Click for homepage
Phone
USA
NSA
KSD-64
  
STE →
← STU-II
  
STU-III
Third generation secure telephone unit

STU-III is the last of a series of digital Secure Telephone Units (STU), developed in 1987 by the US National Security Agency (NSA) 1 for secure voice communication over non-secure analogue PSTN telephone networks (POTS). Introduced in 1986 as the successor to the STU-II, the terminals were initially made by three manufacturers: Motorola, RCA and AT&T. Although most STU-III units were designed for desktop use, there were also versions for wall mounting and for the transmission of fax and data. STU-III is also known as Low Cost Terminal (LCT), as LCT-1 and as STU-III/LCT. The STU-III was succeeded in the 1990s by the SCIP-compatible Secure Terminal Equipment (STE).

The image on the right shows a typical STU-III terminal. The one shown here is a top-of-range SECTEL 2500 made by Motorola. It is housed in a black metal-and-plastic enclosure, but was also available in beige. It is capable of sending secure voice and data at 2400, 4800 and 9600 baud.

A similar Motorola SECTEL 1500 unit was used in 2001 by former US president George W. Bush to liaise with his security advisors following the 9-11 attacks on the World Trade Center in New York, whilst visiting Emma E. Booker Elementary School in Sarasota (Florida, USA) (see below).
  

STU-III uses NSA Type 1 or Type 2 encryption, allowing conversations at all levels of security classification, up to TOP SECRET. In order to be interoperable, all STU-III telephones had to support the same vocoders (LPC-10E and CELP). Special lower grade variants, with Type 3 and Type 4 encryption, were produced for other customers, but were commercially unsuccessful.

Several hundreds of thousands STU-III phones were produced. They were used in the US and in some of the allied countries until the mid-2000s, after which they were gradually phased out and replaced by Secure Terminal Equipment (STE). For this, early versions of the STE had an STU-III compatible mode. The last day the STU-III was used, is 31 December 2009, after which the unit was no longer allowed for Type-1 communication [6]. STU-III has now fully been replaced by STE and other products that support the new Secure Communications Interoperability Protocol (SCIP).

  1. In cooperation with the Government Electronics Group (GEG) of Motorola [7].

STU-III equipment on this website
Motorola STU-III secure telephone SECTEL 1500 (Type 1)
Motorola STU-III secure telephone SECTEL 2500 (Type 2)
AT&T/Lucent 1100 (STU-III) - later sold by General Dynamics
GE/RCA STU-III - later sold by General Electric
Motorola STU-III/R (STU-II and STU-III compatible)
Motorola STU-II/B (KY-71D) - NATO-version
Motorola SECTEL models, some of which are STU-III compatible
History
The STU-III standard was developed during the course of 1985 and 1986 by the US National Security Agency (NSA) in cooperation with the Government Electronics Group (GEG) of Motorola in Scottsdale (Arizona, USA). In 1985, GEG received a US$ 15.3 million development award from the NSA for a low-cost secure voice/data telephone terminal (LCT) and a secure cellular mobile radio.

When the standard was finished in 1986, three American manufacturers were selected for the production of secure telephones based on this standard: Motorola, RCA and AT&T. In 1996, AT&T was renamed Lucent, which was taken over a year later by General Dynamics. For this reason, STU-III phones with their names are sometimes found as well. The following are known:

When RCA was commissioned to produce STU-III phones, they were in the process of being taken over by General Electric (1986). The business unit responsible for the STU-III was taken over in 1993 by Lockheed Martin, who finally spun it off as L3 Communications East in 1997. The latter (L3) is also responsible for the successor to the STU-III: the STE. AT&T also sold STU-III terminals via its partner Datotek. Motorola is the only company which never changed its name.

Crypto Ignition Key   CIK
Within the STU family, the STU-II introduced the concept of the Crypto Ignition Key (CIK), which is used for protection of the cryptographic keys stored inside the phone. This concept is very similar to that of the STU-II compatible Spendex 40 that was introduced by Philips in the early 1980s.

With the STU-III, the CIK takes the form of a physical plastic key that is inserted into a slot at the side or top of the phone and rotated 90° clockwise. The image on the right shows the KSD-64 that was used with the STU-III family.

