Quantcast

Tested Explains: What Does it Mean to Call on a "Secure Line"?

By Matthew Braga

If decades of televised White House dramas and Hollywood espionage thrillers have taught us anything, it's that barking "Get me a secure line!" into your phone is about all it takes to establish a private, encrypted call.

If decades of televised White House dramas and Hollywood espionage thrillers have taught us anything, it's that barking "Get me a secure line!" into your phone is about all it takes to establish a private, encrypted call.

Alas, security is rarely so simple – and for decades, encrypting phone conversations actually took a great deal of work. Only in recent years has encryption become more accessible, and it's still a lot more effort than pop culture would have you believe.

The secure line's earliest days can be traced back to the development of a machine called SIGSALY at Bell Telephone Laboratories during World War II. It was meant to replace the seemingly scrambled, high-frequency radio communication then–employed by the Allies – which, it turned out, eavesdropping Axis forces had already managed to decrypt.

So what was SIGSALY? "Consisting of 40 racks of equipment, it weighed over 50 tons, and featured two turntables which were synchronized on both the sending and the receiving end by an agreed upon timing signal from the U.S. Naval Observatory," according to the National Security Agency's historical account of the device.

The two turntables played identical copies of randomly generated noise that was mixed into a call. "One would mix in noise, and the other would basically subtract out that noise. And anybody listening would just hear noise," explained Matthew Green, an assistant research professor at the Johns Hopkins Information Security Institute. "But somebody who subtracted out the noise would hear the phone call."

The system, of course, had its flaws. There were only a handful of SIGSALY machines scattered around the globe, and synchronization between the two ends records required millisecond precision. That was even assuming, of course, that the person you wanted to call had the most up-to-date record, or key – delivery, understandably, "always a problem" recounts the NSA.

"It was basically what we call a one-time pad," says Gord Agnew, an associate professor at the University of Waterloo's school of electrical and computer engineering, where his past research has focused on communication and cryptography.

You couldn't just pick up the phone and make a secure call on a whim. You had to wait for a pre-arranged time.

Each record "was used once and then disposed of, never to be used again." So, in other words, you couldn't just pick up the phone and make a secure call on a whim. You had to wait for a pre-arranged time.

In fact, it would take years before secure calls could be made with the sort of ease rivaling that of an unencrypted chat. Even the oft-cited 1960s "Red Phone" link between the White House and the Russian Kremlin was no more than an apocryphal tale – the two governments, in fact, preferring to communicate via text, believing it would be less susceptible to misinterpretation in a time of crisis.

Rather, it was the Secure Telephone Unit, or STU-I, that became the first secure telephone both cheap and small enough to cater to the security-conscious mainstream. Developed under NSA contract through the early 1970s, not only was STU-I digital, but its keys were based on complex cryptographic algorithms that were – crucially – centrally managed and stored.

According James Bamford's book "Body of Secrets: Anatomy of the Ultra-Secret National Security Agency" these earlier STU-I and STU-II were especially cumbersome, mainly for "the need to call a 'Key Distribution Center' in order to setup each call, which resulted in a delay of two to three minutes." It certainly beat delivering keys in person, as SIGSALY’s records once required, but it was still far from ideal.

George Bush on an STU-III Phone

All that changed with the STU-III. Introduced in the 1980s, it was notable for its ability to perform this formerly laborious key verification process on the phone itself. According to Agnew:

"That's kind of where that nomenclature came from – "go secure" – because you could start a conversation in clear, with another STU phone. It looked just like an ordinary desk phone. But if you were talking to another STU phone that was in the authorized group [...] you would basically press a button, and there would be a 10-15 second delay while it was setting up the secure link between the two phones, and after that everything was encrypted."

Photo credit: Wikimedia Commons

The STU-III's successor, Secure Terminal Equipment (STE), would reduce this "go secure" time even further, to almost zero. And with today's hardware and now software-based options, the time required to go secure is practically indistinguishable from a typical unsecured voice call.

Of course, as Green points out, if you're somebody like the President you probably have people to handle these details for you. But the next time you hear someone ask to “go secure” on screen – even if it doesn't look like much – you'll know what's really going on.