13 April 1998: Add link to GSM hack
11 April 1998: Add links to NSA and EIA sources
10 April 1998: Add messages and more
10 April 1998

Date: April 9, 1998
To: cypherpunks@toad.com
From: jya@pipeline.com
Subject: Secure Cell Phones for State

U.S. State Dept Press Briefing 9 April 1998:

Briefer: James Rubin

Now, I have a piece of show-and-tell for you, which I do rarely around
here.  But I thought this was interesting enough, even for you cynical
and jaded journalists.  This is a secure cell phone.  Lieutenant General
Kenneth Minihan, Director of the National Security Agency, presented
Secretary Albright with a bank of Motorola Cipher-Tac 2000 security
modules to provide secure cellular communications.

This state of the art secure voice cellular technology will offer the
highest level of security wherever and whenever the Secretary and her
top advisors need to protect their communications.  So when you see us
carrying this beast around, rather than the slim-line phones we usually
like to use, you'll know that's because we're trying to have a secure
call.  That is not only for the obvious good reason that we want to make
sure nobody is interfering, but we also want to make sure that nobody is
making transcripts and passing them around for a variety of perfidious

So this here is the original, first secure cell phone to be delivered to
Secretary Albright, and we thought you guys might get a kick out of


Would anyone know the security technology of this unit and its support
system? And how it compares to those of competitors in the US and 