The key, manufactured by Datakey Electronics in the US, contains 64Kb of storage space, and can be used for a variety of purposes, including CIK functionality and key transport. In practice, the color of the label defines the key's functionality. A white label indicates that the key is used as a CIK, whilst a blue label is used for a FILL key.
  

When used as CIK, the key contains a random number (generated internally by the phone when the keys are loaded) that is used for encryption of the actual cryptographic keys that are stored inside the phone. This procedure is also known as key-splitting. This way, a phone without the CIK, or a lost CIK alone, has no meaning whatsoever and will not reveal any information about the cryptographic keys. Only when the CIK is entered into the phone it is paired to, can the original keys be recovered and can the phone be operated in secure mode.

The KSD-64 is no longer in production and is not available from the manufacturer anymore. Other versions of the key, produced by the same manufacturer, are used with a variety of other crypto devices, such as the KIV-7 — the replacement for the KG-84.

 More about the KSD-64

Vocoder
Although STU-III phones are intended for connection to analogue telephone networks (PSTN), all voice data is processed and transmitted digitally. Before the human speech can be encrypted, it first has to be digitized by means of a so-called vocoder. Over the years, a variety of vocoders have been developed to allow human voice to be transmitted (digitally) over narrow channels.

In the late 1960s, the NSA developed a revolutionary technique called Linear Predictive Coding (LPC). It allows human speech to be transmitted with a resonable quality via narrow-band communication channels at 1200 or 2400 baud. The 10th order variant, known as LPC-10e, was also used in the earlier STU-II telephone. This standard is also known as FS-1015 [5]. LPC was later improved by several parties, leading to newer standards like CELP, MRELP, HDLPC, etc.

STU-III phones are allowed to support different and even proprietary vocoders (CODECs). When establishing a connection, the terminals at either end first negiotiate the best possible vocoder that is supported by both devices. In order to be interoperable, the STU-III terminals from all manufacturers have to support at least LPC-10E (2400 bps) and CELP (4800 bps).

15 second delay
A STU-III phone can be connected to any standard analog telephone line (POTS). A call is always initiated in clear (non-secure mode). In order to go secure, both parties have to insert and activate their unique Crypto Ignition Key (CIK). Then, one of the parties initiates the secure conversation by pressing the Secure button. After a 15-second delay, during which the message keys are exchanged and the phones are synchronised, a secure conversion is possible.

The 10 to 15 second delay is common for all STU-III phones and can be considered a nuisance to the user. Furthermore, valuable information is often given away in the clear voice conversation that takes place prior to entering secure mode. This delay does not occur with the later STE.

Until today, there have been no reports of STU-III units being broken. That does not mean, however, that foreign intelligence services did not gather valuable information from intercepted lines, directly before and after the secure part of the conversation, and from the metadata.


Models
STU-III/LCT
The standard version of the STU-III — intended for common desktop use — was known as the low-cost terminal (LCT), which was usually printed as a suffix on the device's model tag — e.g.: STU-III/LCT — sometimes with the algorithm type behind it, e.g. STU-III/LCT TYPE 1. The STU-III/LCT terminals were initially developed and manufactured by Motorola, AT&T and RCA.

Motorola STU-III/LCT
Motorola was involved with the deveopment of the STU-III standard from 1985 onwards, after receiving a US$ 15.3 million development award from NSA. This is probably one of the reasons for the wider variety of Motorola STU-III devices, compared to other manufacturers.

First in line was the SECTEL 1000, soon followed by the SECTEL 1500 and SECTEL 2500, all of which use Motorola's own DSP technology.

 More information

  

RCA STU-III/LCT
The RCA terminal is somewhat bigger than the Motorola SECTEL units, but use the TMS320 DSP from Texas Instruments (TI) for the vocoder. With the optional multi-line extension it is even wider. Introduced around 1987.

This terminal was also sold under the General Electric (GE) brand, after GE had taken over RCA.

 More information

  

AT&T STU-III/LCT
The AT&T version was introduced in 1992 and is much smaller than the other two. It uses the same Texas Instruments TMS320 DSP for the vocoder, which supports LPC-10e and CELP.

The device was available in a Type 1 version (1100) and in a Type-4 version (4100), the latter of which is not STU-III compatible.

