Last month, on November 4, 2012, the National Security Agency (NSA) of the United States celebrated it's 60th anniversary. The NSA is one of the world's largest intelligence agencies, responsible for gathering foreign signals intelligence and protecting domestic communications.
For this diamond anniversary, NSA published a full color illustrated publication (available here in PDF) with an interesting overview of its history. In this booklet there are also nice pictures, some of them unseen until now:
President George H.W. Bush using a secure Motorola STU-III telephone. Such a phone was placed everywhere where the president stayed during a travel, so he was able to always place secure calls. This purpose is also indicated by the plate below the phone. It's not clear what the white device is for. This black Motorola STU-III still served in this function, when president George W. Bush was calling during his stay at the elementary school on September 11, 2001. (Photo: NSA - Click for a bigger version)
The new National Security Operations Center (NSOC) at the NSA This center was established in 1968 as the National SIGINT Watch Center (NSWC) and renamed into National SIGINT Operations Center (NSOC) in 1973. This "nerve center of the NSA" got its current name in 1996. (Photo: NSA - Click for a bigger version)
The NSA/CSS Threat Operations Center (NTOC) at the NSA From left to right we see a black STE secure phone, an unidentified, but quite common black phone, and a white Nortel M3904 phone, which is connected to the NSA Secure Telephone System (NSTS). (Photo: NSA - Click for a bigger version)
Many more new pictures and also newly declassified documents can be found via the timeline at the 60th anniversary-page on the NSA-website!
Earlier this year, NSA also cooperated with the National Geographic Channel in making what is said to be the first documentary about this agency since the 9/11 attacks in 2001:
With a close look at this video, we can recognize a number of different telephone systems used at the NSA. Some of them we already mentioned here earlier, more of them we will discuss sometimes later on at this weblog.
Update January 12, 2014:
After the Snowden-scandal, a new television report with some unique insights into the NSA was broadcasted in the CBS 60 Minutes show on December 15, 2013.
In a previous article we discussed the Washington-Moscow Hotline, being the most famous bilateral hotline. It was soon followed by direct communication links between a number of other countries with nuclear capabilities. In general these hotlines started as teletype connection, being upgraded with facsimile units in the eighties and were eventually turned into dedicated secure computer networks. An exception is the hotline between Washington and London, which was a phone line already since 1943.
These hotlines between the heads of governments, are meant to prevent (nuclear) war in times of severe crisis. For preventing misunderstandings and miscommunications in less critical situations, countries have also set up lower level telephone hotlines between their defense or foreign ministers. For example, the United States has so called Defense Telephone Links with at least 23 other states.
Overview of both top level and lower level bilateral hotlines worldwide reflecting political and military relationships between countries (Click for a bigger version)
UNITED STATES - RUSSIA - In 1963 the United States and the Soviet Union established the Direct Communications Link (DCL) or Washington-Moscow Hotline. This highly secured connection originally used teletype machines, which were replaced by facsimile units in 1988 and is using e-mail since 2008. - In 1990 both countries agreed to establish a direct, secure telephone link between Washington and Moscow. This might be the Direct Voice Link (DVL), which is maintained by the White House Communications Agency.
Between the US and Russia there are also the following lower level communication links:
- In 1988 the Nuclear Risk Reduction Center (NRRC) was established at the US Department of State, which is used to exchange information in support of arms control treaties. After the split-up of the Soviet Union this secure data exchange connection, called Government-to-Government Communication Link (GGCL), was extended to Ukraine, Belarus, and Kazakhstan. - In 2000 the US and Russia signed an agreement for the establishement of a Joint Data Exchange Center (JDEC) to share early warning information on missile and space launches to reduce the risk that a test launch could be misread as a missile attack. It's not clear whether this center has already been realized or not.
Besides these bilateral hotlines with Russia, the United States also has the following lower level communication links with other nations:
- There is a secure telephone line called Foreign Affairs Link (FAL) between the US Department of State and Russia (since 1999), Japan, Mexico, Germany and Israel.
- There is a Defense Telephone Link (DTL) between the US Department of Defense and Russia (since 1994), China (since 2008), Albania, Oman, Qatar, Latvia, Lithuania, Slovenia, Saudi Arabia, Ukraine, Bulgaria, Kuwait, Estonia, Slovakia, Kazakhstan, Macedonia, Bahrain, Israel (since 1996), United Arab Emirates, Poland, Romania, Czech Republic and Austria.
- In September 2011, the United States proposed opening a direct military hotline with Iran to avoid a possible conflict erupting over the Iranian nuclear program. Tehran declined the offer.
UNITED STATES - UNITED KINGDOM - During World War II, two decades before the hotline Washington-Moscow was established, there was a hotline between the Cabinet War Room bunker under Downing Street and the White House in Washington. From 1943-1946 this link was made secure by using the very first voice encryption machine, called SIGSALY. In the fifties and sixties the Washington-London hotline was secured by the KY-9, probably succeeded by the KY-3 voice encryption devices. Eventually, the British prime minister was directly connected to the US Defense Red Switch Network (DRSN).
UNITED STATES - GERMANY - In 1969 president Nixon offered the German prime minister (Bundeskanzler) to set up a secure teletype hotline, like the US already had with Moscow and London. Earlier, president Johnson had called kanzler Erhard by using a standard phone line.
UNITED STATES - SPAIN - The Spanish prime minister José Maria Aznar (1996-2004) was so often in contact with US president George W. Bush, that a special phone line was installed in his office in the Moncloa palace, exclusively for phone calls to the White House. One of those phone calls was just before the war in Iraq and both leaders also talked about developments in South America.*
UNITED STATES - CHINA - On April 29, 1998 the United States and China signed an agreement to set up a direct telephone link between the presidents of both countries. - On February 29, 2008 both countries agreed to set up a Defense Telephone Link (DTL) between the US Department of Defense and China’s Ministry of National Defense, which became operational in April 2008. Until 2011 this hotline was used only four times.
RUSSIA - CHINA - A hotline connection between Moscow and Bejing was used during the 1969 frontier confrontation between the two countries. The Chinese however refused the Russian peace attempts, and informed Moscow that the direct communications link "was no longer "advantageous" and normal diplomatic channels would suffice". After a reconciliation between the former enemies, the hotline between China and Russia was revived in 1996.* It's not clear whether this hotline is for record or voice communications. - A telephone hotline between the defence ministries of Russia and China became operational on March 14, 2008.
