Home Discussion Topics Dictionary Almanac

Signup Login

STU-III

Overview

STU-III is a family of secure telephone

Telephone

The telephone is a telecommunications device that transmits and receives sound, most commonly the human voice. It is one of the most common household appliances in the developed world, and has long been considered indispensable to business, industry and government...

s introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user (such calls receiving, however, no special protection). However, when a call is placed to another STU-III unit that is properly set up, one caller can ask the other to initiate secure transmission (or, colloquially, to "go secure").

Discussion

Ask a question about 'STU-III'

Start a new discussion about 'STU-III'

Answer questions from other users

Full Discussion Forum

Encyclopedia

STU-III is a family of secure telephone

Telephone

The telephone is a telecommunications device that transmits and receives sound, most commonly the human voice. It is one of the most common household appliances in the developed world, and has long been considered indispensable to business, industry and government...

s introduced in 1987 by the NSA for use by the United States government, its contractors, and its allies. STU-III desk units look much like typical office telephones, plug into a standard telephone wall jack and can make calls to any ordinary phone user (such calls receiving, however, no special protection). However, when a call is placed to another STU-III unit that is properly set up, one caller can ask the other to initiate secure transmission (or, colloquially, to "go secure"). They then press a button on their telephones and, after a 15 second delay, their call is encrypted to prevent eavesdropping. There are portable and militarized versions and most STU-IIIs contain an internal modem

Modem

Modem is a device that modulates an analog carrier signal to encode digital information, and also demodulates such a carrier signal to decode the transmitted information. The goal is to produce a signal that can be transmitted easily and decoded to reproduce the original digital data...

and RS-232

RS-232

In telecommunications, RS-232 is a standard for serial binary data signals connecting between a DTE and a DCE . It is commonly used in computer serial ports...

port for data and fax

Fax

Fax is a telecommunications technology used to transfer copies of documents, especially using affordable devices operating over the telephone network. The word telefax, short for telefacsimile, for "make a copy at a distance", is also used as a synonym...

transmission.
Vendors were AT&T (later transferred to Lucent Technologies), RCA (Now L3-Communications, East); and Motorola.

Versions

STU-III/Low Cost Terminal (LCT) designed for use in office environment by all types of users. (Motorola Sectel 1500, Lucent Technologies/GD 1100 and 1150)
STU-III/Cellular Telephone (CT) is interoperable with all STU-III versions. Works in all continental US mobile network and in most of the foreign cellular networks.
STU-III/Allied (A) specialized version of the STU-III/LCT that is compatible with the STU-II. It retains all basic STU-III functions and capabilities and incorporates STU-II BELLFIELD KDC, STU-II net, and STU-II multipoint modes of operation.
STU-III/Remote Control Interface (R or RCU)
STU-III/MultiMedia Terminal (MMT)
STU-III/Inter Working Function (IWF)
STU-III/Secure Data Device (SDD)
STU-III/CipherTAC 2000 (CTAC)

Security

Most STU-III units were built for use with what NSA calls Type 1 encryption

Type 1 encryption

In cryptography, a Type 1 product is a device or system certified by the National Security Agency for use in cryptographically securing classified U.S...

. This allows them to protect conversations at all security classification levels up to Top Secret

Classified information in the United States

The United States government classification system is established under Executive Order 13292, the latest in a long series of executive orders on the topic. Issued by President George W...

, with the maximum level permitted on a call being the lower clearance level of the two persons talking. At the height of the Commercial COMSEC

COMSEC

The compound word COMSEC is prevalent in the United States Department of Defense culture with hundreds of secondary and tertiary words. Historically, it is originated from COMmunications SECurity; however, in the 21st century, the compound word is used without regards to its origin in thousands of...

Endorsement Program, Type 2

Type 2 encryption

In cryptography, Type 2 products are unclassified cryptographic equipment, assemblies, or components, endorsed by the National Security Agency , for use in telecommunications and automated information systems for the protection of national security information.Note: The term refers only to...

, 3

Type 3 encryption

In NSA terminology, a Type 3 product is a device for use with Sensitive, But Unclassified information on non-national security systems. Approved algorithms include DES, Triple DES and AES .-See also:* Type 1 product* Type 2 product* Type 4 product* NSA Suite B Cryptography* NSA Suite A Cryptography...

, and 4

Type 4 encryption

In NSA terminology, a Type 4 algorithm is an encryption algorithm that has been registered with NIST but is not a Federal Information Processing Standard...