 More information

  

STU-III/A   Allied version
A special version of the STU-III, known as the STU-III/A, was supplied to the allied countries, such as Canada and some European countries. It was backwards compatible with the earlier STU-II and allowed calls at all levels of confidentiality.

The STU-III/A is believed to be very similar to the STU-II/B, but is interoperable with a wider range of devices (STU-II and STU-III). The STU-III/A is also known as Low Cost Terminal 1 (LCT-1).
  

STU-II/B   NATO version
A special version of the STU-III, known as STU-II/B is STU-II compatible and was developed for use by NATO forces. It was similar in appearance to the STU-III, but had more keys on the keypad to allow compatibility with the military AUTOVON and IVSN networks with priority override.

It also has a standard U-229 FILL connector at the rear, for connection of a DS-102 key fill device. It replaced the NATO variant of STU-II.

 More about STU-II/B
  

STU-III/MPT
The STU-III/MPT was a ruggedised Mobile/Portable Terminal (MPT) that was intended for military applications. It was compatible with the STU-II, the STU-II/B and the STU-III/A, and was used by NATO and NATO members. The STU-III/MPT is also known as Low Cost Terminal 2 (LCT-2). So far we have never seen a picture of the STU-III/MPT, and it is uncertain whether this version ever existed. If you have more information, please contact us.   

STU-III/R   Remote
STU-III/R is the Remote version of the STU-III, which was commonly used as a secure gateway between the Public Switched Telephone Network (PSTN) and a local Private Branch Exchange (PBX).

The device has two modes of operation: STU-II compatibility and STU-III compatibility. For the former, it also has a DS-102 key load facility.

 More about STU-III/R

  

Pricing
The STU-III/LCT was intended as a low-cost secure voice terminal that ideally would replace every desktop telephone at the Department of Defense (DoD). The price for a single unit was aimed at USD 2000. The following prices were recorded from the TSG list of approved phones of July 2005.

Brand Model Type US$ Remark
Motorola STU-III 1 2145 STU-III/LCT TYPE1/MOT-CCI-ED
RCA STU-III 1 2200 STU-III/LCT TYPE1/RCA-CCI-ED
AT&T STU-III 1 2900 STU-III/LCT TYPE1/ATT-CCI-ED
Motorola SECTEL 1500 1/2 2845 STU-III/LCT
Motorola SECTEL 2500 2/3 3395 STU-III/LCT
Motorola STU-III/A 1 3885  
Motorola STU-III/R 1 8227 Remote, STU-II and STU-III compatible
Motorola STU-II/B 1 4225 Compatible with STU-II
Motorola STU-III/MPT 1 4000  
AT&T 1100 1 1660  
AT&T 1150 1 1785  
AT&T 2100 2 1745  
GE GE 9600 1 2299  
Presidential communication
For a president, communication with his ministers and advisors is paramount. In the past, the STU-III has proved to be a major 'lifeline' for various presidents whilst travelling through the country or during overseas visits. Generally, a couple of STU-III phones were installed by the US Secret Service, at any likely or unlikely location that the president could possibly visit that day.

As the STU-III had an analogue interface, it could be connected to a POTS telephone wall socket anywhere in the world, allowing a secure conversion over a non-secure telephone line, up to the level of Top Secret. For this reason, the later STE phone still supports analogue connectivity.

The long life-span of the STU-III is illustrated by the fact that it served four US Presidents: Ronald Reagan, George H. W. Bush (Sr), Bill Clinton and George W. Bush (Jr). Although it is quite possible that the succeeding president, Barack Obama, also used the STU-III, there is no photographic evidence of this. Obama is known to have made extensive use of the STE, which was introduced around the time he was installed as the 44th President of the United States.

President Ronald Reagan
Ronald Reagan served two successive terms as the 40th President of the United States (1981-1989). During this time he became known as a strong supporter of secure communications. He endorsed, for example, the use of the STU-II secure phone at all levels of the US Government and the Department of Defense (DoD), and made funding available for the development of the STU-III.

President Ronald Reagan using an early (white) Motorola STU-III. © NSA [3]

Towards the end of Reagan's presidency, the STU-III entered service and soon became a beste-seller in government circles. Eventually more than 100,000 units would be ordered. The image above shows President Ronald Reagan using one of the first Motorola Type 1 STU-III phones.