RUSSIA - NORTH KOREA - Apparently there was a facsimile-hotline between Moscow and Pyongyang, which was used in 1968, when North Korea captured the American spy ship USS Pueblo.*
RUSSIA - FRANCE - Since 1966 there was a direct teletype connection between the French president and the Kremlin. In 1989 the teletype equipment was replaced by high speed facsimile units.*
RUSSIA - UNITED KINGDOM - Since 1967 there was a direct teletype connection between the British prime minister and the Kremlin. In 2011 this hotline was upgraded to a better-encrypted telephone link.
RUSSIA - GERMANY - In 1989 a facsimile connection was established between the West-German capital Bonn and Moscow.* The Soviet Union also had a hotline with Erich Honecker as leader of the former East-German Republic (DDR). During a short period before East and West Germany were united in 1991, there was a hotline between Honecker and the West-German Bundeskanzler Helmut Kohl.*
ISRAEL - EGYPT - In 2009 Israeli prime minister Ehud Olmert and Egyptian president Hosni Mubarak agreed to pass on relevant intelligence information immediately using a hotline, primarily to combat smuggling from Sinai into the Gaza Strip.
INDIA - PAKISTAN - In 2004 India and Pakistan agreed to set up a secure hotline between their foreign ministers, aimed at preventing misunderstandings that might lead to nuclear war. - In 2011 both countries agreed to set up a 24/7 non-encrypted hotline between their interior ministers, that will facilitate real-time information sharing on terrorist threats. The Director-General of Military Operations of the two countries already had a hotline.
INDIA - CHINA - Since 2005 there's a non-encrypted hotline between the foreign ministers of India and China for building "mutual political trust". - In 2009 both countries agreed to set up a direct, secure telephone link between the Chinese premier and Indian prime minister, which was meant as a confidence building measure and to maintain regular contacts at the highest level. The agreement for this hotline was signed in April 2010.
INDIA - RUSSIA - There's also a non-encrypted hotline between Delhi and Moscow, which was established before 2009.
SOUTH KOREA - NORTH KOREA - An existing direct communication line between North and South Korea was cut off by North Korea on May 26, 2010. This hotline was reopend in January 2011 and was maintained by the international Red Cross. North Korea again cut off this hotline on March 11, 2013.
CHINA - SOUTH KOREA - In September 2012, China and South Korea agreed to set up a consular hotline between their defense ministries to protect rights of their citizens who are staying in the other country. In April 2013 both countries agreed to set up a second, 24-hour hotline to deal with the rising tension over North Korea.
CHINA - VIETNAM - In June 2013, China and Vietnam agreed to set up a naval hotline between their defense departments, in order to keep a peaceful and secure maritime environment in the South China Sea, amid escalating maritime tensions over disputed South China Sea islands.
In 2010, China and Japan agreed to establish a hotline between their political leaders, following a series of naval incidents, but the plan wasn't realized. Defence officials of the two countries also agreed in 2011 to set up a military-to-military hotline by the end of 2012, but the talks stalled due to heightened tensions over the territorial row. In February 2013, Japan again suggested to establish a China-Japan hotline, and reiterated this once again in January 2014.
When more information about these hotlines becomes available, it will be added here. Some of the most notable bilateral hotlines will be discussed later on this weblog.
Last week, David Petraeus resigned as director of the Central Intelligence Agency (CIA), after admitting he had an extramarital affair with his biographer Paula Broadwell. This led to many news reports and also many pictures on the internet.
Some of them give a nice look at the telecommunications equipment which general Petraeus used when, from July 2010 to July 2011, he was commander of the International Security Assistance Force (ISAF) in Kabul, Afghanistan:
ISAF Commander Petraeus being interviewed by Paula Broadwell (Photo: paulabroadwell.com, date unknown)
In this picture we see the following telecommunication devices:
Video conferencing screens On Petraeus' desk we see two Centric 1700 MXP video teleconferencing screens, made by the Norwegian manufacturer Tandberg. In 2010 this company was bought by Cisco Systems, and so the 1700 MXP screens are often used by US military officials. They are equipped with a HD camera and have a widescreen LCD screen, which operates both as a video conferencing system and PC display.
STE Left of the personal computer screen we see a Secure Terminal Equipment (STE), made by L3 Communications. The STE is a phone capable of encrypting calls up to the level of Top Secret/SCI. This phone can be used to have a secure line to anyone with a similar device.
IST-2 Right behind the chair of commander Petraeus is an Integrated Services Telephone 2 (IST-2), made by Telecore Inc. This is a so called "red phone", which is part of the Defense Red Switch Network (DRSN), connecting all mayor US command centers and many other military facilities. This is the primary telephone network for military command and control communications.
VoIP phones In the picture above we see three of four Voice over IP (VoIP) phones: at the right end a Cisco SPA and the other three being phones from the Cisco 7970-series. It's likely each of these phones is part of a separate telephone network. Nowadays many military phone networks use Voice over IP, often with Cisco IP phone sets. These phones have no encryption capability, but their voice data networks can easily be secured with specific network encryptors. In the picture below we can see al four VoIP phones, neatly aligned on a shelf and with an organizational chart at the left side of them:
General David Petraeus in his office at the ISAF headquarters in Kabul. (Photo: Adam Ferguson/The New York Times, March 8, 2011)
Printers Also in this picture we see three printers on a table at the left side of the room. Apparently there are separate printers for different computer networks, in order to keep documents of different classification levels separated. At the upper left corner of the front of at least the first two printers we can see the colored classification labels: a green sticker for Unclassified materials on the printer in the foreground and a red sticker for materials classified as Secret on the printer in the middle. The third printer seems to have no marking, but we can assume this one is for Top Secret (orange sticker) or Classified SCI (yellow sticker) documents.
This kind of communications equipment is typical for US military commanders in similar positions. Therefore one can quite easily recognize it also on other pictures of American military commanders and command centers. Contrarily, pictures in which we can see the equipment used in Petraeus' last office, that of director of the CIA, are very rare - but we keep looking!
