DOCSLIB.ORG

AR 380-40 Safeguarding and Controlling Communications

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

FOR OFFICIAL USE ONLY Army Regulation 380–40 Security Safeguarding and Controlling Communications Security Material Distribution Restriction Statement. This publication contains technical or operational information that is for official Government use only. Distribution is limited to Government agencies or their contractors. Requests from outside the Government for release of this publication under the Freedom of Information Act will be referred to the Commanding General, U.S. Army Intelligence and Security Command, (IACSF–FI), Fort George G. Meade, MD 20755–5995. Requests from outside of the Government for release of this publication under the Foreign Military Sales program must be made to the Deputy Chief of Staff, G–2 (DAMI–CDS), 1000 Army Pentagon, Washington, DC 20310–1000. Destruction Notice. Destroy by any method that will prevent disclosure of contents or reconstruction of the document. Rapid Action Revision (RAR) Issue Date: 24 April 2013 Headquarters Department of the Army Washington, DC 9 July 2012 FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY SUMMARY of CHANGE AR 380–40 Safeguarding and Controlling Communications Security Material This rapid action revision, dated 24 April 2013- o Updates responsibilities for Commanding General, U.S. Army Intelligence and Security Command; Commanders, Army commands, Army service component commands, and direct reporting units; command security officers; commanders at all levels; and individual users (paras 1-8, 1-11, 1-12, 1-13, and 1-16). o Provides expanded policy and guidance for administering the Counterintelligence Scope Polygraph Program in support of the Department of the Army Cryptographic Access Program (chap 7). o Requires use of the U.S. Diplomatic Courier Service when shipping to foreign locations where controlled cryptographic items would be subject to foreign customs or postal inspection and clarifies the conditions and criteria under which controlled cryptographic items may be shipped using the Defense Courier Service mode of transportation (para 8-39). o Makes administrative changes (throughout). FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Headquarters *Army Regulation 380–40 Department of the Army Washington, DC 9 July 2012 Effective 9 August 2012 Security Safeguarding and Controlling Communications Security Material otherwise stated. It also applies to non- Army internal control process. This Army elements that include, but are not regulation contains internal control provi- l i m i t e d t o , c o n t r a c t o r s , c o n s u l t a n t s , a n d sions in accordance with AR 11–2 and licensees. Its specific requirements apply identifies key internal controls that must to all communications security material in be evaluated (see appendix E). physical and electronic form used to se- c u r e n a t i o n a l s e c u r i t y s y s t e m s . D u r i n g S u p p l e m e n t a t i o n . S u p p l e m e n t a t i o n o f mobilization or national emergency, the this regulation and establishment of com- proponent may modify chapters and poli- mand and local forms are prohibited with- cies contained in this regulation. out prior approval from the Deputy Chief Proponent and exception authority. of Staff, G–2 (DAMI–CDS), 1000 Army The proponent of this regulation is the Pentagon, Washington, DC 20310–1000. Deputy Chief of Staff, G–2. The propo- nent has the authority to approve excep- Suggested improvements. Users are tions or waivers to this regulation that are invited to send comments and suggested consistent with controlling law and regu- improvements on DA Form 2028 (Recom- History. This publication is a rapid action lations. The proponent may delegate this m e n d e d C h a n g e s t o P u b l i c a t i o n s a n d revision (RAR). This RAR is effective 24 approval authority, in writing, to a divi- Blank Forms) directly to the Headquar- M a y 2 0 1 3 . T h e p o r t i o n s a f f e c t e d b y t h i s sion chief within the proponent agency or t e r s , D e p a r t m e n t o f t h e A r m y , D e p u t y RAR are listed in the summary of change. its direct reporting unit or field operating Chief of Staff, G–2 (DAMI–CDS), 1000 S u m m a r y . T h i s r e g u l a t i o n p r e s c r i b e s agency, in the grade of colonel or the A r m y P e n t a g o n , W a s h i n g t o n , D C A r m y p o l i c y f o r t h e s a f e g u a r d i n g a n d civilian equivalent. Activities may request 20310–1000. c o n t r o l l i n g o f c o m m u n i c a t i o n s s e c u r i t y a waiver to this regulation by providing Distribution. This regulation is available material. Also, this regulation implements justification that includes a full analysis of National Security Directive 42, Executive t h e e x p e c t e d b e n e f i t s a n d m u s t i n c l u d e in electronic