Appendix A
References
CONTENTS
A-1. CHAIRMAN OF THE JOINT CHIEFS OF STAFF INSTRUCTION (CJCSI) 3260.01
(S/FRD) Joint Policy Governing Positive Control Material and Devices (U)
A-2. ALLIED COMMAND, EUROPE (ACE), DIRECTIVE
ACE Directive 90-9, Procedures for Safeguarding, Accounting and Requesting of COMSEC Material (NU)
A-3. ARMY REGULATIONS (ARs)
AR 15-6, Procedure for Investigating Officers and Boards of Officers
AR 25-55, The Department of the Army Freedom of Information Action Program
AR 25-400-2, The Modern Army Recordkeeping System (MARKS)
AR 190-13, The Army Physical Security Program
AR 190-14, Carrying of Firearms and Use of Force for Law Enforcement and Security Duties
AR 380-5, Department of the Army Information Security Program
AR 380-19, Information Systems Security
AR 380-40, Policy for Safeguarding and Controlling COMSEC Material
AR 381-12, Subversion and Espionage Directed Against the U.S. Army (SAEDA)
AR 381-14 (S) Technical Surveillance Countermeasures (TSCM) (U)
AR 710-2, Inventory Management Supply Policy Below the Wholesale Level
AR 710-3, Asset Transaction Reporting System
A-4. DEPARTMENT OF THE ARMY (DA) PAMPHLETS
DA Pamphlet 25-16, Security Procedures for the Secure Telephone Unit, Third Generation (STU-III)
DA Pamphlet 25-380-2, Security Procedures for Controlled Cryptographic Items
A-5. TECHNICAL BULLETINS (TBs)
TB 380-40, (C) Key Variable Management and Cryptosetting for Electronically Keyed COMSEC Systems (U)
TB 380-41, Procedures for Safeguarding, Accounting, and Supply Control of COMSEC Material
A-6. UNITED STATES ARMY, EUROPE (USAREUR), PUBLICATIONS
USAREUR Regulation 25-22, Policy and Procedures for Obtaining and Using Telecommunication Services and Systems in Europe
USAREUR Regulation 190-13, The USAREUR Physical Security Program
USAREUR Regulation 351-2, Policy, Procedures, and Responsibilities for Seventh Army Combined Arms Training Center Courses of Instruction
USAREUR Regulation 380-19, Information Systems Security
USAREUR Regulation 380-85, Counterintelligence Services
USAREUR Regulation 604-1, Foreign National Screening Program
A-7. NONCRYPTOGRAPHIC OPERATIONAL GENERAL (NAG) PUBLICATION
NAG 16C, Field Generation and Over-the-Air-Distribution of COMSEC Key in Support of Tactical Operations and Exercises
A-8. FORMS
DD Form 2056 (Telephone Monitoring Notification Decal)
DD Form 2501 (Courier Authorization Card)
DA Form 2653-R (COMSEC Account - Daily Shift Inventory (LRA))
DA Form 3964 (Classified Document Accountability Record)
AE Form 600-700C-R, Accountability Requester for Privilege and Identification Cards
Appendix B
Security Telephone Unit, Third Generation, Program Guidance
CONTENTS
Glossary
B-1. PURPOSE
This appendix provides guidance for USAREUR personnel involved in the secure telephone unit, third generation (STU-III), program.
B-2. REGISTRATION
a. The USAREUR command authority requires a certification statement before a user-representative will be registered for Top Secret or sensitive compartmented information (SCI) key-ordering privileges. A sample certification statement is provided in the STU-III Electronic Key Management System (EKMS) Key Management Plan 702.01. For Top Secret keys, the unit security manager must certify that the Top Secret key will be used only in an area approved for Top Secret. The site security officer must sign the SCI key-certification statement on unit letterhead stationery. Certification statements will not be sent with the key-order request.
b. To register for Top Secret or SCI key-ordering privileges, the requester must have a supporting communications security (COMSEC) account approved for Top Secret. COMSEC-account support may be provided by any organization or command. A copy of the designated supporting COMSEC account, DA Form 2012 (COMSEC Account Data), must be sent with the request.