UPDATE February 5, 2013:
A reader of this weblog kindly noticed me of another picture of general Petraeus in his office, with clearly visible another kind of communications device. It's an HH2G Tetrapol handheld radio device, sitting in a desktop adapter, so it can be more or less used like a phone:
General David Petraeus in his office in ISAF headquarters in Kabul, Afghanistan (Photo: Chris Hondros/Getty Images Europe, October 21, 2010)
The Tetrapol secure voice and data radio network was installed in 2004 by Cogent Defence and Security Networks, the UK operating company of EADS Defence and Communications Systems Group. This trunked Tetrapol ISAF Command Network, with end-to-end security, provides command communications coverage for the NATO Area of Responsibility in the Kabul region.
In October 1962, the Cuban Missile Crisis ended and the world was saved from falling into a nuclear war. In order to prevent this risk in the future, the United States and the Sovjet Union established a direct communication line between their two capitals in August 1963. This Washington-Moscow Hotline became one of the most famous top level communications systems in modern history.
In popular culture, the Washington-Moscow Hotline is often called the Red Phone, and therefore many people think it's a telephone line, with a red phone set on the president's desk. However, this is false: the Hotline was never a phone line, but instead set up as a teletype connection, which in 1988 was replaced by facsimile units. Since 2008 the Hotline is a highly secure computer link over which messages are exchanged by e-mail.
Given the growing threat of a nuclear war, leaders in Washington and Moscow realized already in 1954 that a direct line of communications between their two nations was needed to prevent such a disaster. The Soviets floated the idea publicly for the first time that year, and in 1958 the United States proposed that both nations take part in the Conference of Experts on Surprise Attack in Geneva, Switzerland.
Also in 1958 the political economist and nuclear strategist prof. Thomas Schelling proposed the idea of a hotline between both super powers. A direct phone line also featured in the novel Red Alert by Peter Bryant from the same year. Based upon this novel was Stanley Kubrick's 1964 film Dr. Strangelove, both showing how a nuclear war breaks out because of bad communications.
What shaped people's imagination: the American president (right), assisted by the Russian ambassador, calling his Soviet counterpart in the 1964 film Dr. Strangelove
In 1960, Jess Gorkin, editor of the magazine Parade, published an open letter in his magazine to President Dwight D. Eisenhower and the Soviet leader Nikita Khrushchev, concluding with: Must a world be lost for want of a telephone call? However, the military and diplomats of the State Department didn't like the idea of the president talking behind their backs with the Russians and reportedly objected the proposal of a direct line.
During the Cuban Missile Crisis in October 1962 it clearly came out that the existing ways of communicating between Washington and Moscow were too slow for the events happening. It took Washington nearly 12 hours to receive and decode Khrushchev's 3,000 word initial settlement message.
By the time a reply had been written and edited by the White House, Moscow had sent another, tougher message. Under severe time pressure, both leaders ultimately decided to communicate through the media. After the crisis was resolved, the hot line proposal became an immediate priority.
After some negotiations, the United States and the Sovjet Union signed an agreement about establising a Direct Communications Link on June 20, 1963 in Geneva. The official American name for the Hotline is Direct Communications Link (DCL), but US technicians often call it MOLINK, being a military style abbreviation for "Moscow-link".
Installation
On July 13, 1963, only a month after signing the agreement, the United States sent four sets of teleprinters with Latin alphabet to Moscow for their terminal. This was done via US ambassador Averell Harriman's plane. Another month later, on August 20, the Soviet equipment, four sets of teleprinters with Cyrillic alphabet, arrived in Washington. The cipher machines for encrypting the Hot Line messages came from Norway. According to the agreement, all these machines should be accompanied by a one years supply of spare parts and all the necessary special tools, test equipment, operating instructions and other technical literature.
Russian technicians preparing the equipment for the new Hotline in the Central Telegraph Bureau in Moscow. In the foreground we see the East German T-63 cyrillic teleprinter. (Photo: TASS via AP, July 17, 1963)
News report of the Russian teleprinters being installed at the Pentagon
Two unique color film fragments of the Russian teleprinters arriving and being installed at the Pentagon can be seen here: Part 1 - Part 2
The new Hotline became operational on August 30, 1963, by transmitting the first test messages. Washington sent Moscow the text The quick brown fox jumped over the lazy dog's back 1234567890, which is a so called pangram of all letters and numbers of the Latin alphabet. The Soviets sent back a poetic description of Moscow's setting sun.
When the Hotline was established in 1963, it was a full-duplex teletype channel, which was routed trough telephone cables from Washington, over the undersea Transatlantic Cable No. 1, to London, and from there to Copenhagen, over Stockholm and Helsinki to Moscow. In London, the Washington-Moscow Hotline cables were connected by a secure telephone exchange, situated in a huge underground tunnel complex, The Kingsway Tunnels, built during World War II:
This cable connection was for the political communications, but appeared not fully fail safe: the cable was accidently cut several times, for example near Copenhagen by a Danish bulldozer operator and by a Finnish farmer who plowed it up once.
Besides this wire line link, there was a full duplex teletype radio circuit, routed from Washington via Tangier (Morocco) to Moscow. This was for service communications and served as a back-up.
The Hotline terminals
In Moscow, the terminal of the Hotline was supposed to be in the Kremlin, somewhere next to the office of the prime minister. However, Soviet leader Leonid Brezhnev once told a group of Moscow-based American journalists, that their terminal was on the opposite side of Red Square, in the Communist Party headquarters. The Russian terminal was manned by civilians, the American one by the military.
An East German T-63 teleprinter, used at the Moscow terminal of the Hotline (Photo from an exhibition at the Russian Archives)
On the American side, there are Hotline terminals at these four locations: - The National Military Command Center (NMCC) in the Pentagon - The Alternate National Military Command Center (ANMCC) in the Raven Rock Mountain - The military communications center in the White House - An unknown location in the State Department
Pentagon Terminal
The primary US terminal is at the National Military Command Center (NMCC) in the basement of the Pentagon. There, the Direct Communications Link is a joint staff operation under the control of the Joint Chiefs of Staff J-3 Operations Directorate. The NMCC is responsible for routine testing of the Hotline and for the receipt, transmission and translation of the messages by highly qualified translators.
The terminal is manned by six teams of two man each, working in 8-hour shifts and led by a commissioned officer acting as Presidential Translator (PT). For the routine shift operations, the Hotline personnel falls under the command of the flag officer in charge of the NMCC. But when a real message from Moscow arrives, the doors of the terminal room are closed and locked and the personnel becomes subject directly to the president himself.