media only and is intended Order 12333, the Committee on National f o r m a l r e v i e w b y t h e a c t i v i t y ’ s s e n i o r for command levels C, D, and E for the Security Systems Policy Number 1, the legal officer. All waiver requests will be Active Army, the Army National Guard/ Committee on National Security Systems e n d o r s e d b y t h e c o m m a n d e r o r s e n i o r A r m y N a t i o n a l G u a r d o f t h e U n i t e d Instruction 4005, DODI 5205.08, and por- leader of the requesting activity and for- States, and the U.S. Army Reserve. tions of DODI 8523.01. warded through their higher headquarters t o t h e p o l i c y p r o p o n e n t . R e f e r t o A R Applicability. This regulation applies to 25–30 for specific guidance. t h e A c t i v e A r m y , t h e A r m y N a t i o n a l Guard/Army National Guard of the United States, and the U.S. Army Reserve, unless Distribution Restriction Statement. This publication contains technical or operational information that is for official Government use only. Distribution is limited to Government agencies or their contractors. Requests from outside the Government for release of this publication under the Freedom of Information Act will be referred to the Commanding General, U.S. Army Intelligence and Security Command, (IACSF–FI), Fort George G. Meade, MD 20755–5995. Requests from outside of the Government for release of this publication under the Foreign Military Sales program must be made to the Deputy Chief of Staff, G–2 (DAMI–CDS), 1000 Army Pentagon, Washington, DC 20310–1000. Destruction Notice. Destroy by any method that will prevent disclosure of contents or reconstruction of the document. *This regulation supersedes AR 380–40, dated 30 June 2000. This edition publishes a rapid action revision. AR 380–40 • 9 July 2012/RAR 24 April 2013 i FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Contents (Listed by paragraph and page number) Chapter 1 Introduction, page 1 Section I General, page 1 Purpose • 1–1, page 1 References • 1–2, page 1 Explanation of abbreviations and terms • 1–3, page 1 Responsibilities • 1–4, page 1 Section II Responsibilities, page 1 The Deputy Chief of Staff, G–2 • 1–5, page 1 The Chief Information Officer/G–6 • 1–6, page 2 Deputy Chief of Staff, G–4 • 1–7, page 2 The Commanding General, U.S. Army Intelligence and Security Command • 1–8, page 2 The Commanding General, U.S. Army Materiel Command • 1–9, page 2 Commanding General, U.S. Army Training and Doctrine Command • 1–10, page 3 Commanders of Army commands, Army service component commands, and direct reporting units • 1–11, page 3 Command Security Officers (G–2 or S–2) • 1–12, page 3 Commanders at all levels • 1–13, page 4 Directors of Headquarters, Department of the Army agencies and commanders of Army commands, installations, and activities • 1–14, page 5 Communications security account manager • 1–15, page 5 Individual users • 1–16, page 5 Chapter 2 Communications Security Material Control System, page 5 Requirements for communications security material • 2–1, page 5 Communications security account manager • 2–2, page 5 Communications security account manager duties and functions • 2–3, page 7 Communications security accounts • 2–4, page 7 Deployment of communications security accounts • 2–5, page 8 Electronic Key Management System • 2–6, page 8 Electronic Key Management System communications security accounts • 2–7, page 8 Access to communications security material • 2–8, page 9 Accessing, viewing by, and releasing of communications security material to foreign nationals • 2–9, page 11 Top secret communications security material • 2–10, page 11 Use of no-lone zones • 2–11, page 11 Communications security software, encrypted key, and JOSEKI • 2–12, page 12 Dissemination of communications security material • 2–13, page 12 Minimum item accounting requirements • 2–14, page 12 Reporting and accounting for communications security material • 2–15, page 13 Accounting legend code 6 • 2–16, page 13 Generating and accounting for accounting legend code 6 material • 2–17, page 13 Generating and accounting for accounting legend code 7 material • 2–18, page 13 Inventory requirements • 2–19, page 13 Issuing • 2–20, page 14 Removable storage devices • 2–21, page 14 Using communications security material • 2–22, page 14 Communications security operational precautions (safeguards) • 2–23, page 14 Protecting passwords • 2–24, page 15 ii AR 380–40 • 9 July 2012 FOR OFFICIAL USE ONLY FOR OFFICIAL USE ONLY Contents—Continued Classified communications security information • 2–25, page 15 Hand receipting communications security material • 2–26, page 15 Protective technology • 2–27, page 15 Reproduction of communications security material • 2–28, page 16 Communications security equipment modification • 2–29,
Recommended publications
  • NSA's Efforts to Secure Private-Sector Telecommunications Infrastructure

