Army explores new paths to secure communications

Army officials are busy hammering out a framework to support secure communications in the next decade.

Secure communications has arguably been the highest priority for military services since allied code breakers deciphered the German Enigma encryption and decryption machine during World War II. Security often comes in two flavors: what can be done now to improve existing networks and what future network architectures should look like in the long term.

For the latter, the military services were depending on the Transformational Communications Satellite (TSAT) to provide protected satellite communications. The Army, in particular, was counting on TSAT to bring protected communications to the fourth increment of the Warfighter Information Network-Tactical (WIN-T) on-the-move communications program. Earlier this year, Defense Secretary Robert Gates canceled the TSAT program.

So what is the Army’s plan for protected communications in the 2015 time frame?

“The requirements document calls for Increment 4 to connect with high-bandwidth, protected satellite transmissions — capabilities the TSAT program was meant to achieve,” WIN-T Project Manager Col. Chuck Hoppe said. “Following the termination of the TSAT program, the Department of Defense is re-examining the capabilities required and how best to meet those needs.”

“The Army is investigating how to bring protected, communications-on-the-move into a small-aperture, on-the-move antenna, needed for Increment 4. These investigations currently are looking at what capabilities can be achieved with the Advanced Extremely High Frequency satellite program.”

The AEHF program consists of three satellites in geosynchronous orbit, which are being designed to replace the Milstar satellites. Lockheed Martin and Northrop Grumman are building the satellites, which are expected to transmit data at about 8 megabits/sec, and each AEHF satellite is said to have greater capacity than all six Milstar satellites combined. The companies plan to launch one satellite in 2010, 2011 and 2012.

Near-term goals

In the near term, the Army’s plan for the Global Network Enterprise Construct, which will bring together the Army’s various networks in a single enterprise that connects to the larger Global Information Grid, depends on secure communications.

“The GNEC concept can’t work without a safe, secure network,” said Maj. Gen. Susan Lawrence, commanding general of the Army Network Enterprise Technology Command (Netcom) and 9th Signal Command. “The mission demands it, the warfighter relies on it, and we have an obligation to deliver it.

“We’ve developed a comprehensive strategy to ensure that the [Secure IP Router Network, Unclassified but Sensitive IP Router Network] and all the elements of the enterprise network provide that safe and secure operating environment. Our approach enhances our defensive capabilities, improves the sustainment of programs, leverages our partnerships with industry, and develops more effective rapid detection and response capabilities. We're partnering with the military intelligence community to improve predictive intelligence as well. This strategy will allow us to dominate and win the Army’s cybersecurity fight.”

Lawrence described the Army’s center of gravity in this fight as its security centers: the Army Global Network Operations Security Center and Theater Network Operation Security Centers.

“The AGNOSC and TNOSCs are the network’s guardians,” she said. “They work on a daily basis to detect, analyze and overcome the threat to theater and global network operations, helping our forces to maintain information dominance. Additionally, the TNOSCs also provide network operations and service-desk functions, while the AGNOSC serves as the Army’s operational arm into the world of the Joint Task Force-Global Network Operations. Together, they represent the Army’s key LandWarNet cyber defense capability.”

That emphasis on security helps to facilitate Netcom’s evolution from being a network and communications manager to a cyber force.

“In a very real sense, we already are the Army’s cyber force,” Lawrence said. “The Army Global Network Operations Security Center currently performs or supports around 92 percent of the missions expected to go to the future Army Cyber Command. They and the TNOSCs perform critical functions in the operations and defense of the network, enabling and preserving the commander’s battle command capability, situational awareness and decision superiority.”

“While command and control warfare is the primary focus for cyber operations at the strategic level, the center of gravity at the operational and tactical levels, as evidenced during Operation Rampart Yankee, [a computer exercise], is operations and defense of the network — something we are successfully doing today.”

The evolution continues

Army voice communications are on the threshold of a transformational change, said Steven Schliesman, chief of the Technical Management Division and project manager of the Network Service Center at the Program Executive Office for Electronic Information Systems, speaking at the Army’s LandWarNet Conference 2009. That change involves the evolution of voice over IP to VOIP for secure networks, which is known as VOSIP.

There are 50,000 users in the DOD VOSIP environment, but the vast majority are at the tactical level in Iraq and Afghanistan. In the continental United States, the VOSIP disappears, leading to a breakdown in secure voice communications between the continental United States and operational theaters.

“Presently, the Army lacks an enterprise-level view for VOSIP that provides centralized management and appropriate planning, implementation, operation, maintenance and funding that is also aligned with the Global Network Enterprise Construct,” Schliesman said.

There are a number of additional challenges related to VOSIP, Schliesman said. “VOSIP deployment is dependent on the availability of the [Secret IP Router Network] infrastructure, which in [the United States] may not be as far along as it is elsewhere. In addition, VOSIP usage is expanding, and there is a desire to use a single desk phone that would accommodate connectivity to both classified and wireless networks and would support secure and nonsecure communications.”

Arguably the greatest challenge is that there is no single, authoritative voice for VOIP in the Army. Unlike the strong vision that has been expressed for data transmission over the network, there is nothing like that for voice.

“Who is the proponent for voice, and how do we get our architecture solidified, like we’re doing in the data world?” Schliesman said.

Black key over SIPRnet

Another important secure communications development is the capability to transmit the encrypted key, sometimes known as the black key, via SIPRnet. Until now, an encrypted key has been a 128-bit binary code stored on a CD, floppy disk or USB drive that was necessary to encrypt radio transmission and scramble voice transmission.

Typically the key had to be physically taken from one place to another, which exposed the courier to the danger of improvised explosive devices or hostile fire. That reality, combined with the Army’s recent ban of thumb drives to prevent the spread of viruses and loss of important data, prompted Army computer engineers to figure out a way to transmit the key electronically.

“We were able to use existing resources to develop a workaround given the ban on USB devices,” said Ken Maloon, project lead for Encrypted Key Distribution (EKD) over SIPR for Product Director Network Operations at Program Manager WIN-T.

The application used to download the encrypted key to a SIPRnet terminal is a Tier 3 Download Utility. The utility runs on a SIPRnet terminal at a higher echelon brigade or above, where the key is transmitted and then downloaded at the receiving terminal. The utility doesn’t generate any data. It is basically a pop-up box, similar to one used to attach a file to an e-mail message, and it is a mechanism to get the data from the higher-end SIPRnet terminal at brigade level down to a lower SIPRnet terminal at the company level.

Because of the urgent need for the black key, the program can acquire a certificate of networthiness from Netcom for use of EKD over SIPRnet in two weeks, instead of the 90 days that the process usually takes, Maloon said.