From: Adam Shostack <adam@homeport.org> Subject: Re: Secure Cell Phones for State To: jya@pipeline.com (John Young) Date: Fri, 10 Apr 1998 08:42:42 -0400 (EDT) Cc: cypherpunks@toad.com http://www.mot.com/GSS/SSTG/ISD/Secure_Telecom/CipherTAC_2000.html Its a STU-III, operating at 4.8kbps.  Which means that you lose the shit sound of a normal cell phone, only to be replaced by the shit sound of a 4800bit codec. It is *not* recoverable encryption, because as the NSA and State both know, there are security risks there.  And we all know that our country's most valuable secrets are transmitted by people like Madeline Albright, and thus deserve better protection than can be offered by recoverable systems. Adam
Date: Fri, 10 Apr 1998 09:25:01 -0700 (PDT) From: Phil Karn <karn@qualcomm.com> To: jya@pipeline.com CC: cryptography@c2.net, karn@qualcomm.com Subject: Re: Secure Cell Phones for State I don't know about the Motorola phones, but a while back Qualcomm built a bunch of prototype secure CDMA phones for NSA under a contract project called "Condor".  They insisted on hardware encryption, originally using Fortezza PCMCIA cards but later it became apparent that they really wanted STU-III. So we had to build a PCMCIA adapter that stuck on the back of a Qualcomm CD-7000 (our first generation CDMA portable, never sold on the market in large quantities). This must all be public info, because NSA took photos of the units and put them up in the National Cryptologic Museum. Phil
Date: Fri, 10 Apr 1998 16:30:24 -0400 From: Dave Emery <die@die.com> To: Phil Karn <karn@qualcomm.com> Cc: cryptography@c2.net Subject: Re: Secure Cell Phones for State On Fri, Apr 10, 1998 at 09:25:01AM -0700, Phil Karn wrote: [snip] Am I missing something here, or are the STU III "add ons" for your phones and Motorola's full STU III implementations with integrated modems and/or some provision for getting off the cell system as V.32 modem tones to directly connect to a STU III on the other end ?   This would allow direct interoperation with all the other hundreds of thousands of STU IIIs in offices and scattered throughout the federal and POTS telephone networks...    Much more useful than Fortezza cards since a STU III capability allows end to end encryption of any desired security level over the standard phone system to the large installed base of land line STU IIIs without requiring that the serving MTSO (mobile telephone switch) have any access to the RED (secure) side of the call with all the guards, and vaults and TEMPEST sheilding and so forth this implies.   This allows use of the phones almost anywhere. The only way that Fortezza would be useful is in establishing links to another Fortezza phone or to some sort of trusted intermediary that handled the conversion to STU III, which would of course add delay to the talking path and make the whole thing more brittle and cumbersome than having the cellphone able to talk STU III directly. Of course if there was a large base of Fortezza phones things might be different. -- Dave Emery N1PRE,  die@die.com  DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18
Date: April 10, 1998 From: John Young <jya@pipeline.com> To: cryptography@c2.net Subject: Secure Cell Phones for State Motorola's site is informative (thanks for the pointers and comments), and perhaps cannot reveal the detail needed to compare security level to other systems in the US and other countries. Dave Emery probes the tech questions a bit and I'll go further, with Adam Shostack and others, to ask as a citizen why we cannot purchase the level of cell phone privacy that our gov and mil folks can with our money (a return to the NSA-crippled algo of CMEA and CAVE). There has been some discussion of this on UK Crypto about the various telco security systems in Europe and the same critique of a double standard has been made. Cell phone manufacturers would have a big stake in who gets the best security to the global public first. Moreover, as Scientific American points out in its special section this month, applications of wireless technology are rapidly growing for a host of new information distribution, collection and interactive purposes. The need for security of this data floating through the spectrum could hardly be greater, not only for privacy but for prtoection against tampering, insertion of disinformation, and a variety of new ways to warp data to fit schemes the owners and originators never dreamed of. Is end to end encryption of the STU-III sort going to be needed for all wireless or is there other plans in the works at TLAs and TIAs? It would be greatly appreciated if those who may be tongue-tied by NDA and worse, if we were pointed in the right direction by, say, semaphore, to the likely places where we can dig out, say, by FOIA, what we need to know about Albright-privileged wireless security. Finally, are the TAC-2000 units useful for the Secretary's global travels? If so, are they supported by military networks overseas? Or do American officials use a different system when traveling? Note: We're commencing a log of this discussion of this topic from several lists at:    http://jya.com/tac-2000.htm
Date: Fri, 10 Apr 1998 16:00:34 -0700 From: koontz@netapp.com (David Koontz) To: die@die.com, karn@qualcomm.com Subject: Re: Secure Cell Phones for State Cc: cryptography@c2.net [snip Dave Emery message] There is a thing called Fortezza-Plus or Krypton which adds Type I encryption to a PCMCIA card.  This is the basis of the STE (STU-III replacement phones), whose other major feature upgrade includes ISDN. url <http://www.nsa.gov:8080/programs/missi/stepg.html> There is a link to L3 Corps web page but not to the Motorola page (maybe they lost a contract?).
Date: Fri, 10 Apr 1998 21:21:06 -0400 From: Dave Emery <die@die.com> To: John Young <jya@pipeline.com> Cc: cryptography@c2.net Subject: Re: Secure Cell Phones for State On Fri, Apr 10, 1998 at 07:00:14PM -0400, John Young wrote: > > Finally, are the TAC-2000 units useful for the Secretary's > global travels? If so, are they supported by military networks > overseas? Or do American officials use a different system > when traveling? Reading the Motorola specs makes clear that the CipherTAC 2000 module interfaces an analog cellphone (AMPS NAMPS or ETACS) using V.32 modem tones at 4.8 kbs to remote STU IIIs.  This would make these phones useful anywhere analog service was available.  Security (and voice quality) would be the same as STU III, EG end to end Type I with up to Top Secret possible. The product sounds like a Newt memorial quick fix... Most places the Secretary travels actually use GSM phones rather than the various US digital systems, although many of those places still have some of the AMPS analog stuff or the European version of it (ETACS) still operating so the cipherTAC-2000 would probably still work. I do know that within the US the WHCA people have been using cellphone STU III links to the President's limos for years (but the primary secure system called Yankee/Zulu is set up by WHCA at the trip site and operates on Federal VHF frequencies using military crypto gear and a direct satellite link back to the White House Secure Switchboard (Royal Crown) from a satellite terminal located at the USSS/WHCA command post). How much of the time the WHCA limos use special digital CDPD links and how much they use plain old AMPS with modem tones I don't really know. Both military (UHF fleetsat) and INMARSAT satellites are extensively used by traveling diplomats to call home, one suspects often in preference to using local telephone systems.   Both of these satellite systems support secure voice (INMARSAT directly supports use of STU IIIs).  The terminals use portable dish antennas carried in baggage and unfolded and pointed at the satellite from hotel or conference sites.   A hand carried STU III cellphone would be more conveniant for diplomats than the satcom terminals and might have significantly lower delay and easier talking as a result. I think the general intent is to provide cell phones that can interoperate with STU IIIs as the primary method.   Old fashioned analog cell phones can carry modem tones and be used with variable results with ordinary STU IIIs (the same problems with modem tones over cell apply here as they do to other data over analog cell - dropouts, bursts of errors, renegotiation of connections etc).   Digital cell phones cannot carry high speed modem tones directly and need to be interfaced to devices at the MTSO that offload the digital data and shovel it down a regular modem toward the far end.   To the extent that such devices are provided by the network infrastructure a digital cellphone can be used for secure voice.   But see Phil's comment on this. -- Dave Emery N1PRE,  die@die.com  DIE Consulting, Weston, Mass. PGP fingerprint = 2047/4D7B08D1 DE 6E E1 CC 1F 1D 96 E2  5D 27 BD B0 24 88 C3 18
Date: Fri, 10 Apr 1998 18:56:16 -0700 To: John Young <jya@pipeline.com> From: Steve Schear <schear@lvdi.net> Subject: Re: Secure Cell Phones for State >Finally, are the TAC-2000 units useful for the Secretary's >global travels? If so, are they supported by military networks >overseas? Or do American officials use a different system >when traveling? The TAC-2000's analog protocols, AMPS, NAMPS, JTAC and ETAC, support all ITU regions (the Americas, including the Caribbean), Africa, Europe, Asia and Asia Pacific. --Steve PGP mail preferred, see  http://www.pgp.com and http://web.mit.edu/network/pgp.html RSA fingerprint: FE90 1A95 9DEA 8D61  812E CCA9 A44A FBA9 RSA key: http://keys.pgp.com:11371/pks/lookup?op=indexsearch=0x55C78B0D --------------------------------------------------------------------- Steve Schear              | tel: (702) 658-2654 CEO                       | fax: (702) 658-2673 Lammar Laboratories       | 7075 West Gowan Road      | Suite 2148                | Las Vegas, NV 89129       | Internet: schear@lvdi.net ---------------------------------------------------------------------