STU-IIIs were manufactured, but they saw little commercial success.

Two major factors in the STU-III's success were the Electronic Key Management System (EKMS) and the use of a removable memory module in a plastic package in the shape of a house key, called a KSD-64A. The EKMS is believed to be one of the first widespread applications of asymmetric cryptography. It greatly reduced the complex logistics and bookkeeping associated with ensuring each encryption

Encryption

In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...

device has the right keys and that all keying material is protected and accounted for.

The KSD-64A contains a 64kbit EEPROM

EEPROM

EEPROM stands for Electrically Erasable Programmable Read-Only Memory and is a type of non-volatile memory used in computers and other electronic devices to store small amounts of data that must be saved when power is removed, e.g., calibration...

chip that can be used to store various types of keying and other information. A new (or zeroized

Zeroisation

In cryptography, zeroisation is the practice of erasing sensitive parameters from a cryptographic module to prevent their disclosure if the equipment is captured. When encryption was performed by mechanical devices, this would often mean changing all the machine's settings to some fixed,...

) STU-III must first have a "seed key" installed. This key is shipped from NSA by registered mail

Registered mail

Registered mail describes letters, packets or other postal documents considered valuable and need a chain of custody that provides more control than regular mail. The mail has its details recorded in a register to enable their location to be tracked, sometimes with added insurance to cover loss....

or Defense Courier Service

Defense Courier Service

The Defense Courier Service ,is established under the United States Transportation Command , and is a global courier network for the expeditious, cost-effective, and secure distribution of highly classified and sensitive material. Operational control of global courier activities is exercised...

. Once the STU-III has its seed key, the user calls an 800-number at NSA to have the seed key converted into an operational key. A list of compromised keys is downloaded to the STU-III at this time. The operational key is supposed to be renewed at least once a year.

The operational key is then split into two components, one of which replaces the information on the KSD-64A, at which point it becomes a Crypto Ignition Key or CIK. When the CIK is removed from the STU-III telephone neither unit is considered classified. Only when the CIK is inserted into the STU-III on which it was created can classified information be received and sent.

When a call "goes secure," the two STU-III's create a unique key that will be used to encrypt just this call. Each unit first makes sure that the other is not using a revoked key and if one has a more up-to-date key revocation list it transmits it to the other. Presumably the revocation lists are protected by a digital signature

Digital signature

A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...

generated by NSA.

While there have been no reports of STU-III encryption being broken, there have been claims that foreign intelligence services can recognize the lines on which STU-IIIs are installed and that un-encrypted calls on these lines, particularly what was said while waiting for the "go secure" command to complete, have provided valuable information.

Use

Hundreds of thousands of STU-III sets were produced and many are still in use as of 2004. STU-III replaced earlier voice encryption devices, including the KY-3

KY-3

The KY-3 is a secure telephone system developed by the U.S. National Security Agency in the early 1960s. The "AN/TSEC" prefix to the model number is a Joint Electronics Type Designation System identifier meaning "Army and Navy, Technical Security Device".According to information on display in 2002...

(1960s), the STU-I

STU-I

The STU-I, like its successors sometimes known as a "stew phone", was a secure telephone developed by the U.S. National Security Agency for use by senior U.S. government officials in the 1970s.-External links:*-See also:*KY-3*Navajo I*STU-II...

(1970) and the STU-II

STU-II

The STU-II is a secure telephone developed by the U.S. National Security Agency. It permitted up to six users to have secure communications, on a time-shared basis. It was made by ITT Defense Communications, Nutley, New Jersey...

(1975). The STU-II had some 10,000 users. These, in turn, replaced less secure voice scrambler

Scrambler

In telecommunications, a scrambler is a device that transposes or inverts signals or otherwise encodes a message at the transmitter to make the message unintelligible at a receiver not equipped with an appropriately set descrambling device...

s. Unlike earlier systems, the STU-III's encryption electronics are completely contained in the desk set. The STU-III is no longer in production, and is being replaced by the STE (Secure Terminal Equipment

Secure Terminal Equipment

Secure Terminal Equipment is the U.S. Government's current , encrypted telephone communications system for wired or "landline" communications. STE is designed to use ISDN telephone lines which offer higher speeds of up to 128k bits per second and are all digital...

) or OMNI

OMNI (SCIP)

The OMNI adds Type 1 secure voice and secure data to any standard analog telephone or modem connected computer. SCIP signalling allows interoperability with other SCIP devices such as the Secure Terminal Equipment phone...