White House Terminal
When in June 1967 the Soviets sent their first message, secretary of defense Robert McNamara found out that the Hotline ended in the NMCC, instead of at the White House, as he had expected. McNamara ordered a quick patch from the Pentagon to the White House, which was later formalized by installing an ancillary terminal in the military communications center of the White House Communications Agency (WHCA) in the East Wing basement. From there, incoming messages from the Hot Line were sent to the Situation Room under the West Wing, first by pneumatic tube and later, after computers were installed in both rooms, by data transmission.
The White House terminal also has the capability to send and receive messages and has additional privacy and override features which will allow it to "lock out" other Hotline terminals. The White House terminal is manned and operated by White House personnel of the WHCA.
Other US Terminals
Another Hotline terminal is located at the Alternate National Military Command Center (ANMCC), which is situated in the Raven Rock Mountain and serves as a back up facility for the Pentagon. This terminal has the capability to serve as an alternate center for originating and receiving messages. The ANMCC terminal is manned and operated by NMCC personnel, which is also responsible for the periodic testing of this terminal. According to a 2013 report, the Hotline also has a link to the State Department.
In a paragraph classified as Secret of the 1985 presidential directive about the operation of the Hot Line, which in the meanwhile has been declassified, it was said that at the sole discretion of the president, additional locations for access to the Hotline may be established. The existence of these sites should be classified as Secret.
The interior of an East German T-63 SU12 teletype printer as photographed in the National Cryptologic Museum of the NSA. At the left we see a green box containing the key tape. (Photo: Wikipedia - click for a bigger version)
Record communications
Contrary to the myth of a phone line, the Washington-Moscow Hotline has always been for record communications. The idea behind this is that a telephone link could increase the possibility of misunderstanding rather than eradicate it. In times of crisis, mistakes come at a high price. Exchanging written messages gives both parties time for reflection and responding after deliberation. The telephone does not allow this latitude, but on the contrary compels a response of some sort, which can result in a misguided reply or a misunderstood answer.
Another reason for the Hotline not being for phone conversations was of technical nature: in the sixties it was hardly possible to realize voice encryption strong enough for top level communications. From the mid-seventies some better techniques were developed, but these were secret national algorithms, which of course couldn't be shared with the Soviets. Unclassified commercially available voice encryption was hardly secure.
1963: Teletype equipment
The original teletype equipment of the Washington-Moscow Hotline consisted of the following machines: - Teleprinters with Latin alphabet: Model 28 ASR, made by the Teletype Corp. - Teleprinters with Cyrillic alphabet: T-63 SU12, made by VEB Messgerätewerk Zwönitz in East Germany, based on the earlier Siemens T-37 teleprinter.
For the encryption of the messages, each of these teleprinters was connected to an ETCRRM II machine, which will be discussed later on. We can clearly see the equipment in this picture of the Hotline terminal room at the Pentagon:
The Washington-Moscow Hotline terminal room in the NMCC at the Pentagon, 1966. At the left side, there's the Teletype Corp. Model 28 ASR teleprinter in the foreground, two black ETCRRM II encryption machines in the middle, and top left a T-63 SU12 teleprinter. This arrangement is mirrored at the right side of the room. (Photo: June 1966)
As we can see by comparing the previous picture with the next one, the Hotline equipment in the Pentagon was rearranged, and maybe also replaced to another room, after 1966. Maybe this happened in 1967, when defense secretary McNamara ordered that the Hotline should be extended to the White House.
The Hotline terminal room in the NMCC at the Pentagon, 1976 With two Latin alphabet and two cyrillic alphabet teletype machines (light coloured) and four ETCRRM II cipher machines (black). (Photo: UPI, July 9, 1976)
In 1980, the equipment was replaced by newer teletype printers and Siemens M-190 encryption machines, as can be seen in the picture of the Hotline room from 1985:
The Hotline terminal room in the NMCC at the Pentagon, 1985 With the new teletype and encryption equipment, installed in 1980. In the foreground we see a Siemens M-190 cipher machine. (Photo: AP, August 27, 1985)
Shortly after the previous picture was taken, facsimile units and personal computers with printers were added to the Washington-Moscow Hotline. For a couple of years they were tested and used alongside the existing teletype equipment, as can be seen in the picture:
The Washington-Moscow Hotline terminal room in the NMCC at the Pentagon, 1985 We see four personal computer terminals with printers for the coordination channel Just like the teleprinters, two of the computers had a Cyrillic keybord and two a Latin keybord In the foreground we still see a teleprinter and a Siemens M-190 cipher machine (Photo: Time-Life/Scott Davis, November 14, 1985)
Teletype encryption
From the beginning, the confidentiality of the messages through the Washington-Moscow Hotline was assured by encrypting them using the one-time tape method, which has been proved unbreakable if used correctly.
The encryption of the teletype transmissions was realised by an Electronic Teleprinter Cryptographic Regenerative Repeater Mixer II, short ETCRRM II. As one of many one-time tape machines sold by commercial firms in those days, this one was produced by the Standard Telefon og Kabelfabrik (STK) in Oslo, a Norwegian subsidiary of the American telecommunications company ITT. It was also commercially available for about 1000,- USD, so for securing the Hotline, neither party had to disclose any of their own secret cryptographic methods.
The ETCRRM II used the Vernam stream cipher method, in which plain text message is eXclusively OR'ed (XOR'ed) with a random stream of data of the same length to generate the ciphertext. Once a message was enciphered the keytapes were destroyed. At the receive end, the process was reversed to decode the meassage, for which an identical keystream tape was needed.
In 1980 the ETCRRM II was replaced by the German Siemens M-190 cipher machine, which also uses the Vernam principle for one-time tape encryption. This device stayed in use until the teletype connection was terminated in 1988.
According to the agreements, each country prepared the keying tapes used to encode its messages and delivered them, through a courier, at their embassy in the other country, from where they were brought to the counterpart's terminal. So, the keys used for encrypting the messages sent from Washington, were brought to the American embassy in Moscow, who delivered them to the Russian hotline terminal.
In the US, the key tapes were provided by the Office of Communications Security (now: Information Assurance Directorate) of the NSA. Just imagine the logistics needed for providing not only the Pentagon and the White House terminals, but also the American embassy in Moscow with these key tapes every single day!
