Blocking out eavesdroppers

Defense Department officials have answered the security call: They are using specially equipped wireless phones to help them communicate at the highest classified levels via a commercial network.

The phones are available through an Army blanket purchase agreement recently awarded to T-Mobile USA Inc. to provide secure wireless telecommunications services to DOD.

"Since wireless capabilities have been available, there has been a widespread need for high assurance, secure wireless telecommunications services within the Army and DOD," said Kim Jackson, director of the telecommunications directorate at the Army's new Network Enterprise Technology Command (Netcom). A Global System for Mobile Communications (GSM) service "to communicate mission-critical information is a natural progression in providing secure communication of critical information."

GSM is an open, nonproprietary system with international roaming capability that is used in nearly 200 countries, said Michael Cote, vice president of direct sales at T-Mobile. GSM satellite roaming offers extended access to areas where land coverage is not available.

Jackson said that General Dynamics Decision Systems' (GDDS) Sectera Secure Wireless Phone for GSM will enable government users to communicate securely via commercial GSM wireless networks worldwide.

The phones consist of a clip-in secure module designed for use with the Motorola Inc. Timeport Tri-band phone. They operate via GSM systems in the 900 MHz, 1,800 MHz and 1,900 MHz bandwidths.

The National Security Agency has certified the phones' ability to protect classified communications up to the top-secret level using the Type 1 encryption algorithm available to authorized personnel, according to GDDS officials.

S. Shankar Sastry, chairman of the Department of Electrical Engineering and Computer Sciences at the University of California, Berkeley, said the NSA certification is necessary because GSM itself does not provide enough security.

"If the phone has got end-to-end encryption certified by the NSA for top-secret [communications], you might be able to prevent eavesdropping," Sastry said. "GSM absolutely does not provide adequate security on its own, but if you treat it as an absolutely insecure medium and layer crypto on top of it, it seems plausible you could — at least in principle — build a pretty good solution."

Bellevue, Wash.-based T-Mobile is the only wireless provider in the continental United States operating a nationwide network-based GSM communications technology platform, Jackson said. The one-year BPA, which was awarded Sept. 19 and includes all of DOD, is renewable indefinitely. It will facilitate fielding 10,000 units for the Army during a five-year period.

"Being the only nationwide GSM carrier allows us to do very special service offerings like we're doing for the Army," Cote said. "It allows the DOD to use Sectera phones in the U.S. and around the world where GSM is used in more than 180 countries."

Stan Johnson, business area manager for secure products at GDDS, said the company has already shipped about 9,000 phones and has orders for almost 1,000 more. He added that the challenge has been lining up a GSM carrier for the Sectera phones; GDDS has been working with T-Mobile for more than a year to make that happen.

"This [BPA] makes it easier for all DOD users to know where to go" to purchase secure phones and provides "one place for everybody to order them," Johnson said. He added that since the product's launch in May, significant enhancements have already been made including making the phones completely software-programmable.

***

Security concerns remain

Under a recent blanket purchase agreement with T-Mobile USA Inc. (formerly VoiceStream), the Army will use that company's network, which is based on Global System for Mobile Communications (GSM) technology, to support General Dynamics Decision Systems' Sectera Secure Wireless Phone for GSM.

Still, even with Sectera's security features, some concerns remain, according to S. Shankar Sastry, chairman of the Department of Electrical Engineering and Computer Sciences at the University of California, Berkeley. The two greatest risks are:

* Traffic analysis and denial of service. GSM switches, like all phone switches, are often not well- protected. An adversary might be able to break into them and observe the type and amount of traffic, or shut down all secure calls during a war or crisis. * Eavesdropping. If people use secure wireless phones to discuss classified data in unsecured areas, such as in cars or homes, conversations could be compromised by bugs or other eavesdropping.