×

TMCnet
ITEXPO begins in:   New Coverage :  Asterisk  |  Fax Software  |  SIP Phones  |  Small Cells
 

Publisher's Outlook
June 2004


Rich Tehrani

Ten-Hut!

The Military Enlists VoIP

 

 

BY RICH TEHRANI


Virtually everyone knows that the United States government was responsible for the design of the Internet as a solution to maintaining communications in case of a nuclear attack. It should be no surprise then to learn that this same government � in fact, just about every government � is now plunging into VoIP with both feet. In the U.S., all facets of the government are involved, from the military, DOD, and other federal and state agencies.

 

Some months back I wrote about the military�s use of VoIP and was subsequently overwhelmed with e-mails from vendors in the space and others who were interested in learning more. So I studied up a bit on the topic and as I learned more and more about government purchases of VoIP equipment, I became more and more fascinated with how the U.S. and other governments communicate. More specifically, how they communicate securely. Even more interesting is how they integrate their secure communications with VoIP.

 

A BIT OF HISTORY
In 1970, the Secure Telephone Unit (STU) was a small refrigerator-sized device introduced to allow secure communications between telephones. STU-II device was later introduced and in the late 1980s the STU-III device was developed as a user-friendly and relatively economical upgrade. About the size of a standard desk telephone, this device did not have the drawbacks of its predecessors and as such could enjoy more widespread adoption. The terminals are designed to operate reliably, with high voice quality, as both ordinary telephones and secure instruments over the dial-up public switched telephone network. STU-III operates in full-duplex over a single telephone circuit using echo canceling modem technology. STU-IIIs come equipped with 2.4 and 4.8 kbps code-excited linear prediction (CELP) secure voice. Secure data can be transmitted at speeds of 2.4, 4.8, and 9.6 kbps. There are many manufacturers, each promising different maximum throughput rates. The data throughput between two STU-IIIs can only be as great as the slowest STU-III connected.


A newer government standard is also in use called Future Narrowband Digital Terminal (FNBDT). FNBDT is a signaling scheme that defines all the necessary information to allow various vendors to build interoperable cryptographic equipment based on U.S. Government Type 1 encryption (a term for processes managed by the National Security Agency (NSA) that provide approved U.S. Government users with cryptographic products and systems that are suitable for the protection of classified information). It should be noted that a device can provide Type 1 encryption but not adhere to the FNBT standard.
 

Understanding Government Terminology
To further understand some of the products discussed in this article it is helpful to discuss some terms as defined according to the Committee on National Security Systems (http://www.nstissc.gov/).

type 1 product
Classified or controlled cryptographic item endorsed by the NSA for securing classified and sensitive U.S. Government information, when appropriately keyed. The term refers only to products, and not to information, key, services, or controls. Type 1 products contain approved NSA algorithms. They are available to U.S. Government users, their contractors, and federally sponsored non-U.S. Government activities subject to export restrictions in accordance with International Traffic in Arms Regulation.
 

type 2 product
Unclassified cryptographic equipment, assembly, or component, endorsed by the NSA, for use in national security systems as defined in Title 40 U.S.C. Section 1452.
 

type 3 algorithm
Cryptographic algorithm registered by the National Institute of Standards and Technology (NIST) and published as a Federal Information Processing Standard (FIPS) for use in protecting unclassified sensitive information or commercial information.
 

type 4 algorithm
Unclassified cryptographic algorithm that has been registered by the National Institute of Standards and Technology (NIST), but not published as a Federal Information Processing Standard (FIPS).

 

(COMSEC) Communications Security
Measures and controls taken to deny unauthorized individuals information derived from telecommunications and to ensure the authenticity of such telecommunications. Communications security includes cryptosecurity, transmission security, emission security, and physical security of COMSEC material.
 

(AES)Advanced Encryption Standard
FIPS approved cryptographic algorithm that is a symmetric block cypher using cryptographic key sizes of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits.
 

RUBIK�S CUBE ON SUPER STEROIDS
An interesting note: It can take over one hundred trillion years to break a 128-bit AES key. My research tells me that type 1 encryption is likely orders of magnitude more difficult to break than even 256-bit based AES! Put more simply, we could be talking about a code that could take a thousand trillion or quadrillion years to break. You know, I don�t think I ever wrote the word quadrillion before. In any event, this is a huge number, and we are talking about a very difficult code to break!


Getting back to FNBDT, it is not just a narrowband standard as its name implies. It also includes a common voice processing capability, a crypto-algorithm base and a key-management process. Moreover, it has become the primary security standard for cell phones, military radios, and emerging public safety communications devices for homeland security missions and many first responders around the world.