A Siemens M-190 encryption machine (Photo: CryptoMuseum.com)
1978: Satellite link
On September 30, 1971, the United States and the Soviet Union signed an agreement in Washington to modernize the Hotline. The primary cable link was replaced by two satellite circuits: the United States was to provide one circuit via the commercial Intelsat IV system, with satellites in a geosynchronous orbit. The Soviet Union would provide another circuit via four satellites of their Molniya II system on a highly elliptical orbit.
This modernization program started in 1971 and, after four years of testing, the satellite link finally became operational on January 16, 1978. This link provided more flexible communications and made the Hot Line less vulnerable than the original landline. The teletype circuit over the undersea and land line cable was retained as a backup to the satellite links, but the teletype radio circuit from Washington over Tangier to Moscow was terminated.
Maybe it's because the 1971 agreement says: "The two circuits shall be duplex telephone band-width circuits (...), equipped for secondary telegraphic multiplexing", that some sources erroneously say that in the seventies a telephone capability was added to the Hot Line.
Sign at the US hotline satellite earth station at Fort Detrick (photo by Tim Tyler)
Earth stations
Both in the United States and in the Soviet Union satellite earth stations were equipped for the Hotline transmissions. For the signal of the Russian Molniya satellite, a new earth station was built at Fort Detrick, Maryland. For the Intelsat link, the US used the commercial Intelsat ground station at Etam, West Virginia. Commercial circuits connect these earth stations to the Hotline terminal at the National Military Command Center in the Pentagon.
The Soviets originally intended to use an earth station in the suburbs of Moscow for the Intelsat link and a Molniya station at Vladimir. However, because of severe winter weather conditions in the Soviet Union, the Russians constructed a second Intelsat earth station, approximately 50 miles from L'vov, to ensure increased dependability.* Since 1991 L'vov is in Ukraine, so it's likely the Russians moved their Intelsat earth station to another location.
Detrick Earth Station
The US ground station at Fort Detrick was built by the Radiation Division of the Harris Corporation, and became operational in the Spring of 1974. Harris operated and maintained the station and its equipment through 1977. Since 1981 Honeywell Technology Solutions Inc (HTSI) provides 24/7 Russian linguist support and technical support for the operation of the Detrick Earth Station (DES), ensuring that the availability is maintained at greater than 99.97 percent. A renewed five-year $8.4 million contract with Honeywell ends in February.
The US earth station at Fort Detrick, Maryland with the 1974 dishes for the Russian satellites. (Photo: www.bfec.us)
The Detrick earth station was modernized by the Satellite Communications Systems of the US Army in 2007. Outdated equipment was replaced by state-of-the-art systems and new 15-meter satellite dishes were installed. Now the station has a multi-carrier, multi-satellite capability, instead of the previous point-to-point, single-satellite, single-carrier system.
The twin satellite dishes are being kept operational by a staff of 16 civilian Army employees: eight technicians and eight linguists. They work around the clock to ensure the system is operating correctly. The station supports not only the Hotline, but also a number of other critical Government-to-Government Communications Links (GGCL) between the United States and Russia.
The modernized US earth station at Fort Detrick with the 2007 dishes for the Russian satellite link (Photo: www.bfec.us)
1988: Facsimile equipment
In May 1983, president Reagan proposed to upgrade the Hotline by the addition of high-speed facsimile capability. This was followd by bilateral negotiations, leading to an agreement signed by the United Stated and the Soviet Union on July 17, 1984. This agreement was subsequently updated by an exchange of diplomatic notes in Washington, on June 24, 1988.
According to the agreement, at each end of the Hotline facsimile terminals of the same make and model were installed. It was specified that (digital) Group III facsimile units had to be used, operating at 4800 bits per second. Faxes like this take between 6 and 15 seconds to transmit a single page, which was much faster than the 66 words per minute capability of the existing teletype connection.
All facsimile equipment was provided by the United States, as well as the IBM personal computers used for the secure orderwire channel to allow coordination between the distant ends. These computer had standard USSR Cyrillic and United States Latin keyboards and "cathode ray tube displays to permit telegraphic exchange of information between operators". Printers had to provide record copies of all information exchanged on the orderwire channel.
The installation of the new facsimile and computer equipment was completed in the summer of 1985. It was tested and used alongside the existing teletype connection for several years, and after it had proved to be reliable enough, the teletype circuits were turned off in 1988.
The Hotline terminal room in the NMCC at the Pentagon, 1985 Two of the IBM personal computers, each with an Epson FX-85 dot matrix printer next to it The units on top of the desks are maybe early Epson FX-100 laser printers (Photo: Time-Life/Scott Davis, November 14, 1985)
Now, not only plain texts could be sent, but also maps, charts and photographs. The fax units also made it possible to send handwritten messages, like the 13-page handwritten letter which Soviet leader Gorbachev sent to president Reagan using the Hotline in 1986.*
As part of the facsimile upgrade, the Soviets transferred the Hotline transmissions over to a newer, geosynchronous satellite of the Gorizont-class, which was part of their Statsionar system. This eliminated the US ground station at Fort Detrick from having to hand off the transmissions every four hours between the four Molniya satellites.* In 1996, a new Molniya-3 satellite took over the Russian satellite link for the Hotline.
Facsimile encryption
Based upon the 1984 agreement, it seems that the digital data from both the facsimile units and the personal computers were digitally encrypted using the Vernam stream cipher, the same method as was previously used for the teletype transmissions.
This encryption was done by "information security devices", which consisted of microprocessors located in computers with floppy disk drives. These combined the digital facsimile output with buffered random data, which was read from standard 5.25 inch floppy disks. It's not clear whether this encryption was done by the IBM computers of the coordination channel, or by separate ones.
The agreement said that the United States had to provide a specification describing the key data format and necessary keying material on a floppy disk for both parties, until the Soviets had developed this capability as well. Also, the necessary security devices, as well as spare parts for the equipment had to be provided by the American side, in return for payment of costs thereof by the Soviets.
2008: E-mail communications
It's not clear for how long the presidential Hotline kept using facsimile machines. For example, the communication links of the Nuclear Risk Reduction Centers (NRRC) were modernized in 1995, by replacing the facsimile capability with a scanned files transfer (an impression of how this NRRC communication link works will be given later).
In 2007 the Direct Communications Link got a fifth upgrade. As we saw earlier, the US earth station at Fort Detrick was modernized and also the link itself was upgraded to a dedicated computer network linking the Washington and Moscow terminals. This network runs over redundant circuits of two existing satellite links and a new fiber-optic cable, which replaced the old back-up cable link.