    NSA's Efforts to Secure Private-Sector Telecommunications Infrastructure

    Under the Radar: NSA’s Efforts to Secure Private-Sector Telecommunications Infrastructure Susan Landau* INTRODUCTION When Google discovered that intruders were accessing certain Gmail ac- counts and stealing intellectual property,1 the company turned to the National Security Agency (NSA) for help in securing its systems. For a company that had faced accusations of violating user privacy, to ask for help from the agency that had been wiretapping Americans without warrants appeared decidedly odd, and Google came under a great deal of criticism. Google had approached a number of federal agencies for help on its problem; press reports focused on the company’s approach to the NSA. Google’s was the sensible approach. Not only was NSA the sole government agency with the necessary expertise to aid the company after its systems had been exploited, it was also the right agency to be doing so. That seems especially ironic in light of the recent revelations by Edward Snowden over the extent of NSA surveillance, including, apparently, Google inter-data-center communications.2 The NSA has always had two functions: the well-known one of signals intelligence, known in the trade as SIGINT, and the lesser known one of communications security or COMSEC. The former became the subject of novels, histories of the agency, and legend. The latter has garnered much less attention. One example of the myriad one could pick is David Kahn’s seminal book on cryptography, The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet.3 It devotes fifty pages to NSA and SIGINT and only ten pages to NSA and COMSEC.
  • Canada's Communications Security Establishment: from Cold War to Globalization

    Canada's Communications Security Establishment: from Cold War to Globalization

    CANADA’S COMMUNICATIONS SECURITY ESTABLISHMENT: FROM COLD WAR TO GLOBALISATION Martin Rudner OCCASIONAL PAPER No 22 – 2000 CANADA’S COMMUNICATION SECURITY ESTABLISHMENT: FROM COLD WAR TO GLOBALISATION Martin Rudner OCCASIONAL PAPER No 22 – 2000 The Norman Paterson School of International Affairs Carleton University 1125 Colonel By Drive Ottawa, Ontario K1S 5B6 Telephone: 613-520-6655 Fax: 613-520-2889 www.carleton.ca/npsia This series is published by the Centre for Security and Defence Studies at the School and supported by a grant from the Security Defence Forum of the Department of National Defence. The views expressed in this paper do not necessarily represent the views of the School or the Department of National Defence. TABLE OF CONTENTS Abstract ii Abbreviations iv INTRODUCTION 1 THE BEGINNINGS OF CANADIAN SIGINT 2 CANADA’S SIGINT COLLECTION EFFORT 6 COLD WAR SIGINT OPERATIONS 8 CANADA AND THE UKUSA AGREEMENT 11 SATELLITE COMMUNICATIONS AND ECHELON 13 SIGINT TECHNOLOGY ACCESS AND SHARING 16 CANADA’S POST-COLD WAR SIGINT AGENDA 18 THE ECONOMIC INTELLIGENCE CONUNDRUM 22 FUTURE CHALLENGES 25 Notes 34 About the Author 41 LIST OF OCCASIONAL PAPERS 42 i ABSTRACT The Communications Security Establishment (CSE) is Canada’s largest, best funded and most highly secretive intelligence agency, and is the main provider of foreign intelligence to the Canadian government. CSE collects, analyses and reports on signals intelligence (SIGINT) derived from interceptions of foreign electronic communications, radio, radar, telemetry, and other electromagnetic emissions. In fulfilment of its foreign intelligence function, CSE collaborates closely in a special SIGINT sharing arrangement with the United States, United Kingdom, Australia and New Zealand known as UKUSA.
  • KY-58 (Vinson)

