Sending top secret information? There's an app for that
February 26th, 2013
06:34 PM ET

Sending top secret information? There's an app for that

By Mike Mount

Combat troops to four-star generals will soon be able to use cell phones or mobile tablets to quickly share classified information anywhere in the world.

The program soon to be rolled out by the Pentagon will allow the more than 600,000 Defense Department employees who use government-issued "smart" mobile devices to send top-secret information on those units or computers.

Until now, classified and other highly sensitive information has only been allowed to be shared by specially designated desktop systems.

Most Defense Department mobile device users peck away at Blackberries. Another 41,000 use Apple devices and a much smaller number use Android-based technology, according to statistics provided by the Pentagon.

The secure network would apply to all of those technologies.

"The application of mobile technology into global operations, integration of secure and non-secure communications, and development of portable, cloud-enabled capability will dramatically increase the number of people able to collaborate and share information rapidly," said Teri Takai, the Pentagon's chief information officer.

Mobile users range from ground troops in Afghanistan to the Joint Chiefs chairman to Pentagon policy wonks.

The motive for the Pentagon is to get a system in place as mobile technology increasingly advances.

The Pentagon eventually hopes to phase in a larger number of users and involve vendor competition to build a system that could possibly handle the agency's more than three million employees, officials said.

The initial system will allow mobile "smart" device users to run apps, e-mail and other functions securely even in remote and hostile locations.

The system will operate on commercial carrier networks that are able to handle classified data, according to Pentagon officials who briefed reporters on the plan.

Takai said the biggest challenge for the Pentagon has been to design a system that can fully leverage all of the uses of the "smart phones" in a way that allows the users to communicate securely.

"The challenge for the DOD is to balance the concern of cyber security with the need to have the capability of these devices," Takai said.

Post by:
Filed under: Military • Pentagon
soundoff (17 Responses)
  1. some guy

    The PLA IT Brigades are going to have a field day with these "secure" communication apps.

    February 28, 2013 at 2:57 pm | Reply
  2. Darrick

    They are going to lose it. just watch. I can't begin to tell you how many letters I have recieved from the military saying, "Sorry we lost another laptop with 25,000 peoples information on it." So now my question is what is the punishment for that?

    February 27, 2013 at 11:05 pm | Reply
  3. Zeus

    RSA, you're an idiot. You think since something is extremely difficult to achieve that makes it impossible just because you can't figure it out? That is one hell of an ego.

    February 27, 2013 at 3:55 pm | Reply
  4. Mark

    Interesting... but aren't Apple devices manufactured in China? What could possibly go wrong.

    February 27, 2013 at 12:52 pm | Reply
  5. RSA

    To all who say that this is easily hackable please answer the following:
    1. How do you plan on breaking RSA with 2056 bit encryption? – currently this has not even been close to getting done.
    2. How do you plan on breaking AES 256?

    February 27, 2013 at 11:01 am | Reply
    • Stel

      That's the point, the encryption would not need to be broken. Information could be captured before it's even passed to the app. The user's finger can't be encrypted!

      February 27, 2013 at 12:26 pm | Reply
    • basedonfact

      In November 2010 Endre Bangerter, David Gullasch and Stephan Krenn published a paper which described a practical approach to a "near real time" recovery of secret keys from AES-128 without the need for either cipher text or plaintext. The approach also works on AES-128 implementations that use compression tables, such as OpenSSL.[29] Like some earlier attacks this one requires the ability to run unprivileged code on the system performing the AES encryption, which may be achieved by malware infection far more easily than commandeering the root account.[

      February 27, 2013 at 2:42 pm | Reply
    • basedonfact

      On July 1, 2009, Bruce Schneier blogged[17] about a related-key attack on the 192-bit and 256-bit versions of AES, discovered by Alex Biryukov and Dmitry Khovratovich,[18] which exploits AES's somewhat simple key schedule and has a complexity of 2119. In December 2009 it was improved to 299.5. This is a follow-up to an attack discovered earlier in 2009 by Alex Biryukov, Dmitry Khovratovich, and Ivica Nikolić, with a complexity of 296 for one out of every 235 keys.[

      February 27, 2013 at 2:43 pm | Reply
    • basedonfact

      At RSA conference 2010 in San Francisco, the cryptographer panel consisting of legends such as Ron Rivest of MIT, Adi Shamir, and former NSA director Brian Snow cited one of the highlights from 2009 was the fact that both AES-128 and AES-256 have been broken. It took a lot of people by surprise that these two modes could be broken and the next logical question to ask would be is it no longer useful for data protection?

      February 27, 2013 at 2:45 pm | Reply
  6. Stel

    Absurd. In every OS there is an untold amount of potential exploits. Using a mainstream OS for this is just asking for a major breach of security. Regardless of how secure the app may or may not be, a hacker could always capture sensitive data by hacking through the OS, maybe at the hardware level by intercepting the touch screen coordinates on the virtual keyboard for example. With $700+ billion per year I'm surprised the military cannot develop their own OS for this hardware.

    February 27, 2013 at 8:23 am | Reply
    • Secrets!

      That makes more since then anything on here. The only problem will apple be able sue the US for patent infringement?!

      March 14, 2013 at 4:36 pm | Reply
  7. 1371usmc

    They need to follow the chain of command back on this one and fire who ever came up with this stupid idea.

    February 27, 2013 at 6:52 am | Reply
  8. what do i know

    Thank you for broadcasting it to the world. by tomorrow chinese will hack it and the day after tomorrow pentagon employees will use the same app to communicate the hacking news to each other.

    February 26, 2013 at 11:38 pm | Reply
  9. Richard

    Just create it and let us all hackers have easily access to that.

    February 26, 2013 at 8:20 pm | Reply
  10. Leonor

    And where and by whom were the "smart" devices (or for that matter any device in the network) built? Anything is only as secure as its weakest link and there are plenty of different possible points of failure in the full path of any data.

    February 26, 2013 at 7:59 pm | Reply

Post a comment


 

CNN welcomes a lively and courteous discussion as long as you follow the Rules of Conduct set forth in our Terms of Service. Comments are not pre-screened before they post. You agree that anything you post may be used, along with your name and profile picture, in accordance with our Privacy Policy and the license you have granted pursuant to our Terms of Service.