This computer link uses commercial software for both chat and e-mail. The chat function is used by the operators for coordination of link operations, while e-mail is used for sending the actual messages. Transmission time is literally near instantaneous. These capabilities became operational on January 1, 2008.*
The Washington-Moscow Hotline terminal room at the Pentagon, 2013 Presidential communicator Navy Chief Petty Officer John E. Kelley (seated) and senior presidential translator Lt. Col. Charles Cox man the hotline terminal (photo: www.army.mil)
Operation of the Hotline
As the Hotline isn't used very often, test messages are transmitted daily: every even hour from Washington and every odd hour from Moscow. For that purpose a wide variety of poems, short stories and other texts are exchanged. Messages coordinating the operation of the Hotline are probably formatted by so called Standard Operating Procedures or SOPs.
From Washington all messages are sent in English, using the Latin alphabet, from Moscow in Russian, using the cyrillic alphabet. Translation is done by the receiving party in order to preserve the nuance of each language.
Air Force Sgt. John Bretoski (left) and Army Lt. Col. Charles Fitzgerald (right) during a test run of one of the cyrillic teleprinters at the Pentagon terminal of the Hotline At the left we see a black ETCRRM II encryption machine (Photo: AP, between 1963 and 1967)
The US terminals are manned by a team of military personnel, headed by a commissioned officer functioning as the Presidential Translator on duty. His primary job is to render into English all messages received through the Hot Line. When a message comes in, he makes a first sight translation to decide if it's so urgent that the president should be called on a secure line to give him an immediate oral translation.
If the Russian message is a bit less urgent, the Presidential Translator makes a rough written translation and sends that to the White House via a secure fax, but later a secure network channel. Later on, a final official translation of the message is made in cooperation with State Department translators.
James O'Beirne (left) and Benjamin W. Randal (right) using one of the personal computers for sending a test message at the Pentagon Hotline terminal. (Photo: Time-Life/Scott Davis, November 14, 1985)
The 1985 presidential directive about the operation of the Direct Communications Link ordered two man-rule procedures to be established at all operating locations, to ensure against inadvertent release of the messages. Hotline messages may only be released with explicit approval of the president, and even releasing information about the sole fact whether this link has been used is a presidential prerogative.
Usage of the Hotline
The Washington-Moscow Hotline was mainly used to inform the other party about sudden movements of their fleet or troops, to prevent that the other could see that as a provocation or preparation of agression. Reportedly, the Hotline was first used by the Americans on the day of the assassination of president Kennedy, November 22, 1963, only a few months after the link was established.
The first time the Kremlin used the Hotline, was on June 5, 1967, when the Six-Day War broke out between Israel and some Arab countries. On that day Soviet prime minister Kosygin sent the following message, which was received in Washington at 7:59 AM:
The first message which the Soviets sent through the Hot Line, June 5, 1967 Left: message in Russian - right: translation in English (Click for a bigger version)
This first message was followed by nineteen other transmissions during the Six-Day War of 1967, mostly to inform each other of the intentions and maneuvers of the Soviet Black Sea Fleet and the US 6th Fleet, which approached each other dangerously closely in the Mediterranean. Three of the messages were related to the incident with the American spy ship USS Liberty.
Later, the Hotline was also used during the following international conflicts: - 1971: the war between India and Pakistan - 1973: the Yom Kippur war - 1974: the Turkish invasion of Cyprus - 1979: the Russian invasion in Afghanistan - 1981: the threat of a Russian invasion in Poland - 1982: the Israeli invasion of Lebanon
In at least two cases, the Hotline was also used in non-crisis situations. President Johnson once ordered a message to be sent to the Soviet Union informing it of the American Apollo spaceship missions, and president Jimmy Carter used the Hotline for a more personal message to Sovjet leader Leonid Brezhnev, but the Russians didn't appreciate that and saw it as an improper use of the Direct Communications Link.
It is said that in 1986 president Ronald Reagan used the Hotline to threaten the Soviets over their arrest of the US journalist Nicholas Daniloff on espionage charges.
After the end of the Cold War and the collapse of the Sovjet Union in 1991 the Hotline between both super powers lost some of its significance. Also, world leaders tended more towards personal contacts, calling each other more often using a regular phone.*
Nevertheless, the Washington-Moscow Hotline was used by president George Bush sr. and Soviet leader Gorbachev to communicate during the Gulf War of 1991, and also the presidents George W. Bush and Vladimir Putin used it to discuss plans to rebuild Iraq after the Iraq War of 2003.*
Apparently there were also a few severe crisis situations in which the hotline wasn't used, like when on November 9, 1979 there was a false alarm at NORAD about what seemed to be a full-launch Soviet nuclear strike. Even more critical was the situation during the NATO exercise Able Archer 83 in November 1983, which made the Soviets think the US was preparing a nuclear war.
Telephones
The phone calls which the American and Russian presidents make nowadays, are through the Direct Voice Link (DVL). That's a dedicated phone line between the White House and the office of the Russian president which uses the same satellite link as the Hotline. This phone line seems to be established by an agreement between the US and the Soviet Union in 1990, which was renewed for the Russian Federation in 1999.
The Direct Voice Link is meant for routine matters and the calls are usually scheduled in advance, so interpreters can be present.* This voice link is not part of the Washington-Moscow Hotline. By agreement only the latter is designated for top level crisis communications.
Red phones
The Washington-Moscow Hotline is often called the Red Phone, because many people think it's a phone line with a red handset on each side. As we have seen this was never the case - even though Wikipedia articles in almost every language say so up to this day.
Also president Obama used the popular myth of the red phone, when at a joint press conference in June 2010, he joked about how social media might help to move past the traditional Cold War communications. Speaking of the Russian president Medvedev starting a Twitter account, Obama said: "I have one, as well, so we may be able to finally throw away those red phones that have been sitting around for so long".
The image of the red phone is derived from many books and movies, in which world leaders call each other with a red phone to discuss a crisis, for example the 1964 movie Fail Safe, which was also based on the 1958 novel Red Alert. Because only very few people knew how the actual Hotline worked, also many US government officials assumed the direct communications link was a phone line.