    KY-58 (Vinson)

    KY-58 (Vinson) The KY-57/58 is a member of the VINSON family. The VINSON family consists of wideband secure voice (WBSV) units developed by the National Security Agency to provide line of sight half-duplex voice and data encryption at 16 Kbps. The KY-57/58 provides security for AM/FM, VHF, UHF, half-duplex PTT combat net radios and tactical wireline systems when used with the HYX-57. Also used by non-tactical users for high-level communications in the local wideband telephone networks and wideband satellite terminals. The KY-57 is the manpack/vehicular model and the KY-58 is the airborne/shipborne version. The KY-57/58 is certified to pass data up to TOP SECRET and accepts key from the family of Common Fill Devices and also incorporates remote keying. KY-57/58 production was completed in 1993. No further production is planned. KY-58 photo by Tim Tyler Tim Tyler comments."The photo above depicts the KY-58 unit inside a USCG HH-65C 'Dolphin' helicopter taken in September 2008. It is currently configured just for use on their 225-400MHz aircraft band radio. Supposedly, they're in the process of upgrading the HH-65 helos into an MH-65 (Special Ops capable) configuration which will have APCO P-25 compliant radios (with AES crypto, for talking to other DHS agencies) as well as ANDVT / KY-100 type crypto for communicating with the military-side of USCG ops". The photo above depicts a KY-58 RCU installation in an A-10 attack aircraft.
  • A History of U.S. Communications Security (U)

    A History of U.S. Communications Security (U)

    A HISTORY OF U.S. COMMUNICATIONS SECURITY (U) THE DAVID G. BOAK LECTURES VOLUME II NATIONAL SECURITY AGENCY FORT GEORGE G. MEADE, MARYLAND 20755 The information contained in this publication will not be disclosed to foreign nationals or their representatives without express approval of the DIRECTOR, NATIONAL SECURITY AGENCY. Approval shall refer specifically to this publication or to specific information contained herein. JULY 1981 CLASSIFIED BY NSA/CSSM 123-2 REVIEW ON 1 JULY 2001 NOT RELEASABLE TO FOREI6N NATIONALS SECRET HA~mLE YIA COMINT CIIA~HJELS O~JLY ORIGINAL (Reverse Blank) ---------- • UNCLASSIFIED • TABLE OF CONTENTS SUBJECT PAGE NO INTRODUCTION _______ - ____ - __ -- ___ -- __ -- ___ -- __ -- ___ -- __ -- __ --- __ - - _ _ _ _ _ _ _ _ _ _ _ _ iii • POSTSCRIPT ON SURPRISE _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I OPSEC--------------------------------------------------------------------------- 3 ORGANIZATIONAL DYNAMICS ___ -------- --- ___ ---- _______________ ---- _ --- _ ----- _ 7 THREAT IN ASCENDANCY _________________________________ - ___ - - _ -- - _ _ _ _ _ _ _ _ _ _ _ _ 9 • LPI _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ I I SARK-SOME CAUTIONARY HISTORY __ --- _____________ ---- ________ --- ____ ----- _ _ 13 THE CRYPTO-IGNITION KEY __________ --- __ -- _________ - ---- ___ -- ___ - ____ - __ -- _ _ _ 15 • PCSM _ _ _ _ _ _ _ _ _ _ _ _ _ _
  • Going Dark: Impact to Intelligence and Law Enforcement and Threat Mitigation