President George H. W. Bush
The next president to use the STU-III, was George H. W. Bush. His administration was in office from 1989 to 1993 and used the STU-III on many occasions throughout his entire presidency. Bush, who served as Vice President under Ronald Reagan (1981-1989) was well aware of the security aspects involved with secure communication.

President George H. W. Bush (Sr) using a black Motorola STU-III. © NSA [4]

The image above shows President George H. W. Bush using a STU-III that is placed on a small table aside his chair. The sign below the table reads: 'SPECIAL TELEPHONE FOR PRESIDENTIAL COMMUNICATIONS'. Although the protograph was taken during his presidency, the exact date and place are currently unknown [4]. Neither do we known what the white device at the bottom is.

President Bill Clinton
William Jefferson (Bill) Clinton served two terms as the 42th President of the United States (1993-2001). Although the STU-III must have been used heavily during the Clinton administration, we have not found any photographic evidence that shows Clinton using such a phone. If you have one, you can help use by sharing it with us.

President George W. Bush
9/11 Attacks at the World Trade Center
On 11 September 2001, the two largest towers of the World Trade Center in New York (USA) were attacked by terrorists. When it happened, president George W. Bush was visiting Emma E. Booker Elementary School in Sarasota (Florida). As the Secret Service had already installed a readily available STU-III unit in a nearby room, President Bush was able to speak with his security staff in Washington only moments after the first impact.

Official White House Photograph by Eric Draper [1]. 11 September 2001.

The image above shows President George W. Bush using his Motorola SECTEL STU-III phone in the foreground, whilst the attack on the second tower is visible on a TV screen at the back. The photo is part of a series of three photographs (see below) that were made by White House photographer Eric Draper at the event [1]. Click for a larger view.

On 9 September 2011, exactly 10 years after the attacks, CNN released an interview with Eric Draper, who was President Bush's personal photographer at the White House at the time. In the interview, several of Eric's photographs, taken on 9/11, are shown alongside CNN footage.

 More about the Motorola SECTEL
 Interview with Eric Draper

AP Photo/The White House, Eric Draper
AP Photo/The White House, Eric Draper
AP Photo/The White House, Eric Draper
A
×
A
1 / 3
AP Photo/The White House, Eric Draper
A
2 / 3
AP Photo/The White House, Eric Draper
A
3 / 3
AP Photo/The White House, Eric Draper

History
The history of the STU-family starts with the development of the first generation digital Secure Telephone Unit STU-I in the late 1960s and the early 1970s, after the NSA had recognised telephone communication as one of the major security threats. Problems with existing systems had shown that speech quality was too bad on narrowband systems, and that it was difficult to distribute cryptographic material to the users. As a result, standard phones were mostly used.

In the late 1960s, the NSA defined the design goals for a digital Secure Telephone Unit (STU) that would solve the existing problems. The problem of voice quality was solved by using a revolutionary technique called Linear Predictive Coding (LPC), which greatly improved voice quality in narrowband systems. The key distribution problem was solved by introducing the concept of the Key Distribution Center (KDC) [2].

In the late 1960s, in the light of the Vietnam War, the NSA had developed a highly secure light-weight high-quality encryption system, called SAVILLE, for use in COMSEC devices such as VINSON (KY-57). The same SAVILLE encryption algorithm was used in the STU design.

The first generation of the new system was called STU-I and was technically successful in that it allowed secure voice communication in full-duplex over standard (analogue) telephone lines, with a relatively good speech quality. Other design goals, such as the size of the unit and the price tag, had failed. Immediately after the introduction of the STU-I, the NSA started development of the 2nd generation, called STU-II, which was supposed to be much smaller and more affordable.

The STU-II was indeed cheaper than the STU-I (US$ 13,000 as opposed to US$ 35,000) but was still much more expensive than the projected US$ 2,500-5,000. Furthermore, the STU-II was still a large and bulky system, consisting of a large cabinet with the electronics, and a separate desktop unit for its operation. Development of the STU-II was finished in 1980 and production ran from 1982 to 1986, after which some 10,000 units had been delivered.

In the meantime, in the mid-1980s, the Dutch firm Philips had developed the Spendex 40 — a relatively small single-piece crypto phone that was interoperable with STU-II. It was approved as an NSA Type-1 product, and for use by NATO.