B-3. MANAGEMENT
a. Although the National Security Agency (NSA) program stresses the use of a "seed key," an "operational key" may be required. The type of key to order will be based on specific requirements.
b. The key will be signed for, stored, issued, reported, and handled according to AR 380-40, DA Pamphlet 25-16, STU-III EKMS 702.01, and other COMSEC accounting directives.
c. Each office, unit, organization, and command must establish local policy for cryptoignition keys (CIKs). CIKs must be handled, controlled, inventoried, and managed according to key-control directives.
d. To turn in a defective STU-III, the user must prepare the documentation for turn-in of a defective STU-III and use the checklist at the back of the STU-III operators manual to identify the problem. The user must identify the checklist item by number and give a short explanation of the problem.
e. Expired fill devices (for example, keys) and key storage device (KSD) 64A will be returned and reset by the COMSEC custodian. A destruction report will be sent to the central facility. If there is no way to destroy the key, the key may be transferred to the Central Facility. Custodians should use SF 153 (COMSEC Material Report) to dispose of keys.
NOTE: A destruction report requires two signatures, unless it is a consolidated destruction report.
f. Users must "zeroize" the STU-III three times before turning it in to the supply system. STU-IIIs that cannot be zeroized must be handled as classified material at the classification level of the key.
g. When a STU-III is turned in to the supply system, the instrument should be complete (that is, the operator manual, one blank CIK, line cord, power supply, and all other original issue accessories).
h. Once keyed, the STU-III key is valid for 1 year. The message, "CALL KMC," means the key is about to expire. Users should call 550-7883 (550-STU3) in most areas to rekey. Users should set a deadline for rekeying each STU-III before the annual expiration date.
NOTE: In some areas of Europe, users may have to rekey using a telephone line with the capability to call outside the installation. In Germany, the telephone number is 99-0130-81-0752.
i. When deploying with a STU-III, users will not reset the STU-III to zero. The STU-III will be transported as sensitive material. The CIK will be removed and carried separately.
j. To prevent security violations, STU-III terminals display information to identity the contacted STU-III terminal, the maximum classification level for calls, SCI authorization, and, if other-than-U.S.-access only, foreign access to the terminal (for example, US/UK, US/FORN only).
B-4. REPORTS
a. Key destruction reports include a single signature and the serial number for the STU-III. If an SF 153 is used, the serial number goes in the "remarks" column across from the appropriate key. Certified consolidated destruction reports will not include the STU-III serial number, but may be submitted based on a document with a single signature and serial number to the EKMS. Any form (for example, SF 153, DA Form 3964) may be used to record the destruction of a STU-III key if the form--
(1) Clearly identifies the key by its short title, edition, and register number.
(2) Shows signatures and the STU-III serial number. Signatures of the destruction official and a witness are required to authenticate a report of destruction if the STU-III serial number is not used, the key is zeroized, or the key failed to properly load the telephone.
b. A lost CIK is not a COMSEC incident if it is reported to the local security manager within 72 hours. A lost CIK is not reported to the COMSEC material control system (CMCS) or EKMS unless the associated STU-III is missing.
c. Missing STU-IIIs must be reported to the security manager and unit property book officer. Missing STU-IIIs are investigated according to AR 380-5 and DA Pamphlet 25-380-2.
B-5. FORMAT FOR REQUESTING A STU-III FOR A PRIVATE RESIDENCE
Requests to install a STU-III in a private residence will be prepared using the format in figure B-1.
B-6. SECURITY STANDARDS AND PROCEDURES FOR STU-III CELLULAR TELEPHONES IN VEHICLES
a. The security and integrity of any STU-III cellular telephone installed in vehicles must meet the following standards:
(1) The unkeyed STU-III cellular telephone is a controlled cryptographic item (CCI) and will be treated as a sensitive, high-value item and safeguarded according to AR 190-51, AR 710-2, AR 380-5, AR 380-40, DA Pamphlet 25-16, and DA Pamphlet 25-380-2. When mounted in the vehicle and unattended, the STU-III cellular telephone must have double-barrier protection (a locked vehicle in a secure or locked facility) (AR 190-51).