    Going Dark: Impact to Intelligence and Law Enforcement and Threat Mitigation

    GOING DARK: IMPACT TO INTELLIGENCE AND LAW ENFORCEMENT AND THREAT MITIGATION Bonnie Mitchell Krystle Kaul G. S. McNamara Michelle Tucker Jacqueline Hicks Colin Bliss Rhonda Ober Danell Castro Amber Wells Catalina Reguerin Cindy Green-Ortiz Ken Stavinoha ACKNOWLEDGEMENTS We would like to first thank the Office of the Director of National Intelligence (ODNI) for its generous funding and support for our study and learning journey to the DEFCON hacking conference. We are also very grateful to the Department of Homeland Security (DHS) for its support during the duration of the program. We could not have completed this study without the unwavering support and dedication of Ms. Bonnie Mitchell, ODNI Deputy National Intelligence Manager for the Western Hemisphere and the Homeland, our devoted Team Champion who steered us throughout this study and helped turn an idea into a product. We would like to acknowledge and thank each member of our public-private sector working group for their tireless efforts from around the U.S., which includes Krystle Kaul, G. S. McNamara, Michelle Tucker, Jacqueline Hicks, Colin Bliss, Rhonda Ober, Danell Castro, Amber Wells, Catalina Reguerin, Cindy Green- Ortiz and Ken Stavinoha. We are very thankful for all the unique insight we received from interviewees who contributed to this report by educating our group on the many aspects of ‘going dark,’ and we take full responsibility for any and all errors of fact or interpretation implied or explicit in this paper. Our interviewees include the Village sponsors at DEF CON, private sector industry experts and government officials. We are thankful for the interesting and diverse perspectives particularly from senior government officials and private sector experts.
  • National Security Agency (NSA) Document: a History of U.S

    National Security Agency (NSA) Document: a History of U.S

    Description of document: National Security Agency (NSA) document: A History of U.S. Communications Security Post World-War II – released under Mandatory Declassification Review (MDR) Released date: February 2011 Posted date: 07-November-2011 Source of document: National Security Agency Declassification Services (DJ5) Suite 6884, Bldg. SAB2 9800 Savage Road Ft. George G. Meade, MD, 20755-6884 Note: Although the titles are similar, this document should not be confused with the David G. Boak Lectures available: http://www.governmentattic.org/2docs/Hist_US_COMSEC_Boak_NSA_1973.pdf The governmentattic.org web site (“the site”) is noncommercial and free to the public. The site and materials made available on the site, such as this file, are for reference only. The governmentattic.org web site and its principals have made every effort to make this information as complete and as accurate as possible, however, there may be mistakes and omissions, both typographical and in content. The governmentattic.org web site and its principals shall have neither liability nor responsibility to any person or entity with respect to any loss or damage caused, or alleged to have been caused, directly or indirectly, by the information provided on the governmentattic.org web site or in this file. The public records published on the site were obtained from government agencies using proper legal channels. Each document is identified as to the source. Any concerns about the contents of the site should be directed to the agency originating the document in question. GovernmentAttic.org is not responsible for the contents of documents published on the website. -----------------------------------------------------------------------~~) '; I .:· ! _k:::._,.l COMitfll A HISTORY OF U.S.
  • Dodi 8523.01, "Communications Security," January 6, 2021

    Dodi 8523.01, "Communications Security," January 6, 2021

    DOD INSTRUCTION 8523.01 COMMUNICATIONS SECURITY Originating Component: Office of the DoD Chief Information Officer Effective: January 6, 2021 Releasability: Cleared for public release. Available on the Directives Division Website at https://www.esd.whs.mil/DD/. Reissues and Cancels: DoD Instruction 8523.01, “Communications Security (COMSEC),” April 22, 2008 Approved by: Dana Deasy, DoD Chief Information Officer Purpose: In accordance with the authority in DoD Directive 5144.02, DoD Instruction 8500.01, and the Committee on National Security Systems Policy (CNSSP) No. 1, this issuance establishes policy, assigns responsibilities, and provides procedures for managing communications security (COMSEC). DoDI 8523.01, January 6, 2021 TABLE OF CONTENTS SECTION 1: GENERAL ISSUANCE INFORMATION .............................................................................. 3 1.1. Applicability. .................................................................................................................... 3 1.2. Policy. ............................................................................................................................... 3 SECTION 2: RESPONSIBILITIES ......................................................................................................... 4 2.1. DoD Chief Information Officer (DoD CIO). .................................................................... 4 2.2. Director, Defense Information Systems Agency. ............................................................. 4 2.3. Director, Defense Counterintelligence
  • Comsec & Opsec