Source: http://www.mot.com/GSS/SSTG/ISD/Secure_Telecom/CipherTAC_2000.html


CipherTAC® 2000 Security Module
STU-III Compatible Cellular Voice Security

The Motorola CipherTAC security module adds STU-III compatible secure voice communications to the handy MicroTAC Elite® flip phone. By simply sliding the security module between the battery and the phone, wireless security is proviuded to U.S. Government, military and approved agency users. Remarkably, the module adds less than an inch to the thickness of the entire phone and is interoperable with desktop and tacktical STU-IIIs incorporating 4.8 kbps voice technology. Currently configured to be operable with AMPS, NAMPS and ETACS cellular infrastructure, the CipherTAC 2000 security module provides transparent security at the push of a button, while maintaining the superior voice quality you expect from Motorola.




Physical Characteristics

CipherTAC Line Drawing


STU-III compatible design Enables STU-III and STE interoperable secure voice communications operating at 4.8 kbps.

LED and audible signal Provides security status via the MicroTAC Elite LED display and audio messages.

Low power consumption Ensures extended battery life and longer use.

Single key press security Easy to activate and de-activate

Slides between the phone and the battery No tools or extra parts are required to attach the CipherTAC 2000 to the MicroTAC Elite flip phone

Software upgradable Allows you to add or enhance features via authenticated software download

PIN entry Provides access control only to required users

Zeroize Zeroization of the CipherTAC 2000 via the MicroTAC Elite keypad

Elite accessories Compatible with MicroTAC Elite accessories including the 3 watt booster, battery charger, external antenna, cigarette lighter adaptor, cellular connection box

STU-III authentication Authentication messages provided on MicroTAC Elite LED display

Talk time 1.75 hours on a 3-hour battery in secure mode
2.75 hours on a 3-hour battery in clear mode

Standby time 24 hours on 3-hour battery


Field to garrison

Capitol Hill to office


Large warehouse/depot environments

Remote locations

Forward deployable units with portable cell site

Mobile users

Launch sites

Logistics/shipping operations

Surveillance/covert activities


Voice coding: CELP at 4.8 kbps

Encryption: STU-III compatible

Modulation: V.32 operating at 4.8 kbps

Power: Less than 2.0 watts in secure
Less than 0.8 watts in clear
Less than 0.2 watts in power down

Physical Characteristics

Length: 6.163 inches

Width: 2.345 inches

Depth: .60 inches

Weight: Less than 5 ounces

Color: Charcoal

Source: http://www.mot.com/GSS/SSTG/ISD/Secure_Telecom/CipherTAC_2000_Line.html

CipherTAC® 2000 Security Module and Cellular Phone

CipherTAC 2000 Cellular Phone

National Security Agency information on Secure Voice, Data and Video Communications:



STU-III - Secure Telephone Unit, 3rd Generation.