(2) STU-III cellular-telephone access will be limited to authorized persons. Access to the area of location for the STU-III may be granted to nonauthorized persons (without the constant presence of an authorized person) when the following conditions are met:
(a) Access is required by custodial duties or other operational responsibilities.
(b) The area in which the instrument will be used is a controlled U.S. facility.
(c) The CIK is in the personal possession or custody of an authorized person or stored as described in (8) below.
(3) Audio precautions are taken to prevent unauthorized interception of information being discussed over a STU-III cellular telephone.
(4) The STU-III cellular telephone is used only for voice communication and the information discussed is no higher than the approved classification level.
(5) The STU-III cellular telephone is marked "U.S. GOVERNMENT PROPERTY."
(6) A label is on the STU-III cellular telephone with the following statement: "THIS TELEPHONE IS SUBJECT TO MONITORING AT ALL TIMES. USE OF THIS TELEPHONE CONSTITUTES CONSENT TO MONITORING."
(7) A STU-III cellular telephone that has been keyed (a CIK has been inserted) is cleared for the classification level of the key. Using a keyed STU-III cellular telephone is equivalent to openly displaying a classified document. A keyed STU-III cellular telephone will never be left unattended.
(8) The CIK must be removed from the STU-III cellular telephone after each use. The CIK will remain with the authorized user or stored in an authorized security container.
(9) The CIK will be controlled by the user. If an individual in the area is not cleared to the level of the keyed terminal, the terminal must be under the operational control of an authorized person.
b. The user of a STU-III cellular telephone in a vehicle must be thoroughly familiar with the security provisions in a above. Questions and problems may be referred to the supporting security manager.
B-7. STU-III USE IN NON-NATO COUNTRIES
STU-IIIs are not ordinarily required when participating with non-NATO countries in joint training if U.S.-to-U.S. secure communications are not needed. The commander will decide whether or not a STU-III will be needed during joint activities with non-NATO countries. (STU-IIIs will not be taken to non-NATO countries unless fully justified.) If a STU-III is needed, the commander will conduct a risk assessment before taking the STU-III into the non-NATO country.
a. This risk assessment will confirm--
(1) Knowledge of and ability to comply with security provisions of DA Pamphlet 25-16 and DA Pamphlet 25-380-2 (including shipping, control, and storage of and access to STU-IIIs in non-NATO countries).
(2) Host-nation approval. Use of a STU-III without host-nation approval is illegal. STU-IIIs can disrupt local telephone systems and be confiscated by post-telephone-telegraph authorities.
(3) An agreement or arrangement has been or can be made to ensure that STU-IIIs will not be seized by customs officials for examination or as illegal devices.
(4) Suitable provisions have been made for securing the CIK.
b. In the risk assessment, the commander will consider that--
(1) Non-NATO countries do not have status-of-forces agreements with the U.S. military. Laws in non-NATO countries may be more restrictive than those of NATO countries. Full compliance with local laws is required.
(2) While the host-country clearance can be avoided by sending the STU-III in a diplomatic pouch, it will not prevent host-country authorities from taking the STU-III if it is a "prohibited or unauthorized item" or if it is subsequently used illegally (without host-country approval).
(3) Joint activities are intended to promote mutual trust and further military cooperation. Because CCI security procedures prohibit countries from sharing the STU-III, having a STU-III could be perceived by the host country as a lack of trust.
(4) Local telephone systems may not permit direct contact to the key management center (KMC).
(5) Taking a keyed STU-III avoids the need to call the KMC. If the STU-III is taken keyed, the STU-III and CIK must be stored separately.
(6) Alternative secure communications exist (for example, using a KL-43 or secure systems at a U.S. embassy).
