Army signals security & "Clansmen" series radios

[Brian Gladman]

From: "Owen Lewis" <oml@eloka.demon.co.uk>
To: "ukcrypto" <ukcrypto@maillist.ox.ac.uk>
Sent: Thursday, September 07, 2000 11:56 PM
Subject: Re: Army signals security & "Clansmen" series radios

[snip]
> > But returning to crypto, there is very little integration of encrypted
> > communications in NATO since each NATO nation takes a national approach
to
> > cryptographic information protection (guess why).
>
> Well, working out from there, and on the basis that allies - most
> particularly in operations - must sometimes communicate securely, one is
> left to conclude that either national systems are used under some
particular
> form of arrangement to secure those systems or that must be at least one
> allied system or there is some mixture of both approaches

By far the most common approach is to deploy liaison officers. For example
US officers with their hands on US kit and US information are deployed to
work in the command cells of the other Nations involved.

> > The sharing of sensitive
> > information between NATO nations is fraught with many difficulties
>
> True. But, surely, only in deciding what may be shared, with whom it may
be
> shared  and, possibly, when
> it should be shared. The rest is largely mechanics that should follow on
> from those decisions. As is common knowledge, in peactime (including
> so-called police actions) the NATO national forces remain under several,
> national command. In time of war, the national forces declared to NATO
come
> under the NATO command structure, which is almost the only part of the
NATO
> military structure to be maintained in time of peace. Now for that
structure
> to prepare adequately for war - and to safely control six figures of armed
> men during several weeks of training manoevres, some secure inter-allied
> secure communications would seem essential, nicht war?  Can you imagine
the
> potential for chaos, accidental loss of life and even political mistake if
> close and secure liaison was impossible?

Yes but the technical means for doing this, except at the top command
layers, is via deployed national systems and the exchange of liason
officers.

These structures work because in the main they involve procedural and people
based approaches to information management rather than modern technical
ones.  In consequnce they are often inefficient and not very timely and in
recent conflicts we have seen some of the products of these inefficiencies
in that commercial TV broadcasts have sometimes been a better source of
information for the military than their own channels of communication.

> That statement probably suffers from covering a very wide canvas in just a
> few lines.As I'm sure you know, very simple and effective secure gateways
> have existed on principles established  for inter-allied working during
> WWII - if not as long ago as WWI. The technology has changed but the
> principles have remained basically the same. At the other end of the
scale,
> I might agree  that NATO HQ's may not intercommunicate with the most
> modern or efficient of secure communications but function, somehow, they
> do.

I don't agree here since gateways involving cryptographic translation
between a number of different cryptographic domains are essentially new
territory for which there are no precedents.  Such gateways require
cryptograpic capabilities from the nations involved and also need a level of
integration into the respective national means of key management.  All the
nations involved will want to develop and deploy very high assurance
'guards' in the various connections to such a gateway and the gateway itself
represents a truly horrendous point of vulnerability which makes its design
and construction an impossible challenge.  This is a mad way to go in
technical terms but that is often what politics demands (as we have seen
with RIP).

[snip]
> It would be nice to think that the design and equipping of a European
> Defence Force (or whatever it ends up being called) with secure
> communications will be an occasion for a fresh start. It could be, which
is
> by no means saying that it will.  If it is, would you say that PK systems
> are likely to play a significant role?

Cryptography is still the last bastion of nationalism within the
government/defence sphere and this makes it difficult to predict what will
happen.  I think that politics will dominate and this means that technical
logic cannot be used to predict the outcome.  I suspect that a European
Defence Force will simply be a repeat of NATO experiences on a smaller scale
since I cannot see the major European nations trusting each other's national
cryptography.  Paradoxically, as the quality and assurance of commercial
cryptographic solutions improves over the coming decade, we might well find
that these offer an effective solution for military traffic that requires
limited or shorter term protection.

    Brian