    Comsec & Opsec

    Civil Air Patrol COMSEC & OPSEC Briefing for Communications Managers Ed Wolff 7 August 2019 ONE CIVIL AIR PATROL, EXCELLING IN SERVICE TO OUR NATION AND OUR MEMBERS! Consider some of the following “traditional” security programs: • Personnel Security • Personally Identifiable Information • Names, telephone numbers, addresses, call signs • Physical Security • Security of repeater sites • Security of radio equipment • Communications Security • Using encryption on VHF • Using off line encryption • Information Security • Encrypting files posted to the internet • Using password protected, member access web sites as compared to public facing sites ONE CIVIL AIR PATROL, EXCELLING IN SERVICE TO OUR NATION AND OUR MEMBERS! OPSEC Program • 18 August 2017 CAP OPSEC Officer and Asst OPSEC Officer Appointed • LtCol Ed Wolff, HQ OPSEC Officer • LtCol Brian Falvey, HQ Asst OPSEC Officer • Approved to establish joint CAP-USAF OPSEC Working Group with HQ CAP-USAF • Initial Critical Information List (CIL) developed • CAP-USAF staff assignment to OPSEC WG pending ONE CIVIL AIR PATROL, EXCELLING IN SERVICE TO OUR NATION AND OUR MEMBERS! 3 Do we need a security program? • XX Wing- PDF file that provides calls signs • X Region Communications Guidebook providing calls signs • XX Wing- Communications Exercise Plan with names, phone numbers, call signs, etc. • XX Region- Exercise Plan • XX Wing- Call sign list document • XX Wing- Call sign list • XX Wing- Call signs on web page • XX Region- Cal sign list ONE CIVIL AIR PATROL, EXCELLING IN SERVICE TO OUR NATION
  • Securing Record Communications: the TSEC/KW-26

    Securing Record Communications: the TSEC/KW-26

    MKlein Brochure.qxd 04/13/2006 1:45 PM Page 1 Securing Record Communications: The TSEC/KW-26 Melville Klein Preface One of the missions of the National Security Agency (NSA) is to protect classified information whether in storage, processing, or transit. Collectively, information system security (INFOSEC) is the development and application of hardware, software, and doctrine. The “in transit” element, called communications security (COMSEC), assures that the underlying information is protected from external exploitation, disruption, or misrepresentation and is available only to authorized recipients. This brochure tells the cradle-to-grave story of highly successful cryptographic equipment for teletypewriter (TTY) communications, the TSEC/KW-26 and the people who developed, produced, and fielded it. (The italicized words are defined in the appended glossary.) Teletypewriter COMSEC The changes in communication technology leading up to the introduction of the KW-26 date back to 1907 with the introduction of the Start/Stop method of synchronizing printing telegraph equipment by Charles L. Krumm and his son, Howard Krumm. Until that time synchronous printing telegraph systems employed constant length codes, e.g., a five-element Baudot. However, these systems required very accurate means for maintaining synchronism between electromechanical transmitting and receiving instruments. “Start/Stop” overcame this drawback by resynchronizing at the start of each character, making it no longer necessary to accurately control the speed of the instruments. 1 MKlein Brochure.qxd 04/13/2006 1:45 PM Page 2 Each character was assigned a unique five-unit combination of “marks and spaces” preceded by a start element and followed by a stop element.
  • Secure Communications Operational Tradecraft

    Secure Communications Operational Tradecraft

    DECISION SUPPORT SYSTEMS, inc. DSSI METATEMPO: SURVIVING GLOBALIZATION SECURE COMMUNICATIONS OPERATIONAL TRADECRAFT “HOW NOT TO BE SEEN” 11 JANUARY, 2002 DECISION SUPPORT SYSTEMS, INC. [email protected] HTTP://WWW.METATEMPO.COM COPYRIGHT 2002. ALL RIGHTS RESERVED PURPOSE Necessity is the plea for every infringement of human freedom. It is the argument of tyrants; it is the creed of slaves. —William Pitt, British Prime Minister, November 18, 1783 Trying to be ‘all things to all people’ can be disappointing for everyone involved—the writer can’t possibly satisfy every possible reader, nor can every reader find exactly what he/she/it is looking for. It is with full awareness of the problem that this document is written—an attempt to inform the layperson about secure communications tradecraft in the context of Al-Qaida. This will not satisfy the cypherpunk, nor the military, intelligence, or law enforcement reader, because an attempt will be made to remain objective and tell both of those sides of the story. The author’s personal political position is as such: n Technology provides many options to make privacy achievable—at a cost, but the fact remains that attempts to control the technology are a ‘losing proposition’ n Attempts at control of critical technology—cryptography, steganography, etc.—impede integration of such technology into hardware and software systems, with two deleterious effects: o Lack of integration means ‘ease of use’ affordances aren’t available o Lack of integration means the technology isn’t reliably available as
  • Safeguarding and Controlling Communications Security Material