This confusion is probably also caused by the fact that the White House and the military did use red phones, not for international, but for internal communications. Quick and easy contact between the president and the military command centers is of course just as important as contact with the Kremlin, and this is achieved through a secure military telephone network, called the Defense Red Switch Network (DRSN). For this network, a number of different handsets have been used, including a red one without a dial in the early years.* These real red phones will be discussed on this weblog later.
A more correct picture of a red telephone used for internal crisis communications was also seen in popular culture, like in the 1966 Batman television series (showing the Batphone) and the James Bond films, in which the head of MI6 uses a red phone to communicate with the prime minister and military officials.
Timeline
1963: Establishment of a land line teletype link between the Kremlin and the Pentagon 1967: Ancillary terminal installed at the White House. 1978: The land line replaced by a satellite link. 1980: Old teletype and encryption machines replaced by newer ones. 1988: Teletype equipment replaced by facsimile units. 199?: Further modernizations 2008: E-mail capability established
Literature - Michael K. Bohn, Nerve Center. Inside the White House Situation Room, Brassey's Inc, Washington DC, 2003, p. 89-96. - Paul E. Richardson, The hot line (is a Hollywood myth), in: Russian Life, September/October issue 2009, p. 50-59. - Leland McCaslin, Secrets of the Cold War: US Army Europe's Intelligence and Counterintelligence Activities Against the Soviets, Helion, Solihull 2010, p. 111-114.
In the previous post we presented a range of highly secure mobile phones. Because of their nature we almost never see officials using them, but here we have a rare picture of US president Obama using a Sectéra Wireless GSM Phone, made by General Dynamics and approved by the NSA for conversations up to the level of Top Secret:
President Obama using a Sectéra Wireless GSM Phone, March 19, 2011. (White House photo by Pete Souza - click for a bigger version)
The picture shows president Obama giving the final authorization for the United States Armed Forces to begin a limited military action in Libya, in support of an international effort to protect Libyan civilians. This call was made during a short visit to Brazil.
Sitting next to Obama is his National Security Advisor Tom Donilon, using one of the two secure STE desk top telephone sets, which are always standing by in case the president has to make a phone call.
As can be seen in the bigger picture, the other STE phone seems to be used by another official, so probably for convenience, Obama was given the secure cell phone to participate in this conference call.
In the previous post we saw that ordinary mobile phones offer only limited protection against eavesdropping. Therefore, special devices are designed to keep conversations safe. Here we will list a range of mobile phones, which offer a high level of security and are therefore suited for top level telecommunications.
The following information is gathered from the internet, only to provide a general overview. For more information, provided by the manufacturer, please click the yellow section title or the fact sheet.
- for government and military use -
General Dynamics: Sectéra Wireless GSM Phone - Produced from 2002-2012 by the American company General Dynamics Corp. - For GSM and GPRS networks. - Ordinary Motorola Timeport GSM phone, with a special Security Module attached at the back side of the phone, replacing the battery cover. - Approved by the NSA for conversations up to the level of TOP SECRET * and by NATO for up to COSMIC TOP SECRET. This phone is also used by the British government for mobile communications up to the level of SECRET.* - Encryption with US Type 1 and approved Suite B (including AES and ECDH) encryption algorithms. - There are slightly modified modules for the UK, Canada, Australia and New Zealand. There's also a version, using the AES algorithm only, which is exportable to other countries. - The price of this phone is 2.095,- US dollar. - More details in the factsheet (pdf)
> As of 2013, General Dynamics replaces this phone by GD Protected, a platform for securing high-end Samsung and LG smartphones.
Sectra: Tiger XS - Produced since 2005 by the Swedish company Sectra AB. - For GSM and UMTS networks. - This is a personal encryption device, which is connected in between a headset and an ordinary mobile phone (via Bluetooth). Voice data are encrypted by the device, before going into the non-secure telephone. - Two factor user authentication with SIM-sized access card and PIN code. - Approved in the Netherlands, by the European Commission and by NATO for conversations up to the level of SECRET. In 2011, the Tiger XS was used in 17 European countries. - Since 2007, a sligthly modified version of this device is used by Dutch cabinet ministers and high-level officals of government departments and the Dutch armed forces.* - More details in the factsheet (pdf)
Sectra: Tiger 7401 - Produced since 2012 by the Swedish company Sectra. - For GSM, GPRS, EDGE and UMTS networks. - Custom made mobile telephone with TEMPEST verified design and tamper response, providing Red and Black interfaces for secure and non-secure connections. - Two factor user authentication with SIM-sized access card and PIN code. - Approved in the Netherlands for conversations up to the level SECRET (STG GEHEIM), approvement for the European Union and NATO is pending. - For Dutch high-level military officials this phone will replace the Tiger XS device in the course of 2014.* - More details in the factsheet (pdf)
Rohde & Schwarz: TopSec Mobile - Produced since 2008 by the German company Rohde & Schwarz GmbH. - For GSM and UMTS networks. - This is a separate encryption device, which is connected in between a headset and a smart phone (both iPhone and Android) with Bluetooth connection. Voice data are encrypted by the device, before going into the non-secure telephone. - Approved in Germany for conversations up to the level of RESTRICTED (Verschlusssache/Nur für den Dienstgebrauch). - The device secures the key exchange with a 384-bit key ECC algorithm and encrypts the voice data with AES, using a 256-bit key. - More details in the factsheet (pdf)
Secusmart: SecuVOICE - Produced since 2008 by the German company Secusmart GmbH. - For GSM and UMTS networks. There are separate solutions for voice, SMS and e-mail communications. - Common high-end Nokia phones are secured by a tamper proof chip on the format of a microSD Card, which is inserted in the memory card slot of the phone. - Approved by German, Dutch and NATO agencies for conversations up to the level of RESTRICTED. - Communications are secured by 128-bit AES encryption and keys are exchanged using the Elliptic Curve Diffie Hellman (ECDH) protocol. - This solution was implemented for securing voice communications of the German federal government in 2009, including those through the Nokia 6260 Slide phone of chancellor Angela Merkel. - More details in the Secusmart overview (pdf)
> Secusmart provided a similar security solution for the BlackBerry 10 smartphones, which became available for German government officials in 2013. See: How secure is the Merkel-Phone?
