDP90-00530R000701710002-9
page 181 NAGENGAST
added benefit of providing an
equipment, no bigger than a
shoebox, which would be compat-
ible with the STU-II.
For the STU-III/LCT, howev-
er, NSA was essentially starting
from scratch, and a way had to
be found to quickly bring the
product from the conceptual
stage to fruition. First, the idea
had to be converted into specific
concepts and a functional defini-
tion, combining NSA's knowl-
edge of cryptography with the ca-
pabilities and experience of the
telecommunications industry.
Second, NSA had to establish a
competitive, multivendor base
for large-volume production at a
low price.
In order to achieve this rather
tall order, a two-phased approach
was laid out. The first phase, last-
ing six months, would be a com-
petitive concept definition study
among the top companies in the
field. Then, the winners of the
concept definition would enter a
two-year, integrated develop-
ment and initial production
phase, with continued competi-
tion among the participants for
the initial production.
THE CONCEPT
DEFINITION PHASE
Early in 1984, after an exten-
sive review of US telecommuni-
cations/electronics companies
and their capabilities, NSA se-
lected five firms to participate in
a competitive concept definition
for the STU-III/LCT. The com-
panies were AT&T, GTE, ITT,
Motorola and RCA.
The ground rules for the study
were straightforward. At the end
of the six-month study phase,
NSA would pick at least two com-
panies for the actual develop-
ment. NSA would specify only
the minimum performance and
STU-111/C2 being developed by RCA.
security requirements; the com-
panies would be free to propose
the best design concept and how
they would begin volume produc-
tion two years from the start of
the development. Finally, the
winners would share in an initial
large purchase by NSA and
would also sell their product di-
rectly to the US marketplace, in-
cluding the Government and pri-
vate sectors.
A unique feature of the compe-
tition was that the resulting inde-
pendent designs all had to be able
"to talk to each other" (as well as
to the STU-III/C2). Considerable
time and effort was spent by NSA
and the participating companies
during the concept definition to
hammer out an interoperability
specification. This stage created
some interesting moments, with
five companies in heated compe-
tition being forced to come to-
gether in one room and agree on
something which would have
considerable impact on their own
design. To the credit of all in-
volved, the overall success of the
program took precedence over
the individual interests, and
agreement was reached.
THE DEVELOPMENT/INITIAL
PRODUCTION PHASE
The concept definition phase
was completed on schedule in No-
vember 1984, with each company
submitting a detailed Concept
Definition Report. After an exten-
sive evaluation, development
contracts were awarded in March
1985 to AT&T, Motorola, and
RCA. A fourth company, GTE,
was chosen to develop central
system management facilities
which would provide automated
capabilities for ordering and dis-
tribution of cryptographic key (a
sequence of random numbers
which control the encryption and
decryption process) for the STU-
III and other functions indige-
nous to a large-scale secure tele-
phone system.
The total cost to the Govern-
ment for these developments is
expected to approach ninety mil-
lion dollars. In addition, in order
to be in the best possible compet-
itive position, the three LCT de-
velopers are investing a signifi-
cant amount of their own resour-
ces in the program.
Each of the three developers is
required to demonstrate proto-
type units to NSA at Month 12 of
the development/initial produc-
tion phase. NSA will award the
initial production contracts short-
ly thereafter, basing each ven-
dor's share on price, equipment
function and features, and per-
formance in completing the pro-
totype units. At Month 15, each
vendor will deliver forty units for
AT&T STU-111 LCT.
an extensive field test by the Gov-
ernment.
The prototype equipments will
first be evaluated in a formal sys-
tem testbed to verify proper oper-
ation, including interoperability
[Continued on page 22]
'
86
Declassified and Approved For Release 2012/10/26: CIA-RDP90-00530R000701710002-9 4RY
Declassified and Approved For Release 2012/10/26: CIA-RDP90-0053OR000701710002-9
of the various vendors' equip-
ments. The equipment will then
be placed in the hands of a vari-
ety of users worldwide to evalu-
ate its performance under actual
field conditions. The vendors will
be required to correct any defi-
ciencies identified during the
prototype testing prior to their de-
livery of the first production
units. Finally, at Month 24, the
actual production will begin.
Each participating company
has planned a fully automated
production capability for the
STU-III/LCT, with capacity to
build in excess of 10,000 units a
month.
THE STU-III FROM A
USER'S PERSPECTIVE
What does all this mean to the
user? First of all, the user will
have a choice. He can select the
version that best fits his needs or
the type of service plan a partic-
ular vendor may offer. It will also
be possible for the user to request
a special feature or a custom in-
terface to meet the requirements
of his PBX.
Next, the STU-III will be easy
to install. The normal interface is
the common, garden-variety
modular jack, so that the STU-III
can be plugged in anywhere
an ordinary phone can. For of-
fice installations with multiline
phones, i.e. those with five-line
select and hold buttons, an op-
tional version will be available
that mates with the standard
1A2 connector used in these in-
stallations. If a custom installa-
tion is required, the user can ar-
range it with the STU-III vendor
of his choice. And, unlike pre-
vious secure telephones, the STU-
III will operate over a single
standard phone line.
The real test is when the STU-
III is in place and ready for that
first phone call. A secure call is
placed just like a regular call. In
fact, until the secure button is
pressed, it is a regular call using
normal dialing procedures and
going over the telephone network
in standard fashion. When the
other party answers, either one
can press the secure button in-
itiating an authentication proce-
dure between the two telephones
lasting no more than twelve se-
conds. The two parties can then
converse without fear of being
overheard by anyone along the
transmission path.
The various STU-III tele-
phones will all offer a number of
modern telephone features, such
as one-button speed dialing for
frequently called numbers and
all the units include a feature
called the Crypto Ignition Key, or
CIK for short.
The CIK serves two fundamen-
tal purposes. When it is removed,
the STU-III becomes unclassified
and no special storage area or
vault is necessary. Also, without
the CIK, the STU-III cannot be
used in the secure mode, pre-
venting unauthorized use, even
though it will continue to serve as
a regular phone to place or re-
ceive nonsecure calls. In addi-
tion, the STU-III will incorporate
a display which, when in the se-
cure mode, tells the user who he
is talking to and what the auth-
orized classification level for the
conversation is, based on the se-
curity clearances of the partici-
pating parties. The display also
prompts the user if he makes a
mistake, such as attempting to go
secure when he has forgotten to
insert the CIK.
FUTURE EVOLUTION
OF THE STU-III
An important consideration
for the future is how the STU-III
family will evolve to cover new
requirements and keep pace with
rapidly changing telecommuni-
cations technology. NSA will
continue its involvement with
the vendors to insure the security
of the product, but it will be up to
the vendors to develop newer,
more flexible versions of the
equipment.
Additions to the product line
could include models for mobile
or hand-held cellular radio appli-
cations, or a unit which provides
wideband capabilities for use in
the coming Integrated Services
Digital Network (ISDN). Also,
the vendors will be able to incor-
porate new technology, such as
sub-micron level VLSI to produce
a smaller, lower cost STU-III in
the years to come. Finally, other
vendors will be able to build STU-
III compatible products to com-
pete with the original three on the
basis of more features, better
service or lower price. What this
means is that the STU-III will be
an evolving product - one that
gets better as time goes on.
John C. Nagengast, is currently the Deputy
Chief of the Future Secure Voice System
Special Project Office (FSVS SPO), the Na-
tional Security Agency. ^
22 JOURNAL of ELECTRONIC DEFENSE ? JANUARY'86
Declassified and Approved For Release 2012/10/26: CIA-RDP90-0053OR000701710002-9 - - -