    Safeguarding and Controlling Communications Security Material

    Headquarters Army in Europe United States Army, Europe, and Seventh Army United States Army Installation Management Agency Regulation 380-40* Europe Region Office Heidelberg, Germany 10 July 2003 Security Safeguarding and Controlling Communications Security Material *This regulation supersedes AE Regulation 380-40, 2 May 2003. For the CG, USAREUR/7A: MICHAEL L. DODSON Lieutenant General, USA Deputy Commanding General/ Chief of Staff Official: GARY C. MILLER Regional Chief Information Officer - Europe Summary. This regulation establishes policy and prescribes procedures for safeguarding, controlling, and disposing of communications security (COMSEC) material in the European region. Summary of Change. This revision provides updated procedures for controlling secure cellphones in private quarters (para 13c). Applicability. This regulation applies to organizations supported by USAREUR that handle COMSEC material. The policy and procedures in this regulation apply down to company level. Supplementation. Commanders will not supplement this regulation without USAREUR G2 (AEAGB-SAD-S) approval. Forms. This regulation prescribes AE Form 380-40A, AE Form 380-40B, AE Form 380-40C, AE Form 380-40D, and AE Form 380-40E. AE and higher-level forms are available through the Army in Europe Publishing System (AEPUBS). Records Management. Records created as a result of processes prescribed by this regulation must be identified, maintained, and disposed of according to AR 25-400-2. File numbers and descriptions are available on the Army Records Information Management System website at https://www.arims.army.mil. Suggested Improvements. The proponent of this regulation is the USAREUR G2 (AEAGB-SAD-S, DSN 370-7214). Users may suggest improvements to this regulation by sending DA Form 2028 to the USAREUR G2 (AEAGB-SAD-S), Unit 29351, APO AE 09014-9351.
  • U.S. Army Intelligence Activities

    U.S. Army Intelligence Activities

    Army Regulation 381–10 Military Intelligence U.S. Army Intelligence Activities Headquarters Department of the Army Washington, DC 3 May 2007 UNCLASSIFIED SUMMARY of CHANGE AR 381–10 U.S. Army Intelligence Activities This rapid action revision, dated 3 May 2007-- o Cancels the protective marking FOR OFFICIAL USE ONLY. o Changes major Army command to Army Command, Army Service Component Command, and Direct Reporting Unit throughout the publication. o Delineates Army Intelligence Components (para 1-1). o Changes major Army command to Commanders, U.S. Army Intelligence and Security Command and 650th MI Group (para 1-9b). o Rescinds Computer Trespassers (para 5-16). o Addresses the consensual intercept of computer trespasser communications and the approval requirements (paras 5-17 and 5-18). o Adds a provision addressing nonconsensual physical searches of non-U.S. persons outside the United States and the approval authorities (paras 7-4 and 7-5b). o Clarifies responsibility of commanders to provide access to personnel conducting oversight functions (para 14-3c). o Clarifies reporting requirements for questionable intelligence activity under Procedure 15 (paras 15-2b, 15-2c(1), 15-2c(4), 15-2d, 15-2e, 15-3a(1), and 15-6c). o Clarifies requirements for recurring intelligence oversight reporting (paras 15-6d, 15-6d(1), and 15-6d(2)). This major revision, dated 22 November 2005-- o Adds Army Reserve and Army National Guard responsibilities (paras 1-4k through n). o Delineates Army intelligence components (para 1-2). o Adds internet considerations and computer trespassers (paras 1-8, 5-4a, 5-4c, and 5-21).