STU-IIIs are the standard secure telephone for the U.S. Government, used by people at all levels: the President and his Cabinet, Congress, the military, civil agencies, law enforcement, government contractors and research institutions. The major goals of the STU-III program were to provide an affordable secure telephone that fit conveniently on a desk, was easy to use, and worked over the public telephone network. The first STU-IIIs became available in 1987. Since then, over 300,000 STU-IIIs have been fielded. Continual improvements have enabled the STU-III family to evolve to support many applications. They provide security for voice conversations and data communications such as faxes, computer-to-computer file transfers, and video.

NOTE: STU-IIIs are available for purchase by U.S. Government users. Contact 1-800-GO-MISSI.

STU-III Vendors

(Only Currently Available Products Are Displayed)

Lucent Technologies Products

Motorola Products



STEs are the next generation of secure voice and data equipment for advanced digital communications networks, such as Integrated Services Digital Network (ISDN).

Several factors prompted the development of an evolutionary successor to the STU-III:

The STE consists of a host terminal and a removable security core. The host terminal provides the application hardware and software. The security core is a FORTEZZA® Plus cryptographic card, which provides all the encryption and other security services.

The first STE products will use both the Integrated Services Digital Network (ISDN) and the analog Public Switched Telephone Network (PSTN). ISDN provides the speed and high quality digital connections that enable toll quality secure voice (32 kbps vs. 4.8 kbps), faster data rates (up to 128 kbps vs. 9.6 kbps), secure three party conferences and STU-III compatible modes. When connected to PSTN, STEs will emulate STU-IIIs. STEs will be software upgradeable to provide future enhancements to fielded products.

Digital networks give people the power to perform their missions faster and more efficiently. STE lets them do it securely.

NOTE: STEs are available for purchase by U.S. Government users. Contact 1-800-GO-MISSI.


One vendor is developing the STE:

L3 Communications

NOTE: You will exit the Secure Voice, Data and Video Communications pages when you activate this WWW link.

NOTE: This product has not been evaluated by NSA nor has it been endorsed by NSA.



FORTEZZA-Plus (KOV-14) - All keys and cryptography used by the STE are contained inside a FORTEZZA Plus cryptographic card. Without a FORTEZZA Plus, the STE cannot be used in secure modes. The FORTEZZA Plus is loaded with STE key for STE secure modes, and STU-III key when STU-III interoperability is needed. Both kinds of key are ordered from the Central Facility. Typically, a FORTEZZA Plus will be issued to each user. The FORTEZZA Plus is accountable within the COMSEC Material Control System by serial number (accounting legend code-1), and is unclassified when separated from its associated STE terminal.

FORTEZZA Plus is an evolutionary member of the FORTEZZA PC card family, providing additional security capabilities. The Government algorithms employed in the FORTEZZA Plus card can provide security services to protect information of any classification level, although system security capabilities depend on many other components. The FORTEZZA Plus algorithm set maintains backward interoperability with the FORTEZZA Sensitive But Unclassified (SBU) security services.

The MISSI Security Management Infrastructure (SMI) is targeted to assume responsibility for initializing FORTEZZA Plus cards. Until then, FORTEZZA Plus cards will be initialized by the Electronic Key Management System (EKMS).

FORTEZZA® is a registered trademark of the National Security Agency

Standards for STU-III Systems

[Note these are links to ordering hardcopy, online versions not available]


Isotel Research Ltd.

Wireless Communication Standards (North-American)

This document provides a sorted index into TIA/EIA Standards for cellular and PCS communication. (Wouldn't it be nice if the TIA/EIA made standards available on-line...)

Electronic Industries Association



800 MHz Cellular Systems TDMA Services STU III

Committee: TR-45.3

Issued: 08/25/95



STU III Service Option for Wideband Spread Spectrum Systems

Committee: TR-45.5

Issued: 05/10/95

For more information and how to order

Electronic Industries Association

For information on NSA-weakened security technology for cellular phones in U.S. systems see: