Secure Telephone 4100
The 4100 was a secure telephone with digital encryption and decryption
developed by AT&T (later: Lucent) around 1992.
The design is based on the 1100 STU-III phone,
also made by AT&T. Contrary to the 1100 however, the 4100 was less secure
and did not use a Crypto Ignition Key (CIK) 1. As it was an
NSA Type 4 encryption product,
it could be sold without restrictions.
When the STU-III
was developed by the NSA in 1987,
it was decided that various manufactuers
would be allowed to build it and that it would be available with
different crypto-algorithms, so that the device could be used at
various security levels, both inside and outside the government.
The US National Security Agency (NSA)
defined four types of encryption products, called Type 1, 2, 3 and 4.
Type 1 and 2 were intended for use by the US Government,
Type 3 for restricted users and Type 4 for international customers.
Type 4 imposes no UK export restrictions.
The image above shows a typical AT&T 4100 secure telephone unit.
As the first digit of the model number reveals: it is a Type 4
product that was intended for international (civil) customers.
The unit is housed in the same case as the
1100 STU-III phone,
but it does not have a keyceptacle for a
KSD-64 Crypto Ignition Key
Furthermore, it uses software based encryption,
based on Public Key Encryption (PKE) techniques, such as DES,
rather than hardware-based encryption like the 1100 and the 2100.
The hole for the key
at the right front is blocked on this model.
AT&T 4100 STU-III phones were supplied with a choice of
vocoders, such as LPC-10E, RCELP and MRELP.
They can send voice and data at 2400, 4800 and 9600 b/s
(bits per second) in full duplex mode.
At the rear
is a 25-way D-type socket with a serial port
that gives access to the built-in V.26 and V.32 modems.
The units are sufficiently shielded to prevent unwanted
There was a version of the 4100, known as the CSD 4100,
that did have a CIK and contained hardware-based encryption
The following variants of the 4100 are currently known:
This is the basic AT&T 4100 secure phone that uses
software-based Public Key Encryption (PKE) techniques,
based on 512-bit Diffie-Hellman. The key length is 192 bits,
with a 64-bit Initialization Vector and a 4-digit anti-spoof code.
This device is an NSA Type 4 encryption product
and does not use a CIK . It is featured on this page.
This is an enhanced version of the 4100. Contrary to the MDL-4100
it did use a KSD-64 CIK.
It also had build-in hardware-base
encryption, using the same chip as the CSD-3600. The unit was
therefore compatible with the CSD-3600. Furthermore it could also
be used for communication with the AT&T 2100, a Type 2 variant
of the phone that was used in Type 3 or Type 4 mode.
The CSD-4100 contains AT&T's proprietary DACE encryption algorithm,
as well as an AT&T Bell Laboratories algorithm .
In addition to the existing vocoders, the CSD-4100 als supported
secure voice at 9600 bps, with automatic fall-back to 4800 bps.
For key distribution, an (external) Key Management System (KMS)
was needed. This was basically a PC with suitable software.
This is yet another enhanced version of the 4100.
It was sold in the early 1990s by AT&T Datotek in Dallas (Texas, US)
and uses a CIK for added security. It was suitable for clear
and secure operation and has a good voice quality due to its
CELP vocoder (4800 bps). In addition, the DST-4100 has
an LPC-10E vocoder (2400 bps) that can be operated in Full-Duplex
and Half-Duplex. Data can be transferred at 2400, 4800 and 9600 baud
The 4100 was an NSA Type 4 encryption product,
which means that it was suitable for customers and covernments outside
the US, without the usual export restrictions for CCI devices (Controlled
In addition, the CSD-4100 offered extra key management features,
such as the use of a CIK and the (optional)
Electronic Key Managment System (EKMS) KCS-4000.
The ATS Division of AT&T in Greensboro (North Carolina, US)
and its strategic partner Datotek in Dallas (Texas, US)
sold CSD-4100 phones and EMKSs to countries such as Argentina and Mexico.
Similar setups were also sold to big multinational corporations,
both domestic and abroad.
Like the high-level security devices,
such as the 1100 series,
the CSD-4100 offered added security by offering key management facilities.
Unlike the MDL-4100, the CSD-4100 had a socket (keyceptacle) at the right
front of the device, that accepts a standard KSD-64 Key Storage Device.