Thales: Teorem - Produced since 2008 by the French company Thales Group SA. - For GSM, GPRS, EDGE and UMTS networks. - Custom made handset, with a second display, showing whether the call is secure or not. - Approved in France for conversations up to the level of SECRET (Secret Défense). - In 2010, the French government ordered over 14.000 of these phones, to be used by the president, ministers and high officials of the armed forces and the various ministries that deal with classified defence information.* - The price of this phone is said to be around 1.500,- euros. - More details in the factsheet (pdf)
Telsy: TSM T3 - Produced since 2009 by the Italian company Telsy S.p.A. - For GSM and UMTS networks. - Custom made telephone handset, with proprietary hardware and software design. - Encryption with AES, using 256-bit keys and asymmetric ECCDH key exchange, or, on demand, proprietary and custom made algorithms. Interoperable with CryptoPhone equipment. - Also sold by the Scottish company Bridge Systems Ltd. - More details in the factsheet (pdf)
- for government and commercial use -
Omnisec: Secure Mobile Phone Omnisec 230 - Produced by the Swiss company Omnisec AG. - For GSM, EDGE and UMTS networks. - Common HTC smart phone with hardened Android operating system. The encryption engines are stored on a single chip, which is inserted into the phone like a SIM-card. - Encryption with Omnisec proprietary algorithms using 256-bit keys. - The price of this phone is said to be around 25.000,- Swiss franks (although 2500,- franks seems te be more realistic). - More details in the factsheet (pdf)
Crypto AG: Crypto Mobile HA-2400 - Produced by the Swiss firm Crypto AG. - For EDGE and UMTS networks. - Common high-end Nokia smart phone from the E-series, with Symbian operating system. The crypto capabilities are provided by a single tamper proof chip (the Crypto Mobile HC-9100) on the format of a microSD Card, which is inserted in the memory card slot of the phone. - Encryption with a customer specific cipher algorithm HCA-820, using 128 or 256-bit keys.
Tripleton: Enigma E2 - Produced since 2012 by the British company IntSec Ltd. - For GSM and GPRS networks. - The phone uses the Enigma encryption system developed by the T-Systems/T-TeleSec division of Deutsche Telekom. This was following a request from former German Chancellor Gerhard Schröder, after he was hacked in the 1990s.* - This Enigma system was first used in a mobile phone, which is sold since 2002 (for 3.200,- euro) in Germany by the Beaucom Group.* - Encryption with AES, using a 256-bit key, which is exchanged via 1024-bit RSA. - The price of this phone is 1.320,- pound sterling.
GSMK: CryptoPhone 400 - Produced by the German company Gesellschaft für Sichere Mobile Kommunikation mbH (GSMK). - For GSM and UMTS networks. - Customized HTC mobile phone, with the operating system being a stripped down version of Windows Mobile. There are various other models available. - Encryption with Twofish and AES in parallel, both with 256-bit key length, exchanged using a 4096-bit key Diffie-Hellman algorithm. - In 2001, the Dutch hacker and digital rights activist Rop Gonggrijp started to work on highly secure phone, which was eventually launched in 2003 as the CryptoPhone 100. - For the United States, the GSMK CryptoPhones are manufactured and sold by the Las Vegas based company ESD America Inc. - The price of this phone is 2.618,- euros.
All these phones use a hybrid cryptosystem, in which the conversation is encrypted with a very strong symmetrical cipher, often AES with 256-bit key. This key is then encrypted with a public-key cryptosystem, like RSA or ECC, and transmitted together with the encrypted message. Only the intended recepient can then decrypt the key and henceforth the message. By this method, end-to-end security all the way through the public telephone network is provided.
The most secure mobile phones are made by defense contracters, often primarily for being used by national government and military officials. This is because using telephones, or any other communication device, made by a foreign company always bears the risk of secret backdoors, allowing easy access to the encrypted conversation.
Countries, and also international organisations, without their own production facilities for military grade encryption equipment often go to companies in small or neutral nations, where they expect to have the least damage in case there would be a hidden backdoor.
Another inevitable risk of mobile phones is using them in (public) places where conversations can easily be overheard by other people or by listening devices. Secure wireline desk top phones can counter this threat by installing them in rooms which are secured against eavesdropping. This is also one of the reasons why conversations at the highest level (TOP SECRET/SCI in the United States, TOP SECRET elsewhere) are often restricted to dedicated wireline circuits only.
This is an informative video from the Swiss television program Einstein, about the potential threats and risks of mobile cell phones:
The phone shown in this report is the Secure Mobile Phone Omnisec 230 (fact sheet in PDF), made by the Swiss firm Omnisec AG. This is a modified HTC smart phone, with a hardened Android operating system, and with all risk providing applications (like bluetooth and GPS) removed. The microSD Security Module provides encryption with 256-bits key length to secure communication for classification levels up to Top Secret. But, the cost for two of such phones is said to be around 50.000,- Swiss Franks.
UMTS
For most people, a far more affordable way to get better security for cell phone communication is just to use the UMTS or 3G mobile network, instead of GSM. Where GSM only has authentication of the user to the network, UMTS uses mutual authentication, which means the mobile user and the network authenticate each other. This prevents a so called "man-in-the-middle attack" by using false base stations. Also UMTS uses stronger encryption algorithms (KASUMI-based 128-bit key algorithms) for securing the voice and data during the radio transmission between the handset and the base station. For this, GSM uses the rather weak A5/1 algorithm with only a 64-bit key.
Nowadays, UMTS services are widely available in western countries and accessible through high-end smart phones like the popular iPhone 3G and the Samsung Galaxy i9000 series. However, it should be noted that the use of the UMTS-network still bear the risks of intrusions through unsafe applications and malware. Furthermore, UMTS does not provide any end-to-end encryption or authentication between one user and the other. Traffic between between the fixed network stations is still unencrypted and there's authentication only between users and the network provider.
BlackBerry
Another affordable option for more secure mobile communication is by using the BlackBerry smart phone, which is very popular amongst business people and government officials. A BlackBerry encrypts data (including e-mail, but excluding voice) that travels between the handheld device and the BlackBerry Enterprise Server by using either Triple DES or, for the latest models, AES with 256-bit key. This allows the BlackBerry to be the only consumer handheld devices certified for use by government agencies of the US, the UK, Canada and Australia. But again: this only applies to e-mail messages and not for voice conversations.
So, people who want or need the certainty of strictly private phone calls from one person to another, have to assure that through extra applications or specialized hardware features, for example like the aforementioned Omnisec phone or a variety of other highly secure mobile phones.