, more modern, all digital systems that overcome many of the STU-III's problems, including the 15 second delay.

STE succeeded STU-III in the 1990s. Similar to STU-III, an STE unit physically resembles an ordinary telephone. Besides connecting to a regular wall phone jack (Public Switched Telephone Network

Public switched telephone network

The public switched telephone network is the network of the world's public circuit-switched telephone networks, in much the same way that the Internet is the network of the world's public IP-based packet-switched networks...

), the STE was originally designed to be connected to Integrated Services Digital Network

Integrated Services Digital Network

Integrated services digital network is a set of communications standards enabling traditional telephone lines to carry voice, digital network services, and video. Prior to ISDN, the phone system was viewed as a way to transport voice, with some special services available for data...

(ISDN) lines. As a result, in addition to having secured voice conversations, users can also use an STE unit for classified data and fax transmissions. Transfer rate of an STE is also considerably higher (STU-III: up to 9 kbit/s; STE: up to 128 kbit/s). Lastly, an STE unit is backward compatible with an STU-III unit when both units are connected to the PSTN.

The heart of an STE unit is the Fortezza Plus (KOV-14

KOV-14

The KOV-14 Fortezza Plus PC card provides encryption functions and key storage to the Secure Terminal Equipment . It is a tamper-resistant module based on the Mykotronx Krypton chip, including all of the cryptographic functionality of the original Fortezza card plus the Type 1 algorithms/protocols...

) Crypto Card, which is a PCMCIA card. It contains both the cryptographic algorithms as well as the key(s) used for encryption. Cryptographic algorithms include BATON, FIREFLY, and SDNS signature algorithm. When the Crypto Card is removed from the STE unit, neither the phone or the card is considered classified. BATON is a block cipher developed by the NSA with a block size of 128 bits and key size of 320 bits. FIREFLY, on the other hand, is a key distribution protocol developed by the NSA. The FIREFLY protocol uses public key cryptography to exchange keys between two participants of a secured call.

Both STU-III and STE are built on technologies that are proprietary, and detail of the cryptographic algorithms is classified (e.g. BATON, FIREFLY). Although the secrecy of the algorithms does not make the device less secure, it does limit the usage to within the U.S. military. The concept of secured voice application is nothing new to the commercial world. Synchronous transmission of confidential information is often necessary for the operation of a business. Many corporations have resorted to the more-available Voice Over IP

Voice over IP

Voice over Internet Protocol is a general term for a family of transmission technologies for delivery of voice communications over IP networks such as the Internet or other packet-switched networks...

(VOIP) technology. However, security of VOIP calls has been limited to compression to make eavesdropping difficult, security by obscurity, and encryption/cryptographic authentication which is not widely available. Within the Department of Defense, VOIP has slowly emerged as an alternative solution to STU-III and STE. The high bandwidth of IP networks makes VOIP attractive because it results in superior voice quality over STU-III and STE. To secure VOIP calls, VOIP phones are connected to classified IP networks (e.g. Secret Internet Protocol Router Network – SIPRNET

SIPRNet

The Secure Internet Protocol Router Network is a system of interconnected computer networks used by the United States Department of Defense and the U.S. Department of State to transmit classified information via the TCP/IP protocol suite in a completely secure environment...

).

Both allies and adversaries of the United States are interested in STU-III, STE, and other secured voice technologies developed by the NSA. To date, there has not been any reported cryptanalysis

Cryptanalysis

Cryptanalysis is the study of methods for obtaining the meaning of encrypted information, without access to the secret information which is normally required to do so. Typically, this involves knowing how the system works and finding a secret key...

on the encryption algorithms used by the STU-III and STE. Any breaks in these algorithms could jeopardize national security

National security

National security is the requirement to maintain the survival of the nation-state through the use of economic, military and political power and the exercise of diplomacy.Measures taken to ensure national security include:...

and, potentially, threaten the lives of citizens both in the United States and allied countries.

Because of the sensitive nature of the subject, there are few relevant documents available on the Internet. The war on terrorism has caused many government agencies to remove any potentially-sensitive information from their websites in the public domain. During the course of research, the majority of the information originates from the manufacturers (e.g. L-3 Communications) of STU-III and STE. As mentioned earlier, the detail of the cryptographic algorithms is considered classified, and is therefore not available. Information about STU-III is very limited despite the fact that it is out of production.