When using the CSD-4100, a new key would be negotiated each communication
session, using Diffie-Hellman based Public Key Encryption (PKE).
In addition, the KSD-64 adds message authentication and certification,
in order to guarantee that the addressed person at the other end is indeed
the intended recipient.
For optimum security, serial numbers were assigned to each CSD-4100 and
to each key bank. Only users who had the matching serial numbers programmed
into their CIK, were allowed to operate the unit in secure mode .
➤ More about the KSD-64
The 4100-series secure phone is housed in a sturdy pre-shaped
compartimented die-cast aluminium case.
All connections to the outside world are
at the rear (power, line and serial port),
except for the handset which is connected at the left side.
The unit needs an external PSU.
The case can easily be opened by removing four long crosshead screws
at the bottom, after which the top half and the bottom half can be
The interior of the 4100 consists
of three large PCBs: a main (digital) board at the center, a board with
the controls (top) and an interface board which is mounted at the bottom.
The controls board is mounted inside the top
half of the phone, just behind the control panel. It is connected to the
bottom part by means of a double flat cable and a 2-wire cable for the
hook switch. The top part also contains the
The bottom part contains the rest of the
electronics and is covered by a metal shield in order to avoid
the emission of compromising (radio) signals (TEMPEST). After
removing the metal shield the solder side
of the Main Board is revealed. At the top is the connector to the
At the center of the Main Board is a so-called
tamper switch that causes the non-volatile
RAM (containing the current cryptographic keys) to be cleared as soon
as the metal shield is removed. This way the keys are protected against
tampering. The Main Board is held in place by a single screw and can
easily be removed.
The component side of
the board is partly covered by a metalized plastic EMC shield.
Below the shield are the
actual digital components of the 4100.
The main board is nicely compartimented,
so that all sections of the circuit are easily identified. Two
TMS320 Digital Signal Processors (DSPs)
from Texas Instruments (TI) are used for the implementation of the
vocoders (e.g. LPC-10).
At the center of the board is the area
for the hardware-based encryption chip, that contains an NSA-developed
algorithm. This chip is omitted (i.e. not mounted) in the MDL-4100,
which has a weaker software-based encryption algorithm.
Below the Main Board, in the
bottom of the phone, is the
Interface Board that contains all the
electronics for connection to the outside world. Like the Main Board,
it is nicely compartimented, so that its various functions are easily
identified. In the left corner at the rear is the
to the analogue (PSTN) telephone line.
In the right corner at the rear is the
RS-232 interface with its typical
25-way D-type socket. The section at the front contains the actual
telephone electronics, consisting of a V.32 modem chip and
AT&T's own DSP chip.
At the center is a backup battery.
- Granite Island Group, Secure Communications Systems
Details about AT&T 4100 systems. Retrieved March 2013.
- The Free Library, AT&T introduces new line of secure telephone equipment
PR Newswire Association, 6 May 1992. Retrieved March 2013.
- Network World, AT&T encryption unit is NSA approved
Telecommunications, 4 February 1991, p. 11. Retrieved March 2013.
- AOS Inc., Technical Communications Corporation, CSD 4100 Vice/Data Terminal
4-page brochure. Date unknown. Retrieved March 2013.
- Navy INFOSEC website, Secure Terminal Unit Third Generation
Date unknown. Retrieved March 2013.
- Wikipedia, Lucent
Retrieved March 2013.
- General Dynamics, GD completes acquisition of Lucent Technologies
Advanced Technologies Systems Unit
General Dynamics website. News. Retrieved March 2013.
- Joseph Tag, Various bits of information about AT&T phones and STU-III in general
Personal correspondence via e-mail. April 2013.
- ESTcorp, STU Products Page
Website. Retrieved April 2013.
- Granite Island Group, CSD-4100 brochure
3-page brochure. Date unknown. Retrieved April 2013.
- Datotek, Secure Voice/Data Terminal Model DST-4100
Leaflet. Date unknown. Retrieved April 2013.
Any links shown in red are currently unavailable.
If you like the information on this website, why not make a donation?|
© Crypto Museum. Last changed: Wednesday, 05 July 2017 - 20:44 CET.