Around the same time, engineers of the Lincoln Laboratory at MIT had succeeded in shrinking the size of the LPC vocoder to a single board unit, by using the latest DSP technology. A demonstration of this board convinced the director of the NSA that it was time to start development of STU-III: a single-piece solution that would even be smaller than Spendex-40.
  

Development of the STU-III was started at NSA in 1984 and took until late 1986. Production started in 1987, after NSA had decided to allow the STU-III terminals to be build by three manufacturers. Apart from the size of the unit — a STU-III is roughly the same size as a normal telephone set — the price had also come down significantly: just US$ 2,000 for a single unit.


Glossary
CELP   Codebook Excited Linear Prediction
Method for digitizing human speech, also known as a vocoder. Improved version of LPC encoding. CELP is a US Government standard that can be used at 4800 baud.
CODEC   Coder/Decoder
Common name for a method of converting analogue human speech into digital data (coding) and vice versa (decoding). In the days of the STU-III, a CODEC was also known as a Vocoder.
LPC   Linear Predictive Coding
A method for digitizing human speech by analyzing and storing specific characteristics of it, in such a way that an intelligible signal can be reconstructed later. LPC-10E was a US Government standard that was used at 2400 baud on all STU-III terminals.
 Wikipedia
POTS   Plain Old Telephone System
Analogue swiched telephone network, also known as a Switched Voice Network, that predates digital communications networks like ISDN and the Internet.
STU   Secure Terminal Unit
Standard for secure voice and data conversations via standard analogue telephone networks, developed and maintained by the US National Security Agency (NSA). There are three generations of STU devices, known as STU-I, STU-II and STU-III. STU was later succeeded by Secure Terminal Equipment (STE).
Vocoder   Voice Coder, or Speech Digitizer
Method for converting (analogue) human voice signals into digital data, in such a way that it can be used for digital storage and/or transmission. Vocoders are also used to digitize speech before encryption.
Specification
  • Device
    Encrypted telephone
  • Purpose
    Confidential diplomatic and military voice traffic
  • Model
    STU-III
  • Developer
    NSA, Motorola
  • Manufacturer
    Motorola, RCA, AT&T
  • Development
    1984-1986
  • Production
    1987-200x
  • Predecessor
    STU-II
  • Successor
    STE
  • CIK
    KSD-64
  • Vocoder
    LPC-10E, CELP 1
  • Encryption
    Type 1, Type 2, Type 3, Type 4 2
  • Dimensions
    Depending on manufacturer/model
  • Weight
    Depending on manufacturer/model
  • Quantity
    > 200,000
  • Price
    USD 1660-3400 3
  1. Minimum requirement. Additional codecs may optionally be supported.
  2. Depending on manufacture and model.
  3. Depending on manufacturer and model. Special versions like STU-III/R are more expensive.

Documentation
  1. STU-III System level description and Network Applications
    Defense Communications Engineering Center (approved for public release).
    AD-A198 514. November 1986, revised June 1988.

  2. STU-III Handbook for Industry
    Department of Defense Security Institute. February 1997.

  3. TSG, Approved Telephones - Pricelist
    TSG Standard 6, July 2005.
References
  1. Eric Draper, Photographs of President George W. Bush during the 9/11 attacks
    AP Photo/The White House. 11 September 2001. Retrieved, June 2011.

  2. Robert M. Gray, Linear Predictive Coding and the Internet Protocol
    A survey of LPC and a History of Realtime Digital Speech on Packet Networks
    Stanford University, 2010. Retrieved November 2012.

  3. National Security Agency, Cryptologic Excellence: Yesterday, Today and Tomorrow
    Brochure at the event of the 50th anniversary of the agency 1952-2002. p. 16.

  4. National Security Agency, Photograph of George W. H. Bush using a STU-III phone
    NSA Website. Retrieved February 2013.

  5. Wikipedia, LPC-10 Vocoder
    FS-1015 standard. Retrieved July 2011.

  6. L3 Communications, STU-III Phase Out
    Date unknown (about 31 December 2009).
Further information
Any links shown in red are currently unavailable. If you like the information on this website, why not make a donation?
© Crypto Museum. Created: Sunday 11 July 2010. Last changed: Monday, 23 September 2024 - 08:55 CET.
Click for homepage