FNBDT recently added the ability to accept electronic re-keying. To maintain a high level of security in products under use, it is necessary to re-key them in the field routinely. However, in the past, the only way to re-key was to physically locate a COMSEC custodian (the person who deals with the re-keying task) to perform a data transfer. This was time-consuming and inconvenient. Now users of the secure FNBDT products can simply auto-update a key by connecting the device back to the central management infrastructure over a secure call.
The NSA now maintains an FNBDT interoperability test bed that verifies vendor compliance with the current version of FNBDT specifications and tests interoperability among the current versions of all wireline and wireless products to verify secure, end-to-end interoperability.

POTS TASTE ON A SATELLITE BUDGET
One vendor that I met with recently, Net.com, has just had their Shout IP secure VoIP solution selected by the Defense Department to provide secure and un-secure voice calls between coalition sites as part of the Kuwait-Iraq Command, Control, Communications and Computers Commercialization (KICC) program. What intrigued me about Net.com is that their solution offers up to a 70 percent increase in bandwidth efficiency by using some novel compression techniques.


Shout IP works with both STU and FNBDT and is much more bandwidth efficient than traditional VoIP solutions. In a conversation between two people, you would need to have a Shout IP device on both sides of the connection. Let�s assume for this example that the conversation is taking place over 9.6 kbps. The output of the encrypted stream from the caller is sent to the Shout IP unit (located nearby) where the signal is demodulated. The signal is not unencrypted, just demodulated or converted to zeros and ones. Typically, the modem that modulates the signal assumes a 64 kbps call and thus adds significant overhead. Net.com�s technology allows the signal to be compressed and sent over to another Shout IP device that remodulates the signal. The result is that far lower amounts of bandwidth are used because you aren�t dealing with a 64kbps modem signal.


It should be noted that in the above example, other VoIP solutions could use ADPCM (a decades old compression standard) to get the 64 kb signal down to 32 kb. You can�t go much further than 32 kbps because modulated modem calls are difficult to compress further.

 

Another benefit to sitting between the modems that encrypt and decrypt data is that if a packet needs to be retransmitted, the local Shout IP device can ask for the packet to be sent again while the device on the other side of the connection effectively stalls for time by communicating the appropriate in information to the modem on the receiving side. Modems are typically intolerant of delays so this middle-logic aids in much better and potentially life-saving communications.
Another technology employed is frame packing (a technology allowing multiple voice frames in the same packet to reduce IP overhead bandwidth) It is possible to have a maximum of 60 calls sharing the same packet! If you add frame packing to silence suppression and superior compression via demodulation, Net.Com is helping our military make maximum use of satellite links and other low-bandwidth connections.

YOU CAN TAKE IT WITH YOU
Another company playing in the government/military space with a solution that encompasses VoIP is Telecommunications Systems who recently released their SwiftLink 1400 series portable and encrypted communications system that works with six public telecommunication networks (PTNs). You can use it to access GSM, global mobile satellite, POTS, PBX, WI-FI, and wired Ethernet. Type 1 and Type 4 FNBDT are built in and the device is relatively lightweight, coming in its own travel case. The SwiftLink 2100 series is more of a portable field command center enabling reach-back to voice, data, and video. IM and e-mail are also supported as is secure VoIP. A complete LAN solution is built in to the 2100, allowing up to seven Ethernet devices and two telephone handsets to be networked in the field. This device is designed to work quickly out of the box and the whole unit stores quickly in a case the size of carry-on luggage that weighs 53 pounds. These are the types of devices used by senior government officials, special forces, the FBI, and others.
 

EVERYONE DOES VoIP
What amazes me most about my journey into military and government VoIP is how much the government (like everyone else) is relying on VoIP in the communications systems. A converged network just makes so much sense and the government realizes that it is easier to rely on commercial off the shelf components and technologies than building or specifying the construction of systems from scratch. There are a number of other companies providing communications products to the government and indeed, both companies above also sell to service providers and enterprise customers so make sure to look them up and see what other products are in their portfolio.
 

OTHER RESOURCES
If you are interested in learning more about military applications of VoIP and other technologies, please visit the Defense Information Systems Agency Web site at http://www.disa.mil/ or the Joint Interoperability Test Command at http://jitc.fhu.disa.mil/. Also, check out the conference program of the upcoming Internet Telephony Conference & EXPO, which will be held October 4-7 in Los Angeles, CA. We have added a special conference track focusing specifically on Military/Defense applications related to VoIP. For more information, please visit www.itexpo.com.

 

If you are interested in purchasing reprints of this article (in either print or HTML format), please visit Reprint Management Services online at www.reprintbuyer.com or contact a representative via e-mail at [email protected] or by phone at 800-290-5460.

 

[ Return To The June 2004 Table Of Contents ]



Today @ TMC
Upcoming Events
ITEXPO West 2012
October 2- 5, 2012
The Austin Convention Center
Austin, Texas
MSPWorld
The World's Premier Managed Services and Cloud Computing Event
Click for Dates and Locations
Mobility Tech Conference & Expo
October 3- 5, 2012
The Austin Convention Center
Austin, Texas
Cloud Communications Summit
October 3- 5, 2012
The Austin Convention Center
Austin, Texas